breautek commented on issue #1391: URL: https://github.com/apache/cordova-ios/issues/1391#issuecomment-2022720919
> I just wanted to clarify how we actually make our apps compliant with this new requirement if possible please. > > So we don't use any of these apis in our project but they are used in various cordova plugins we have installed. > > Do we need to declare how the plugins are using these apis in our apps privacy manifest? Or is it just the third party sdks that need to add their own manifests and we can just use an empty one? > > If we do need to update ours how is this done? I noticed PR #1383 which adds the empty file but how do we actually amend this so that it's picked up each build? Sorry I linked the wrong PR, the correct PR is https://github.com/apache/cordova-ios/pull/1406 #1383 is to add the default empty file for the project, and an empty file for core cordova framework project. #1406 introduces a `config.xml` API to add entries to the app's privacy manifest. I've updated my original post to link the correct PR. I don't think the keys are documented anywheres at this time, but if you create a xcode app project and add a Privacy Manifest item to it, you should be able to discover all the valid key entries. Not on a mac right now, but if needed I can provide more detailed steps / screenshots. Note that it's Apple's intention for framework/library authors to provide their own manifest entry so that they can declare if they use any privacy sensitive APIs. Cordova Plugins aren't frameworks, they are just loose source code that gets added to the app project, which kind of puts the responsibility on the app developer to add those entries, if those plugins uses any sensitive APIs, from Apple's perspective. At this point of time, there isn't a way for plugin authors to declare their own privacy entries, so if you wanted to be compliant today, you may have to do some code analysis of all your used plugins. This is something we obviously want to improve on. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@cordova.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@cordova.apache.org For additional commands, e-mail: issues-h...@cordova.apache.org
