sync-by-unito[bot]
commented
3 weeks ago ➤ PM Bot commented:
Jira ticket: RJS-2810
Open aliza-khu opened 3 weeks ago
sync-by-unito[bot]
commented
3 weeks ago ➤ PM Bot commented:
Jira ticket: RJS-2810
kneth
commented
3 weeks ago @aliza-khu Thank you for reporting, and hinting which categories we need to include. We will try to address the issue as soon as possible - as you know our first attempt failed.
aliza-khu
commented
3 weeks ago @aliza-khu Thank you for reporting, and hinting which categories we need to include. We will try to address the issue as soon as possible - as you know our first attempt failed.
@kneth, Pleasure. Can you please add the PrivacyInfo.xcprivacy ASAP. As 1st, May is too close now(Apple deadline for next release).
nirinchev
commented
3 weeks ago @aliza-khu our understanding is that the realm-js SDK is not covered by the list of 3rd party SDKs that are covered by the requirement to have a privacy manifest: https://developer.apple.com/support/third-party-SDK-requirements/ by May 1st. So if you only use realm-js and not realm-swift, you should not be affected by the May 1st deadline.
aliza-khu
commented
3 weeks ago @nirinchev, Have you tried the command: sh required_reason_api_binary_scanner.sh {directory} refer: https://github.com/Wooder/ios_17_required_reason_api_scanner/blob/main/required_reason_api_binary_scanner.sh
While executing this command I found the app binary file generated contains the statvfs method which only be found in the realm library I used.
Ref: Used symbols in binary ./XCFrameworkIntermediates/RealmJS/librealm-js-ios.a: fstat, stat, statvfs
The method statvfs relying under the privacy Declaration of the required reason API category due to which the app store asking the same for my app as using the realm library.
Feel free to ask the query.
kneth
commented
3 weeks ago @aliza-khu We are trying to figure out how to fix it, and we would like to ask you to try the following:
node_modules/realm/RealmJS.podspec (after the s.frameworks line):s.resource_bundles = { 'realm_js_privacy' => ['PrivacyInfo.xcprivacy'] }node_modules/realm/PrivacyInfo.xcprivacy:<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>NSPrivacyTrackingDomains</key>
<array/>
<key>NSPrivacyCollectedDataTypes</key>
<array/>
<key>NSPrivacyAccessedAPITypes</key>
<array>
<dict>
<key>NSPrivacyAccessedAPITypeReasons</key>
<array>
<string>C617.1</string>
</array>
<key>NSPrivacyAccessedAPIType</key>
<string>NSPrivacyAccessedAPICategoryFileTimestamp</string>
</dict>
</array>
<key>NSPrivacyTracking</key>
<false/>
</dict>
</plist>In my simple RN app, I don't see Ref: Used symbols in binary ./XCFrameworkIntermediates/RealmJS/librealm-js-ios.a: fstat, stat, statvfs after adding it. If you can confirm, our confidence of a solution is higher.
aliza-khu
commented
2 weeks ago @kneth, I follow the instructions you provided and also refer to others and how they handle them. I created a sample react-native project and added only the realm dependency. Please use the link I shared, download it and follow the below instructions to reach the actual problem.
Link: https://drive.google.com/file/d/1mZ9-GbHf8xR6XUet3HFPeWqnL9dG4z1r/view?usp=sharing
Steps:
pod install.sh required_reason_api_binary_scanner.sh /Library/Developer/Xcode/DerivedData/RealmPrivacy-<anything>/Build/Products/Debug-iphoneos and you will see the below log:As you can see it says realm somewhere used directly or indirectly statvfs method. For your reference, you can visit this page: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api#4278397 where Apple has a list of methods due to which realm has to declare the NSPrivacyAccessedAPIType - NSPrivacyAccessedAPICategoryDiskSpace in its PrivacyInfo.xcprivacy file.
Sample:
Feel free to ask any query.
kneth
commented
2 weeks ago @aliza-khu We have used your app to test in #6642. So far we have only validated the app locally, and we might want to upload the app (or a similar one) to Apple App Store for review. We plan to create a prerelease tomorrow or Friday for you to test.
aliza-khu
commented
2 weeks ago @kneth, Okay, Thank You!
kneth
commented
2 weeks ago @aliza-khu We have released v12.8.1-alpha.0 with a privacy manifest which we believe solve the issue.
Please try to upgrade (npm install realm@12.8.1-alpha.0) and give us feedback before we do the final release.
kneth
commented
5 days ago @aliza-khu Did you have a chance to install 12.8.1-alpha.0?
aliza-khu
commented
5 days ago @kneth, Yes, I installed the version you shared but it is pending to deploy for development review due to the urgency. Once I receive any update regarding that I will share it here.
How frequently does the bug occur?
Always
Description
I am receiving the email from the apple store regarding ITMS-91053: Missing API Declaration for NSPrivacyAccessedAPICategoryDiskSpace
PrivacyInfo.xcprivacy has to be included in the repo of realm.
I guess based on the log output: NSPrivacyAccessedAPICategoryFileTimestamp AND NSPrivacyAccessedAPICategoryDiskSpace required with proper reason of usage.
Stacktrace & log output
Can you reproduce the bug?
Always
Reproduction Steps
Refer to the Apple Link: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api Refer to the blog link: https://dev.to/aishanipach/include-nsprivacyaccessedapicategorydiskspace-nsprivacyaccessedapicategoryfiletimestamp-information-59hi
sh required_reason_api_binary_scanner.sh {directory}
Version
12.7.1
What services are you using?
Local Database only
Are you using encryption?
Yes
Platform OS and version(s)
iOS 17.3
Build environment
Which debugger for React Native: ..
Cocoapods version
No response