Receiving Apple privacy manifest warning on NSPrivacyAccessedAPICategoryUserDefaults

[miguelespinoza]

SDK version: 3.6.0

Are logs available? no

Describe the issue

I've upgraded to 3.6.0 that includes support for the privacy manifest, but getting this last warning from Apple. Is this service pulled in by customer.io? If so, is there a way to set the privacy manifest for this service?

ITMS-91053: Missing API declaration - Your app’s code in the “PlugIns/NotificationService.appex/NotificationService” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryUserDefaults. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code.

[Shahroz16]

Hey @miguelespinoza, it looks like you are using expo.

and It seems like an Apple issue

As of now, Apple does not correctly parse all the PrivacyInfo files included by static CocoaPods dependencies (such as Expo SDK packages and other ecosystem libraries). You may need to include the required reasons for the APIs used by those dependencies in your app's PrivacyInfo.xcprivacy file or the configuration in the app.json.

and their suggestion

You can usually identify the required reasons for the APIs used by other third-party libraries by checking if the library you intend to use has a PrivacyInfo.xcprivacy file in the node_modules/package_name/ios directory. If it does, you can check the NSPrivacyAccessedAPITypes and NSPrivacyAccessedAPITypeReasons values in that file and copy those values to your configuration.

suggest expo users will need to add these permission manually, until Apple fixes it.

[miguelespinoza]

that's correct @Shahroz16 , when I generate the RN.app build artifact, I get this in PlugIn/NotificationService.appex. I've followed the instructions in Expo's docs. Included NSPrivacyAccessedAPICategoryUserDefaults, but makes no difference

although after further digging, looks like I might be missing another privacy usage reason. Giving this a shot

[Shahroz16]

@miguelespinoza awesome, keep us updated :) In the meantime, I'll be closing this ticket, feel free to reopen in case you have more findings.

[miguelespinoza]

no luck with the attempt above :/ continuing to look for other options

[Shahroz16]

Maybe try the same approach as https://github.com/customerio/customerio-expo-plugin/issues/138