KeychainAccess
KeychainAccess copied to clipboard
kishikawakatsumi
About Privacy Manifest Update Plan
Hello,
I am a user of the KeychainAccess library you developed. I noticed that the following two APIs are being used in KeychainAccess:
- creationDate(File timestamp APIs)
- modificationDate(File timestamp APIs)
According to the announcement provided by Apple, when these APIs are used, there is a need to describe the reasons for their use and to submit a Privacy Manifest. I am reaching out to inquire if you have any plans to add a Privacy Manifest to your library soon.
If any upcoming updates are planned, it would be greatly appreciated if you could share the information publicly here : ) Thank you very much ! :)
Hello
Thank you for creating a PR for adding Privacy Manifest. However, it seems that the PR has not been merged yet. Do you guys have any plan to merge it and create a new release containing this? Or, Is this library no longer maintained since a new release has not been created since Mar. 2021?
Thank you.
Hello
Thank you for creating a PR for adding Privacy Manifest. However, it seems that the PR has not been merged yet. Do you guys have any plan to merge it and create a new release containing this? Or, Is this library no longer maintained since a new release has not been created since Mar. 2021?
Thank you.
If a new release does not come out, there is no choice but to use the PR repository
From Apple's Feb 29 update: https://developer.apple.com/news/?id=3d8a9yyh
Starting March 13: If you upload a new or updated app to App Store Connect that uses an API requiring approved reasons, we’ll send you an email letting you know if you’re missing reasons in your app’s privacy manifest. This is in addition to the existing notification in App Store Connect.
Starting May 1: You’ll need to include approved reasons for the listed APIs used by your app’s code to upload a new or updated app to App Store Connect. If you’re not using an API for an allowed reason, please find an alternative. And if you add a new third-party SDK that’s on the list of commonly used third-party SDKs, these API, privacy manifest, and signature requirements will apply to that SDK. Make sure to use a version of the SDK that includes its privacy manifest and note that signatures are also required when the SDK is added as a binary dependency.
@kishikawakatsumi Thank you for your response!!! I will close this issue until the support version release.
@kishikawakatsumi Is there any exact timeline, since we have upcoming release by may but we need to test the app with SDK before we release
@kishikawakatsumi Is there any exact timeline, since we have upcoming release by may but we need to test the app with SDK before we release
In my opinion, it would be better to be able to start testing from March 13th.
However, we don't know how much time @kishikawakatsumi can spare.
@kishikawakatsumi Apple says it's going to send developers an application email starting March 13. We'd better test the library from then on and fix it by May.
@pavm035 @wlxo0401 If you just want to test, you can fork this repository and use it. You don't have to wait for me to do it.
I have reviewed the Privacy Manifest requirements and do not believe that Privacy Manifest is required for this library.
https://github.com/kishikawakatsumi/KeychainAccess/issues/589#issue-2056297738
The creationDate and modificationDate mentioned above are properties defined in this library and have nothing to do with the File timestamp API.
@kishikawakatsumi
Thank you for confirming. As mentioned in an issue with another SDK, adding a blank privacy manifest is not recommended. Therefore, I believe no further action is required, right?
