Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add privacy manifest to pod install #42979

Closed
wants to merge 2 commits into from
Closed

add privacy manifest to pod install #42979

wants to merge 2 commits into from

Conversation

philIip
Copy link
Contributor

@philIip philIip commented Feb 13, 2024

Summary:
Changelog: [iOS][Added]

this creates the RN privacy manifest in the ios build step if user has not created one yet.

Differential Revision: D53687232

@facebook-github-bot facebook-github-bot added CLA Signed This label is managed by the Facebook bot. Authors need to sign the CLA before a PR can be reviewed. p: Facebook Partner: Facebook Partner labels Feb 13, 2024
@analysis-bot
Copy link

analysis-bot commented Feb 13, 2024
edited
Loading

Platform Engine Arch Size (bytes) Diff
android hermes arm64-v8a 17,742,568 +10
android hermes armeabi-v7a n/a --
android hermes x86 n/a --
android hermes x86_64 n/a --
android jsc arm64-v8a 21,104,981 -11
android jsc armeabi-v7a n/a --
android jsc x86 n/a --
android jsc x86_64 n/a --

Base commit: 3b2c4a1
Branch: main

@facebook-github-bot
Copy link
Contributor

This pull request was exported from Phabricator. Differential Revision: D53687232

@philIip @facebook-github-bot
add privacy manifest to hello world template
2f4b9e8 
Summary:
Changelog: [iOS][Added]

this change will be included in the RN CLI. so all new apps running the RN CLI to get created will get this manifest. the reasons have been added for the following APIs:

NSPrivacyAccessedAPICategoryFileTimestamp
- C617.1:
We access the filesize in order to handle loading JavaScript.
[RCTJavaScriptLoader](https://github.com/facebook/react-native/blob/3b2c4a18348892acf14120bc42fa1f54c261e914/packages/react-native/React/Base/RCTJavaScriptLoader.mm#L190), [JSBigString](https://github.com/facebook/react-native/blob/3b2c4a18348892acf14120bc42fa1f54c261e914/packages/react-native/ReactCommon/cxxreact/JSBigString.cpp#L102), [jsilib-posix](https://github.com/facebook/react-native/blob/3b2c4a18348892acf14120bc42fa1f54c261e914/packages/react-native/ReactCommon/jsi/jsi/jsilib-posix.cpp#L62)

NSPrivacyAccessedAPICategoryUserDefaults
- CA56D.1:
- We have one native module that is a wrapper of NSUserDefaults to give access in JavaScript product code. [RCTSettingsManager](https://github.com/facebook/react-native/blob/3b2c4a18348892acf14120bc42fa1f54c261e914/packages/react-native/Libraries/Settings/RCTSettingsManager.mm#L8)
- We have a utility file that let's users support RTL in their app. [RCTi18nUtil](https://github.com/facebook/react-native/blob/3b2c4a18348892acf14120bc42fa1f54c261e914/packages/react-native/React/Modules/RCTI18nUtil.m#L8)
- CA92.1: 
Within our framework, we use NSUserDefaults for a few things:
1) To store developer preferences. [RCTDevSettings](https://github.com/facebook/react-native/blob/3b2c4a18348892acf14120bc42fa1f54c261e914/packages/react-native/React/CoreModules/RCTDevSettings.mm#L8)
2) To store information about the JavaScript product code bundle. [RCTBundleURLProvider](https://github.com/facebook/react-native/blob/3b2c4a18348892acf14120bc42fa1f54c261e914/packages/react-native/React/Base/RCTBundleURLProvider.mm#L125)

Differential Revision: D53682756
@philIip @facebook-github-bot
add privacy manifest to pod install
393e7d6 
Summary:
Changelog: [iOS][Added]

this creates the RN privacy manifest in the ios build step if user has not created one yet. the reasons have been added for the following APIs:

NSPrivacyAccessedAPICategoryFileTimestamp
- C617.1:
We access the filesize in order to handle loading JavaScript.
[RCTJavaScriptLoader](https://github.com/facebook/react-native/blob/3b2c4a18348892acf14120bc42fa1f54c261e914/packages/react-native/React/Base/RCTJavaScriptLoader.mm#L190), [JSBigString](https://github.com/facebook/react-native/blob/3b2c4a18348892acf14120bc42fa1f54c261e914/packages/react-native/ReactCommon/cxxreact/JSBigString.cpp#L102), [jsilib-posix](https://github.com/facebook/react-native/blob/3b2c4a18348892acf14120bc42fa1f54c261e914/packages/react-native/ReactCommon/jsi/jsi/jsilib-posix.cpp#L62)

