Apple Privacy Manifest

[leofolive]

Summary

About: https://developer.apple.com/news/?id=r1henawx

I found the use of NSFileModificationDate in react-native-maps and (mach_absolute_time, NSFileCreationDate, NSFileModificationDate, NSURLContentModificationDateKey, NSUserDefaults, NSFileSystemFreeSize, NSURLCreationDateKey, stat) in other libraries of Google Maps.

Should we create an Apple Privacy Manifest and declare it?

Reproducible sample code

Used symbols in binary ./XCFrameworkIntermediates/GoogleMaps/Maps/GoogleMaps.framework/GoogleMaps: mach_absolute_time, NSFileCreationDate, NSFileModificationDate, NSURLContentModificationDateKey, NSUserDefaults
Used symbols in binary ./XCFrameworkIntermediates/GoogleMaps/Base/GoogleMapsBase.framework/GoogleMapsBase: NSFileSystemFreeSize, NSURLContentModificationDateKey, NSURLCreationDateKey, NSUserDefaults, stat
Used symbols in binary ./React-native-maps/libreact-native-maps.a: NSFileModificationDate

### Steps to reproduce

Get it manually from the source code or run the script: https://github.com/Wooder/ios_17_required_reason_api_scanner

### Expected result

Declare APIs in an Apple Privacy Manifest.

### Actual result

react-native-maps doesn't declare APIs in an Apple Privacy Manifest.

### React Native Maps Version

1.11.3

### What platforms are you seeing the problem on?

iOS (Apple Maps), iOS (Google Maps)

### React Native Version

0.73.5

### What version of Expo are you using?

Not using Expo

### Device(s)

only IOS

### Additional information

_No response_

[gkasireddy202]

@LFMAKER - How to check which library needs to add the iOS privacy manifest for the react-native project?

[leofolive]

@LFMAKER - How to check which library needs to add the iOS privacy manifest for the react-native project?

I got some hints by running this script: https://github.com/Wooder/ios_17_required_reason_api_scanner

[gkasireddy202]

@LFMAKER - How to check which library needs to add the iOS privacy manifest for the react-native project?

I got some hints by running this script: https://github.com/Wooder/ios_17_required_reason_api_scanner

@LFMAKER - Thanks.

[gkasireddy202]

@LFMAKER - Is this sh required_reason_api_text_scanner.sh {directory_name} script is enough to find out which library needs iOS privacy manifest file?

[leofolive]

@LFMAKER - Is this sh required_reason_api_text_scanner.sh {directory_name} script is enough to find out which library needs iOS privacy manifest file?

This script helps but it can't identify everything. I recommend using it and investigating library by library along with the documentation of functions that Apple has provided.
https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api

[leofolive]

@salah-ghanim

[leofolive]

"Google Maps Workaround: For everyone who needs to declare GoogleMaps only (this will not declare NSFileModificationDate of react-native-maps):

Used symbols in binary ./XCFrameworkIntermediates/GoogleMaps/Maps/GoogleMaps.framework/GoogleMaps: mach_absolute_time, NSFileCreationDate, NSFileModificationDate, NSURLContentModificationDateKey, NSUserDefaults
Used symbols in binary ./XCFrameworkIntermediates/GoogleMaps/Base/GoogleMapsBase.framework/GoogleMapsBase: NSFileSystemFreeSize, NSURLContentModificationDateKey, NSURLCreationDateKey, NSUserDefaults, stat

You can download the privacy at the link (https://developers.google.com/maps/documentation/ios-sdk/config#add-apple-privacy-manifest-file) and add it into your Xcode project's top level directory. You need to add it to the Build Phase 'Copy Bundle Resources'.

The Apple Privacy Manifest for react-native-maps is still necessary due to NSFileModificationDate, and we should update the Google Maps iOS SDK to the latest version. The correct approach is to add the privacy manifest directly into the SDK, not at your app level.

[salah-ghanim]

fixed in v1.15.2

[artyorsh]

Hey @salah-ghanim

We had an AppStore submission today, and it seems that NSFileModificationDate is invalid PrivacyInfo key. Here is a response from Apple:

_ITMS-91054: Invalid API category declaration - The PrivacyInfo.xcprivacy for the “App” file contains “NSFileModificationDate” as the value for a NSPrivacyAccessedAPIType key, which is invalid. Values for NSPrivacyAccessedAPIType keys in any privacy manifest must be valid API categories. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.

ITMS-91054: Invalid API category declaration - The PrivacyInfo.xcprivacy for the “Frameworks/libswift_Concurrency.dylib” file contains “NSFileModificationDate” as the value for a NSPrivacyAccessedAPIType key, which is invalid. Values for NSPrivacyAccessedAPIType keys in any privacy manifest must be valid API categories. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api._

To verify, I greped the node_modules and Pods folders to find references, and it turns out that in our case it's only declared react-native-maps package.

[TiKevin83]

Hey @salah-ghanim

We had an AppStore submission today, and it seems that NSFileModificationDate is invalid PrivacyInfo key. Here is a response from Apple:

_ITMS-91054: Invalid API category declaration - The PrivacyInfo.xcprivacy for the “App” file contains “NSFileModificationDate” as the value for a NSPrivacyAccessedAPIType key, which is invalid. Values for NSPrivacyAccessedAPIType keys in any privacy manifest must be valid API categories. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.

ITMS-91054: Invalid API category declaration - The PrivacyInfo.xcprivacy for the “Frameworks/libswift_Concurrency.dylib” file contains “NSFileModificationDate” as the value for a NSPrivacyAccessedAPIType key, which is invalid. Values for NSPrivacyAccessedAPIType keys in any privacy manifest must be valid API categories. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api._

To verify, I greped the node_modules and Pods folders to find references, and it turns out that in our case it's only declared react-native-maps package.

Yeah based on that error I think it should be changed to "NSPrivacyAccessedAPICategoryFileTimestamp" - I'm encountering the same thing.

[jblemee]

@TiKevin83 @artyorsh Same issue here, did you find a workaround ?

[jblemee]

I may find one:

• Make sure that your PrivacyInfo.xcprivacy does not contains NSFileModificationDate
• Do not run pod install on CI or Build which will update the PrivacyInfo.xcprivacy
• For instance on Podfile I've added privacy_file_aggregation_enabled :

  use_react_native!(
    privacy_file_aggregation_enabled: false,
    :path => config[:reactNativePath],

[artyorsh]

workaround ?

Just bind react-native maps to v1.15.1. It includes privacy manifest since v1.15.2

[TiKevin83]

workaround ?

Just bind react-native maps to v1.15.1. It includes privacy manifest since v1.15.2

Artur, the issue is that the privacy manifest is broken. NSFileModificationDate should instead be NSPrivacyAccessedAPICategoryFileTimestamp. For people looking for a quick fix you can swap it out using patch-package.

[artyorsh]

I believe for most of the apps it should be fine (unless react-native-maps uses it with different reasons) since NSPrivacyAccessedAPICategoryFileTimestamp is included in react-native itself.

[TiKevin83]

I believe for most of the apps it should be fine (unless react-native-maps uses it with different reasons) since NSPrivacyAccessedAPICategoryFileTimestamp is included in react-native itself.

Ah I see you mean downgrading to 1.15.1 - that seems reasonable temporarily as well.

[salah-ghanim]

@TiKevin83 @artyorsh @jblemee I just created a new pull request with the NSPrivacyAccessedAPICategoryFileTimestamp value instead of NSFileModificationDate, would be nice if someone can quickly review this else I will merge it soon since there shouldn't be a downside (current version is broken)

#5078

[salah-ghanim]

closing since it's merged