GLTFKit2 icon indicating copy to clipboard operation
GLTFKit2 copied to clipboard
verified publisher icon warrenm

Apple new Privacy manifest files In May

Open caosuyang opened this issue 1 year ago • 2 comments

Description

At the end of April, after the latest version of Apple submitted for review, Apple restored a warning email, which does not block the review at present. According to the official warning, it will be used as a condition for blocking the review around May. We hope to deal with the warning problem before May. According to Apple's May 1 Privacy Policy, if you use the API in your app's code, you need to report the API in the app's privacy manifest file. If you use the API in the code of a third party SDK, you will need to report the API in the privacy manifest file of the third party SDK. Since we use Swift packages to reference the GLTFKit2 framework in our app, but I can't see which interfaces need to handle Apple's privacy policy in the dynamic library, I hope the author can check the interfaces in the implementation code. Then add the PrivacyInfo.xcprivacy file.

Version

v0.5.7

How the app depends on the framework

Swift packages

App Store review issues

Although submission for App Store review was successful, you may want to correct the following issues in your next submission for App Store review. Once you've corrected the issues, upload a new binary to App Store Connect.

ITMS-91053: Missing API declaration - Your app’s code in the “FOURTRY” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryDiskSpace. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.

ITMS-91053: Missing API declaration - Your app’s code in the “FOURTRY” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategorySystemBootTime. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.

ITMS-91053: Missing API declaration - Your app’s code in the “FOURTRY” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryFileTimestamp. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.

ITMS-91053: Missing API declaration - Your app’s code in the “FOURTRY” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryUserDefaults. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.

Apple Developer Relations

Write at the end

We hope to get a clear reply and solution as soon as possible, so that we can deal with the review of Apple's shelves in May. Thank you.

caosuyang avatar Apr 30 '24 02:04 caosuyang

These issues don't seem to pertain directly to your use of GLTFKit2, but you should also be aware that as of version 0.5.10, both binary and source versions of the framework include a privacy manifest that documents the framework's usage of user data and privacy sensitive APIs. Feel free to express any remaining concerns here after upgrading to the latest version of the framework.

warrenm avatar Apr 30 '24 04:04 warrenm

This issue will be closed as completed in seven days if no further reply is received.

warrenm avatar Apr 30 '24 19:04 warrenm

Thanks for your prompt reply, this definitely solves the problem I'm having now, so I'm planning on upgrading to version 0.5.10.

https://github.com/warrenm/GLTFKit2/commit/636ddee4495b0f77b6b76b9d3a4d48a0989169db

caosuyang avatar May 06 '24 03:05 caosuyang

Excellent, happy to hear this meets your needs.

warrenm avatar May 06 '24 03:05 warrenm