search

apollographql / apollo-ios

📱  A strongly-typed, caching GraphQL client for iOS, written in Swift.
https://www.apollographql.com/docs/ios/
MIT License
3.87k stars 717 forks source link

PrivacyInfo.xcprivacy file is invalid for Apollo and ApolloApi. #3359

Closed azilbershtein closed 6 months ago

azilbershtein commented 6 months ago

Summary

TMS-91056: Invalid privacy manifest - The PrivacyInfo.xcprivacy file from the following path is invalid: “Frameworks/Apollo.framework/PrivacyInfo.xcprivacy”. ITMS-91056: Invalid privacy manifest - The PrivacyInfo.xcprivacy file from the following path is invalid: “Frameworks/ApolloAPI.framework/PrivacyInfo.xcprivacy”.

Version

1.9.2

Steps to reproduce the behavior

Submit a version the includes the Apollo SDK to the store.

Logs

No response

Anything else?

No response

calvincestari commented 6 months ago

Thanks for reporting the issue @azilbershtein.

TMS-91056: Invalid privacy manifest - The PrivacyInfo.xcprivacy file from the following path is invalid: “Frameworks/Apollo.framework/PrivacyInfo.xcprivacy”. ITMS-91056: Invalid privacy manifest - The PrivacyInfo.xcprivacy file from the following path is invalid: “Frameworks/ApolloAPI.framework/PrivacyInfo.xcprivacy”.

This doesn't give us much detail to work with unfortunately. Is there anything else related to the error? Have you confirmed that the privacy manifest files are in those locations and look like valid xml if you manually inspect them?

Submit a version the includes the Apollo SDK to the store.

We don't submit apps to the App Store so we cannot confirm this reproduction step; is there another way to reproduce this validation? Does Xcode have a standalone validation step that produces the same error?

azilbershtein commented 6 months ago

The file is there, it's just invalid. You can also see it in Xcode. Screenshot 2024-03-21 at 10 01 29 API types for example have to be type and a reason.

azilbershtein commented 6 months ago

Also, starting May 1 this will be requirement by Apple, this is next part of their warning. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, keys and values in your app’s privacy manifest must be in a valid format. For more details about privacy manifest files, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files Can you prioritize this fix?

calvincestari commented 6 months ago

The file is there, it's just invalid.

That is what is unclear to me - how is it invalid?

Apollo iOS does not do any tracking of any sort, nor does it use any of the reason required APIs. After reading through Apple's privacy manifest documentation again I think it might be because we have arrays for the NSPrivacyCollectedDataTypes and NSPrivacyAccessedAPITypes but they don't declare any of the required types because they don't use any. Maybe we're not meant to have those arrays and they parent keys are just empty?

I made that change and pushed it up to the fix/privacy-manifests branch. Try point your project at that branch and see if it resolves the validation issue? If it does then I'll merge it into main and we can make a patch release.

azilbershtein commented 6 months ago

The fix on your branch looks good, I don't get any warnings.

calvincestari commented 6 months ago

That's great news! I'll get that merged into main and we'll make a patch release so everyone can get the fix.

github-actions[bot] commented 6 months ago

Do you have any feedback for the maintainers? Please tell us by taking a one-minute survey. Your responses will help us understand Apollo iOS usage and allow us to serve you better.