NSPrivacyAccessedAPICategoryUserDefaults
- CA56D.1:
- We have one native module that is a wrapper of NSUserDefaults to give access in JavaScript product code. [RCTSettingsManager](https://github.com/facebook/react-native/blob/3b2c4a18348892acf14120bc42fa1f54c261e914/packages/react-native/Libraries/Settings/RCTSettingsManager.mm#L8)
- We have a utility file that let's users support RTL in their app. [RCTi18nUtil](https://github.com/facebook/react-native/blob/3b2c4a18348892acf14120bc42fa1f54c261e914/packages/react-native/React/Modules/RCTI18nUtil.m#L8)
- CA92.1: 
Within our framework, we use NSUserDefaults for a few things:
1) To store developer preferences. [RCTDevSettings](https://github.com/facebook/react-native/blob/3b2c4a18348892acf14120bc42fa1f54c261e914/packages/react-native/React/CoreModules/RCTDevSettings.mm#L8)
2) To store information about the JavaScript product code bundle. [RCTBundleURLProvider](https://github.com/facebook/react-native/blob/3b2c4a18348892acf14120bc42fa1f54c261e914/packages/react-native/React/Base/RCTBundleURLProvider.mm#L125)

Reviewed By: cipolleschi

Differential Revision: D53687232
@facebook-github-bot
Copy link
Contributor

This pull request was exported from Phabricator. Differential Revision: D53687232

@brentvatne
Copy link
Collaborator

@philIip - are you able to provide any additional context on the changes here? i've read https://developer.apple.com/support/third-party-SDK-requirements but i'm curious about what part of that this is solving in particular and why we're generating the file during the pod install step

This was referenced Mar 12, 2024
Closed
Closed
@leocpadua7
Copy link

I've opened an issue to get more information about this: #43439

@leocpadua7 leocpadua7 mentioned this pull request Mar 12, 2024
Closed
@keith-kurak keith-kurak mentioned this pull request Mar 21, 2024
Closed
oblador
oblador reviewed Mar 22, 2024
View reviewed changes
packages/react-native/template/ios/HelloWorld/PrivacyInfo.xcprivacy
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>NSPrivacyAccessedAPITypes</key>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Duplicating this info here defeats the purpose of having it at the library level no? As far as I understand, all these manifests gets merged into one.

Copy link
Contributor Author

@philIip philIip Apr 10, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hi @oblador unfortunately the required reasons of the manifests do not get aggregated, only the data use permissions

scandycuz
scandycuz reviewed Apr 3, 2024
View reviewed changes
packages/react-native/template/ios/HelloWorld/PrivacyInfo.xcprivacy
<string>NSPrivacyAccessedAPICategoryUserDefaults</string>
<key>NSPrivacyAccessedAPITypeReasons</key>
<array>
<string>CA56D.1</string>
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't see this reason in the Apple documentation. Was this meant to be C56D.1?

Copy link
Contributor Author

@philIip philIip Apr 10, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sorry this was a very early version of the PR and never got updated for whatever reason. yes, but because RN doesn't fall under apple's third party distribution definition, we removed this. and was a fail typo on my part

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok cool, no worries.

@philIip philIip closed this Apr 10, 2024
@philIip
Copy link
Contributor Author

philIip commented Apr 10, 2024

@philIip - are you able to provide any additional context on the changes here? i've read https://developer.apple.com/support/third-party-SDK-requirements but i'm curious about what part of that this is solving in particular and why we're generating the file during the pod install step

hi @brentvatne sorry i didn't see this at all, the high level discussion is here: react-native-community/discussions-and-proposals#776 (comment)

@philIip
Copy link
Contributor Author

philIip commented Apr 10, 2024
edited
Loading

here's the landed version of this with a more high fidelity diff summary

d39712f?fbclid=IwAR0hozrbkckW3xpQ3GlRbllzJ2cCBvD_ZQYlxMd-FMsaWRFZ9vnR4qHeXuM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@oblador oblador oblador left review comments

@scandycuz scandycuz scandycuz left review comments

Assignees
No one assigned
Labels
CLA Signed This label is managed by the Facebook bot. Authors need to sign the CLA before a PR can be reviewed. fb-exported p: Facebook Partner: Facebook Partner
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@philIip @analysis-bot @facebook-github-bot @brentvatne @leocpadua7 @oblador @scandycuz