search

microsoft / appcenter-sdk-apple

Development repository for the App Center SDK for iOS, macOS and tvOS.
Other
565 stars 224 forks source link

Privacy manifest formats are invalid and use wrong codes #2538

Closed codewithmichael closed 5 months ago

codewithmichael commented 5 months ago

Description

The provided privacy manifests have a number of issues:

  1. NSPrivacyCollectedDataTypePurposes takes an array of strings, not a string -- this is a problem for the provided NSPrivacyCollectedDataTypeCrashData, NSPrivacyCollectedDataTypePerformanceData, and NSPrivacyCollectedDataTypeOtherDiagnosticData collected data types, and appears to have been copy pasted across all provided manifests.
  2. The provided NSPrivacyAccessedAPICategoryFileTimestamp code of 35F9.1 is not valid for that API category. 35F9.1 is a code for the NSPrivacyAccessedAPICategorySystemBootTime category. Either the category needs to change or the code does.
  3. The provided NSPrivacyAccessedAPICategoryUserDefaults code of C56D.1 may only be used if your NSUserDefaults calls are within a simple wrapper function specifically designed to perform said task and only called when specifically requested by the parent application, but this is not the case. In the AppCenter source, NSUserDefaults is used in a number of places to directly load or change standardUserDefaults values -- notably inside applicationDidFinishLaunching: which runs automatically without direct developer request. The appropriate code to use here is likely CA92.1.
  4. Regarding bullet point 2, a binary scan of the 5.0.4 release using nm doesn't show any use of any of the APIs listed for NSPrivacyAccessedAPICategoryFileTimestamp or NSPrivacyAccessedAPICategorySystemBootTime. As a matter of fact, the only referenced documentation-required API appcenter-sdk-apple appears to use is NSUserDefaults. If these other APIs are used somewhere, could you please share where they are to determine what the proper codes should be?
DmitriyKirakosyan commented 5 months ago

@codewithmichael, thank you for the report! I have updated our PrivacyInfo files based on your notes. Please take a moment to review them.

Regarding the NSPrivacyAccessedAPICategoryFileTimestamp, the file Vendor/SQLite3/sqlite3.c utilizes the fstat API, which is specified as a reason for including NSPrivacyAccessedAPICategoryFileTimestamp. See https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api#4278393.

codewithmichael commented 5 months ago

It all looks good to me.

Regarding the use of fstat, I still don't see it linked into the release binaries we downloaded for 5.0.4. It may be getting filtered out based on compiler/flags -- still, better to be safe and I'd rather keep it in than not.

Thanks :)