purchases-flutter
purchases-flutter copied to clipboard
RevenueCat
Add Apple privacy manifest
Use case
It's seems that the underlying iOS-SDKS of purchases_flutter require a privacy manifest.
See https://github.com/flutter/flutter/issues/131940 for context.
Apple announcement here: developer.apple.com/support/third-party-SDK-requirements
May 1st deadline announcement here: developer.apple.com/news/?id=3d8a9yyh
This analyzer reported that PurchasesHybridCommon and RevenueCat needs to add a privacy policy for these APIs:
Analyzing PurchasesHybridCommon ...
Mach-O Type: mh_dylib
⚠️ Missing privacy manifest file!
API usage analysis result(s): 1
[0] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults:./Pods/PurchasesHybridCommon/ios/PurchasesHybridCommon/PurchasesHybridCommon/Purchases+HybridAdditions.swift
🛠️ Descriptions for the following required API reason(s) may be missing: 1
[0] NSPrivacyAccessedAPICategoryUserDefaults
Analyzing RevenueCat ...
Mach-O Type: mh_dylib
💡 Found privacy manifest file(s): 1
[0] ./Pods/RevenueCat/Sources/PrivacyInfo.xcprivacy
API usage analysis result(s): 12
[0] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults:./Pods/RevenueCat/Sources/Caching/DeviceCache.swift
[1] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults:./Pods/RevenueCat/Sources/FoundationExtensions/UserDefaults+Extensions.swift
[2] NSPrivacyAccessedAPICategoryFileTimestamp:creationDate:./Pods/RevenueCat/Sources/LocalReceiptParsing/BasicTypes/AppleReceipt.swift
[3] NSPrivacyAccessedAPICategoryFileTimestamp:creationDate:./Pods/RevenueCat/Sources/LocalReceiptParsing/Builders/AppleReceiptBuilder.swift
[4] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults:./Pods/RevenueCat/Sources/Logging/Strings/AttributionStrings.swift
[5] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults:./Pods/RevenueCat/Sources/Logging/Strings/ConfigureStrings.swift
[6] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults:./Pods/RevenueCat/Sources/Logging/Strings/IdentityStrings.swift
[7] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults:./Pods/RevenueCat/Sources/Misc/Concurrency/SynchronizedUserDefaults.swift
[8] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults:./Pods/RevenueCat/Sources/Misc/Deprecations.swift
[9] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults:./Pods/RevenueCat/Sources/Networking/HTTPClient/ETagManager.swift
[10] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults:./Pods/RevenueCat/Sources/Purchasing/Configuration.swift
[11] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults:./Pods/RevenueCat/Sources/Purchasing/Purchases/Purchases.swift
🛠️ Descriptions for the following required API reason(s) may be missing: 1
[0] NSPrivacyAccessedAPICategoryFileTimestamp
👀 We've just linked this issue to our internal tracker and notified the team. Thank you for reporting, we're checking this out!
Hi! Thanks for opening! 🤔 Which version of the SDK are you using?
We did introduce the privacy manifest for cocoapods in our iOS 4.40.0 release, and that's what is in use for our flutter SDK starting with 6.26.0
If you're on an SDK previous to 6.26.0, updating should do the trick. If you're already on 6.26.0 or higher, let me know and we can try to figure out what's going on
I am on 6.29.0 .
Podfile.lock
- purchases_flutter (6.29.0):
- Flutter
- PurchasesHybridCommon (= 10.6.1)
- PurchasesHybridCommon (10.6.1):
- RevenueCat (= 4.41.2)
- RevenueCat (4.41.2)
I can not find a privacy manifest in https://github.com/RevenueCat/purchases-hybrid-common.
In https://github.com/RevenueCat/purchases-ios/blob/main/Sources/PrivacyInfo.xcprivacy NSPrivacyAccessedAPICategoryFileTimestamp is missing.
@jtdLab thanks for reporting! We are indeed missing one for purchases-hybrid-common, we mistakenly thought that since that framework doesn't access any APIs directly (only through purchases-ios, which does have a privacy manifest), it'd be enough. We'll get it added.
As for NSPrivacyAccessedAPICategoryFileTimestamp, we don't access any APIs that are related, we believe this to be a false positive from the detection script because we do have our own logic that uses a method called creationDate, but it's unrelated to those APIs.
@jtdLab I missed your answer and forgot to reply here, my sincerest apologies. This was ported into our Flutter SDK as part of version 6.29.2 and shipped in May 22nd. Any versions higher than that should work.