Open wlxo0401 opened 6 months ago
This is going to become an absolute prerequisite by Spring 2024, so that apps built with CocoaMQTT will still pass validation by Apple. The deadline is explicitly stated on Apple's site.
This is going to become an absolute prerequisite by Spring 2024, so that apps built with CocoaMQTT will still pass validation by Apple. The deadline is explicitly stated on Apple's site.
When will Apple's claimed spring start in April of March? If PrivacyManifest is not added to the library by that time, will I not be able to submit the app?
Okay after further reading and gathering of information on Apple's side, it seems that:
So in my interpretation, it's not mandatory for CocoaMQTT now; but it may be in the long run, and it could be a good thing to just declare an "empty" manifest right away, so that it's done once and for all. Take for example SnapKit, which obviously doesn't collect anything, but has already added the manifest: https://github.com/SnapKit/SnapKit/blob/4478b2234e85c36b9f2c855d909037dc4dc08eda/Sources/PrivacyInfo.xcprivacy#L5
Okay after further reading and gathering of information on Apple's side, it seems that:
- only the SDKs listed by Apple on their big list will be REQUIRED to declare a privacy manifest (whether they use the information they collect, or not) before spring 2024
- every SDK not on the list is not required to declare the manifest, ONLY those who actually use personal information
- at some point in the future, every SDK will need a manifest, but it won't be enforced for now.
So in my interpretation, it's not mandatory for CocoaMQTT now; but it may be in the long run, and it could be a good thing to just declare an "empty" manifest right away, so that it's done once and for all. Take for example SnapKit, which obviously doesn't collect anything, but has already added the manifest: https://github.com/SnapKit/SnapKit/blob/4478b2234e85c36b9f2c855d909037dc4dc08eda/Sources/PrivacyInfo.xcprivacy#L5
That's right. CocoaMQTT also looks good to add 'PrivacyInfo'.
However, library developers are not responding.
And 'CocoaMQTT' seems to refer to 'Starscream'.
'Starscream' is also a must to add 'PrivacyInfo', but its developers are not responding either.
Even for libraries referencing 'Starscream', 'PrivacyInfo' is a must...
Starscream Privacy Manifest Issue
We need to check the above issue as well.
@HJianBo Please share your opinion.
The 'Starscream' library has also been updated. I think we need to update the dependencies considering as well.
also check https://github.com/leeway1208/MqttCocoaAsyncSocket
@HJianBo, @leeway1208 Please check this issue.
@wlxo0401 It would be more advantageous if it could be included in the main repo. I will proceed with the fork I developed. I haven't encountered any problems in my tests so far. I hope it will works. The original developers are probably dead, at least mentally.
I think CocoaMQTT needs privacy manifest.
The 'starsream' library requires PrivacyInfo to be applied, and so does the 'starsream' repackaged libraries.
https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api https://developer.apple.com/support/third-party-SDK-requirements/