Support Privacy Manifest

[benMohamed]

I'm getting emails back from Apple about this because your library is not compliant.

ITMS-91053: Missing API declaration - Your app’s code in the “YourApp” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryUserDefaults. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.

[evgenyneu]

What keychain-swift version are you using? The privacy manifest has been included in version 21.

[benMohamed]

Yes, I use version 21.0.0, I think your privacy should contain that key "NSPrivacyAccessedAPICategoryUserDefaults"

[evgenyneu]

This library does not use any of the API that are required for declaration, including UserDefaults.

See https://github.com/evgenyneu/keychain-swift/blob/master/Sources/PrivacyInfo.xcprivacy

The NSPrivacyAccessedAPICategoryUserDefaults is the value of NSPrivacyAccessedAPIType key in the dictionary inside NSPrivacyAccessedAPITypes array, which is empty for this library, since we are not using any APIs required for declaration

[benMohamed]

in my app, the only library I use is KeychainSwift. Therefore, I believe you need to verify this key. You can create an empty project with only your library, then try to publish it. You will receive the same email automatically.

[ChrisMarshallNY]

Just FYI. Here's how I express this in my project. Apple hasn't nagged me about it (yet). Their documentation leaves a bit to be desired, but I think I got it right.

[benMohamed]

please, @ChrisMarshallNY What does <string>CA92.1</string> mean ?

[ChrisMarshallNY]

That's the value that says basically that you are using it the way it says on the tin. It's like the "NO" thing in the uses encryption.

It might very well apply, here. Like I said, their documentation is ... sparse.

[benMohamed]

thank you @ChrisMarshallNY

[hatched-krzysztof]

@evgenyneu Here is PR that adds manifest to the pod spec, without it manifest file is missing in the framework we build via cocoapods https://github.com/evgenyneu/keychain-swift/pull/188

[benMohamed]

@evgenyneu I created this PR to fix the privacy file issue

[DeanCarter]

@benMohamed

At present, the privacy file of version 22.0 is imported directly instead of bundle, causing a conflict with the privacy name of the project itself.

"resources": "Sources/PrivacyInfo.xcprivacy" should be modified to

"resource_bundles": { "KeychainSiwft": [ "Source/PrivacyInfo.xcprivacy" ] }

[manusalinas-mx]

@benMohamed

At present, the privacy file of version 22.0 is imported directly instead of bundle, causing a conflict with the privacy name of the project itself.

"resources": "Sources/PrivacyInfo.xcprivacy" should be modified to

"resource_bundles": { "KeychainSiwft": [ "Source/PrivacyInfo.xcprivacy" ] }

@DeanCarter @benMohamed @evgenyneu I have same issue. any idea to solve it?

ISSUE

Multiple commands produce '/Users/me/Library/Developer/Xcode/DerivedData/sharetec-aytxuukqkljfgpgqfcpiagtdqwwo/Build/Products/Debug-iphonesimulator/MyApp.app/PrivacyInfo.xcprivacy'

[evgenyneu]

@DeanCarter thanks, I updated podspec to use the resource_bundles as you suggested. Available in version 24.