Apple's update to their API policy - Required Reason in Privacy manifest

datatheorem / TrustKit

Easy SSL pinning validation and reporting for iOS, macOS, tvOS and watchOS.

MIT License

2k stars 360 forks source link

Apple's update to their API policy - Required Reason in Privacy manifest #319

Closed kdvmgn closed 4 months ago

kdvmgn commented 8 months ago

Hi,

From Fall 2023 Apple starts rolling out new privacy requirements, The apps and third-party SDKs should contain a privacy manifest file when they access required reason API. TrustKit SDK uses [NSUserDefaults].(https://developer.apple.com/documentation/foundation/nsuserdefaults) which is required description of use in PrivacyManifest. Otherwise, apps that don’t describe their use of required reason API in their privacy manifest file won’t be accepted by App Store Connect. Here is a link to the [Apple documentation].(https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api).

Do you have plans to add privacy manifest files to the TrustKit?

EthanArbuckle commented 4 months ago

Apple published a list of the SDKs that require a manifest: https://developer.apple.com/support/third-party-SDK-requirements

It's my understanding that SDKs not on this list do not require the manifest

SwiftNativeDeveloper commented 4 months ago

@EthanArbuckle

These are just the high profile ones that are used by tons of developers so Apple is forcing their hands to comply. It is still a best practice for all libraries to provide the privacy manifest.

The intent is to make the ecosystem a safer place for users, as well as developers. The digital signature part of the manifest is designed to detect dependency graph injections / attacks.

IMHO, all third party libraries should do this. I remember back in the day some SDK was using Location APIs but didn't disclose it in their compiled binary which forced my team to add a location usage description string even though we didn't use location.

You don't want to be the SDK that cost a developers HOURS trying to figure out why their code is rejected by Apple app processing for using a required reason API when their code doesn't do it--but your library does.

manahilov commented 4 months ago

I see that TrustKit is using NSUserDefaults thus the SDK needs a Privacy manifest. https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api

dp221125 commented 4 months ago

Hello, I have submitted a PR to resolve the issue at hand. As noted in the body of the PR, it would be helpful if we could consider together whether the NSPrivacyAccessedAPITypeReasons I selected are appropriate. #325