realm-js
realm-js copied to clipboard
realm
Required PrivacyInfo.xcprivacy - NSPrivacyAccessedAPICategoryFileTimestamp AND NSPrivacyAccessedAPICategoryDiskSpace
How frequently does the bug occur?
Always
Description
I am receiving the email from the apple store regarding ITMS-91053: Missing API Declaration for NSPrivacyAccessedAPICategoryDiskSpace
PrivacyInfo.xcprivacy has to be included in the repo of realm.
I guess based on the log output: NSPrivacyAccessedAPICategoryFileTimestamp AND NSPrivacyAccessedAPICategoryDiskSpace required with proper reason of usage.
Stacktrace & log output
Used symbols in binary ./XCFrameworkIntermediates/RealmJS/librealm-js-ios.a: fstat, stat, statvfs
Can you reproduce the bug?
Always
Reproduction Steps
Refer to the Apple Link: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api Refer to the blog link: https://dev.to/aishanipach/include-nsprivacyaccessedapicategorydiskspace-nsprivacyaccessedapicategoryfiletimestamp-information-59hi
sh required_reason_api_binary_scanner.sh {directory}
Version
12.7.1
What services are you using?
Local Database only
Are you using encryption?
Yes
Platform OS and version(s)
iOS 17.3
Build environment
Which debugger for React Native: ..
Cocoapods version
No response
![sync-by-unito[bot] avatar](https://avatars.githubusercontent.com/in/64202?v=4 "Published by a pub.dev verified publisher"){kind=small}
@aliza-khu Thank you for reporting, and hinting which categories we need to include. We will try to address the issue as soon as possible - as you know our first attempt failed.
@aliza-khu Thank you for reporting, and hinting which categories we need to include. We will try to address the issue as soon as possible - as you know our first attempt failed.
@kneth, Pleasure. Can you please add the PrivacyInfo.xcprivacy ASAP. As 1st, May is too close now(Apple deadline for next release).
@aliza-khu our understanding is that the realm-js SDK is not covered by the list of 3rd party SDKs that are covered by the requirement to have a privacy manifest: https://developer.apple.com/support/third-party-SDK-requirements/ by May 1st. So if you only use realm-js and not realm-swift, you should not be affected by the May 1st deadline.
@nirinchev, Have you tried the command: sh required_reason_api_binary_scanner.sh {directory} refer: https://github.com/Wooder/ios_17_required_reason_api_scanner/blob/main/required_reason_api_binary_scanner.sh
While executing this command I found the app binary file generated contains the statvfs method which only be found in the realm library I used.
Ref: Used symbols in binary ./XCFrameworkIntermediates/RealmJS/librealm-js-ios.a: fstat, stat, statvfs
The method statvfs relying under the privacy Declaration of the required reason API category due to which the app store asking the same for my app as using the realm library.
Feel free to ask the query.
@aliza-khu We are trying to figure out how to fix it, and we would like to ask you to try the following:
- Add the following line to
node_modules/realm/RealmJS.podspec(after thes.frameworksline):
s.resource_bundles = { 'realm_js_privacy' => ['PrivacyInfo.xcprivacy'] }
- Add the following file as
node_modules/realm/PrivacyInfo.xcprivacy:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>NSPrivacyTrackingDomains</key>
<array/>
<key>NSPrivacyCollectedDataTypes</key>
<array/>
<key>NSPrivacyAccessedAPITypes</key>
<array>
<dict>
<key>NSPrivacyAccessedAPITypeReasons</key>
<array>
<string>C617.1</string>
</array>
<key>NSPrivacyAccessedAPIType</key>
<string>NSPrivacyAccessedAPICategoryFileTimestamp</string>
</dict>
</array>
<key>NSPrivacyTracking</key>
<false/>
</dict>
</plist>
In my simple RN app, I don't see Ref: Used symbols in binary ./XCFrameworkIntermediates/RealmJS/librealm-js-ios.a: fstat, stat, statvfs after adding it. If you can confirm, our confidence of a solution is higher.
@kneth, I follow the instructions you provided and also refer to others and how they handle them. I created a sample react-native project and added only the realm dependency. Please use the link I shared, download it and follow the below instructions to reach the actual problem.
Link: https://drive.google.com/file/d/1mZ9-GbHf8xR6XUet3HFPeWqnL9dG4z1r/view?usp=sharing
Steps:
- Extract the above link go to RealmPrivacy/ios directory and hit the command
pod install. - Open RealmPrivacy.xcworkspace with Xcode.
- Build the project, From Xcode menu Product -> Build.
- Download required_reason_api_binary_scanner.sh file into your system from this link: https://github.com/Wooder/ios_17_required_reason_api_scanner/blob/main/required_reason_api_binary_scanner.sh
- Open the Terminal and change the directory to where required_reason_api_binary_scanner.sh file downloaded in the system.
- Hit command
sh required_reason_api_binary_scanner.sh /Library/Developer/Xcode/DerivedData/RealmPrivacy-<anything>/Build/Products/Debug-iphoneosand you will see the below log:
As you can see it says realm somewhere used directly or indirectly statvfs method. For your reference, you can visit this page: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api#4278397 where Apple has a list of methods due to which realm has to declare the NSPrivacyAccessedAPIType - NSPrivacyAccessedAPICategoryDiskSpace in its PrivacyInfo.xcprivacy file.
Sample:
Feel free to ask any query.
@aliza-khu We have used your app to test in #6642. So far we have only validated the app locally, and we might want to upload the app (or a similar one) to Apple App Store for review. We plan to create a prerelease tomorrow or Friday for you to test.
@aliza-khu We have released v12.8.1-alpha.0 with a privacy manifest which we believe solve the issue.
Please try to upgrade (npm install [email protected]) and give us feedback before we do the final release.