Apple's update to their API policy - Required Reason

[Muhammadbarznji]

Problem

Apple now requires all API calls covered by this ruleset (https://developer.apple.com/news/?id=z6fu1dcu) to be declared within a privacy manifest file.

Feature Request

Certain APIs, used within your app's core functionality (either in your own code or third-party SDKs), could be misused to gather device data for fingerprinting purposes. This applies regardless of user tracking permissions. To ensure transparency, Apple requires developers to describe the reasons behind using these "Required Reason" APIs in their app's privacy manifest file. Additionally, verification is needed to confirm these APIs are only used for their intended purposes.

[chrisvasselli]

Thanks for reporting this, but since this framework is not meant to be included in production builds of apps, this doesn't apply.

[Muhammadbarznji]

Hi @chrisvasselli, thanks for the response. From my understanding, Apple doesn't differentiate between packages used in app targets or test targets when enforcing their guidelines. For instance, if Package ABC incorporates your framework, Apple may still reject the app. Please correct me if I'm mistaken. Thanks for your attention to this matter.

[chrisvasselli]

Thanks Muhammad! As far as I know, since the test targets are never uploaded to Apple, I don't see how Apple would ever even know that someone was using this framework. And since the test targets are never put on user's devices, the rules around fingerprinting aren't really relevant.

Let me know if there's something I'm misunderstanding, but as far as I can tell I don't think there's anything we need to do for this project!

[Muhammadbarznji]

Hey @chrisvasselli, that's interesting! Could you take a look at this issue in the package? Here's the link: https://github.com/siteline/swiftui-introspect/issues/406