Privacy Manfiest

[amcalgates]

• [x] I've read, understood, and done my best to follow the *CONTRIBUTING guidelines.

What did you do?

Read Apple docs, which say:

From Fall 2023 you’ll receive an email from Apple if you upload an app to App Store Connect that uses required reason API without describing the reason in its privacy manifest file. From Spring 2024, apps that don’t describe their use of required reason API in their privacy manifest file won’t be accepted by App Store Connect.

Wasn't sure, so thought I'd ask (feature request?): does Charts use any APIs mentioned here? If so, are there plans to include a privacy manifest? I'm not 100% sure what that'd even look like, but this thread maybe has a little insight.

What did you expect to happen?

N/A

What happened instead?

N/A

DGCharts Environment

N/A

Demo Project

N/A

[LionWY]

+1

[ag-drivequant]

Charts is on the list "SDKs that require a privacy manifest" provided by Apple https://developer.apple.com/support/third-party-SDK-requirements/ not clear if one of the "required reason API" is being used

[wlxo0401]

+1

[ojun9]

+1

[wlxo0401]

@danielgindi @pmairoldi

Any support/plan of Privacy Manifest?

[pmairoldi]

Yeah I have no issue with it. I don’t really work on anything swift right now so I have no idea what this entails. So if someone can create a pull request for this I’ll merge and create a new release.

[wlxo0401]

Yeah I have no issue with it. I don’t really work on anything swift right now so I have no idea what this entails. So if someone can create a pull request for this I’ll merge and create a new release.

@pmairoldi Thank you for taking time out of your busy schedule. I am grateful for your ability to release a new version in the future. It's reassuring to know that you possess the necessary authority.

---

Apple Doc

Everyone.

Is there anything in DGCharts(Charts) that corresponds to the document above??

Please feel free to share your opinions.

(Please understand that I use a translator because my English is not good enough.)

[wlxo0401]

I created a PR (as mentioned above), please feel free to take a look.🙏

[GH-Ong]

@danielgindi @pmairoldi From what i understand from apple's document a code signature is required as well in addition to the privacymanifest. Will there be a release with the code signature and privacymanifest provided?

[pmairoldi]

I’ve quickly read up on the topic and there does not seem to be way to do so right now. I’ve found a similar issue https://github.com/Alamofire/Alamofire/issues/3761

[pmairoldi]

Yeah we can do both at once. Still unsure how to make the signature work. It has always been a problem with open source development. I have my own developer account but not one for this GitHub project. I’ll look around other projects to see what’s up there.

[mjburghard]

@pmairoldi Is the signature required for Charts?

SDKs that require a privacy manifest and signature The following are commonly used SDKs in apps on the App Store. Starting in spring 2024, you must include the privacy manifest for any SDK listed below when you submit new apps in App Store Connect that include those SDKs, or when you submit an app update that adds one of the listed SDKs as part of the update. Signatures are also required in these cases where the listed SDKs are used as binary dependencies. Any version of a listed SDK, as well as any SDKs that repackage those on the list, are included in the requirement. From Upcoming third-party SDK requirements

I don't know about Carthage, but for SPM and Cocoapods the sentence above sounds like the signature is not required.

[pmairoldi]

Nice catch! Thanks for the info

[wlxo0401]

I discovered a new while testing.

Until now, most of the libraries that have added PrivacyInfo have not been marked in PrivacyReport.

However, when an item is added to the 'Privacy Nutrition Label Types', the library name is displayed in the PrivacyReport.

Many libraries have updated PrivacyInfo without adding anything from 'Privacy Nutrition Label Types'.

Does anyone know about this? Is 'Privacy Nutrition Label Types' a must-have item?

Or is it not necessary to display it in the privacy report?

Please feel free to leave opinion.

The 'PrivacyReport' I'm talking about can be downloaded as a PDF if you archive the app.

https://developer.apple.com/videos/play/wwdc2023/10060/ Please refer to 3:20.

1. Open your project in Xcode.

2. Choose Product > Archive. Xcode creates the archive and reveals it in the organizer.

3. Control-click the archive in the organizer and choose Generate Privacy Report.

(I used a translator.)

[pmairoldi]

Seems like this is for the consuming app no? It would be good to test if generating the report after integrating the library works properly.

[tummalaguntimahesh]

Looking for this change

[wlxo0401]

@pmairoldi

Hello, I think the time has come..

I think I'll have to apply it and see how it works.

How are you going to proceed??

Even if it is applied, it is necessary to constantly check that Apple app reviews are passed properly for a while.

I would appreciate it if you could share your plans or thoughts.

[wlxo0401]

Thank you for accepting the PR.

However, I think it is also necessary to make sure that this is applied properly as Apple demanded.

And I think other users will have to check it out a lot.

If this is wrong, an immediate response may also be needed..

When is the new release that includes this??

Once again, thank you for your care in a busy time.