New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(client/cordova/apple/ios): add privacy info to comply with Apple's API changes #2009
chore(client/cordova/apple/ios): add privacy info to comply with Apple's API changes #2009
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looking at the docs I can't see how we use 3/4 of the APIs. Could they be coming from dependencies?
<string>NSPrivacyAccessedAPICategoryUserDefaults</string> | ||
<key>NSPrivacyAccessedAPITypeReasons</key> | ||
<array> | ||
<string></string> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks! I'll add this. All other reasons must be in our 3p dependencies.
Yeah, must be. Will require a deeper dive, then. |
So do we not need reasons for the other 3? Happy to approve if this is ready to go. |
Apologies, let me convert to draft. We need to look into our third party dependencies and figure out why they're using what they're using. AFAIK it's these: Willing to bet most of it is Sentry: getsentry/sentry-cocoa#3192 (comment) |
"revision" : "cf43eac1aa12017868c257ad3854ad87a5de0758", | ||
"version" : "7.31.5" | ||
"revision" : "7fc7ca43967e2980d8691a8e017c118a84133aac", | ||
"version" : "8.26.0" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This needs to be applied to macOS too.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we need to update this file for macos too?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure what this file is doing here actually. It seems to have been newly created in #1958. The ios and macos Package.resolved
files are already correctly updated in client/src/cordova/apple/ios.xcworkspace/xcshareddata/swiftpm/Package.resolved
and client/src/cordova/apple/macos.xcworkspace/xcshareddata/swiftpm/Package.resolved
respectively. Removing this file altogether.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it works fine because we specify the full version and the revision is probably mapped 1:1 to the full version.
This picks the version if the version is not fully specified, similar to package-lock.json or go.sum
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Right, but my point is that this particular file isn't actually used. The Package.resolved
files you are talking about are located under a different path, and are correctly updated in this PR. This particular file isn't used at all AFAICT and was likely erroneously added during the client move.
9398e9e
to
ca7f91c
Compare
…_privacy_required_reasons
I'm taking over this PR while Daniel is out. I've updated I tested this is a valid manifest via the Organizer, but without uploading the build to TestFlight we won't know 100% if Apple will accept. I propose we start here and add the keys if needed, rather than unnecessarily adding them now. I can attempt a TestFlight review once submitted, even if we don't intend to release it. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for taking this over!
"revision" : "cf43eac1aa12017868c257ad3854ad87a5de0758", | ||
"version" : "7.31.5" | ||
"revision" : "7fc7ca43967e2980d8691a8e017c118a84133aac", | ||
"version" : "8.26.0" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we need to update this file for macos too?
…_privacy_required_reasons
See: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api#4278393
It seems that a) this is only required for iOS as we never recieved an email about MacOS and b) that I'm able to target both the main Outline bundle and the VPNExtension with the same PrivacyInfo file.
The thing we need to do now is identify what our required reasons actually are. In the XCode UI they give a set of options to pick from for each: