Hackmodford
commented
4 months ago I am getting these plus an additional NSPrivacyAccessedAPICategoryDiskSpace. I'm not sure if this is because of Sentry.
Closed gwise-vision closed 2 months ago
Hackmodford
commented
4 months ago I am getting these plus an additional NSPrivacyAccessedAPICategoryDiskSpace. I'm not sure if this is because of Sentry.
kahest
commented
4 months ago Thanks for reporting, this is a new-ish requirement from Apple. We ship a privacy manifest file with our iOS SDK: https://github.com/getsentry/sentry-cocoa/blob/d9cd5f198e563954ae089c07bd05096cb199b1fb/Sources/Resources/PrivacyInfo.xcprivacy
We keep this updated with the types of APIs we use and the allowed reasons under which we use it - this includes the APIs you listed above. We recently removed usage of the DiskSpace API, therefore we don't list it in the privacy manifest.
We'll see how we can best automate this for users of this SDK and keep you posted.
gwise-vision
commented
4 months ago Let's test it again.
Thanks for reporting, this is a new-ish requirement from Apple. We ship a privacy manifest file with our iOS SDK: https://github.com/getsentry/sentry-cocoa/blob/d9cd5f198e563954ae089c07bd05096cb199b1fb/Sources/Resources/PrivacyInfo.xcprivacy
We keep this updated with the types of APIs we use and the allowed reasons under which we use it - this includes the APIs you listed above. We recently removed usage of the DiskSpace API, therefore we don't list it in the privacy manifest.
We'll see how we can best automate this for users of this SDK and keep you posted.
Hackmodford
commented
4 months ago Let's test it again.
Thanks for reporting, this is a new-ish requirement from Apple. We ship a privacy manifest file with our iOS SDK: https://github.com/getsentry/sentry-cocoa/blob/d9cd5f198e563954ae089c07bd05096cb199b1fb/Sources/Resources/PrivacyInfo.xcprivacy We keep this updated with the types of APIs we use and the allowed reasons under which we use it - this includes the APIs you listed above. We recently removed usage of the DiskSpace API, therefore we don't list it in the privacy manifest. We'll see how we can best automate this for users of this SDK and keep you posted.
I don't think there's anything to test until this library is updated?
michiel-nwa
commented
3 months ago Just a note (as I'm looking into this) The reasons you can specify to allow Sentry to use these API's mention that it must be optional for the user to send the bug report and that the submitted data must be clearly shown on screen. (boot time, timestamp) Besides having the privacy manifest in place you either need to implement some form of consent for the bug report or scrub the data before sending it.
kahest
commented
3 months ago Hey @michiel-nwa thanks for chiming in - the reasons we use don't restrict sending the data off-device, with the exception of 35F9.1 for system boot time APIs, which states "information about the amount of time that has elapsed between events that occurred within the app [...] may be sent off-device", which is in line with our usage of these APIs.
michiel-nwa
commented
3 months ago ah that's great, I was checking my Sentry reports and device boot time was in there, but we aren't on the latest client-side implementation. Will upgrade.
@kahest After upgrading: it still does seem the latest sentry-xamarin version (2.0.0) submits the device boottime to Sentry. So still worth attention from anyone using Sentry-xamarin.
lucas-zimerman
commented
2 months ago As far as I have tested the following AppPrivacy seems to be passing when sending an app with Sentry Xamarin
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>NSPrivacyAccessedAPITypes</key>
<array>
<dict>
<key>NSPrivacyAccessedAPITypeReasons</key>
<array>
<string>CA92.1</string>
</array>
<key>NSPrivacyAccessedAPIType</key>
<string>NSPrivacyAccessedAPICategoryUserDefaults</string>
</dict>
</array>
</dict>
</plist>
When you upload the xamairn.ios app to the Apple Store with Sentry, you will see a warning like the one below.
TMS-91053: Missing API declaration - Your app’s code in the “VisionInventory.iOS” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategorySystemBootTime. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.
ITMS-91053: Missing API declaration - Your app’s code in the “VisionInventory.iOS” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryFileTimestamp. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.
Apple Developer Relations