GithubHelp home page GithubHelp logo

walklook / app_store_required_privacy_manifest_analyser Goto Github PK

View Code? Open in Web Editor NEW

This project forked from crasowas/app_store_required_privacy_manifest_analyser

0.0 0.0 0.0 174 KB

A shell script used to analyze privacy manifests in the specified directory to ensure that your app complies with the App Store requirements.

License: MIT License

Shell 100.00%

app_store_required_privacy_manifest_analyser's Introduction

App Store Privacy Manifest Analyzer

Features

  • Support the analysis of API usage within directories, including Cocoa projects, Flutter projects, and application bundles (.app)
  • Scan all source files (including .h, .m, .mm, .c, .cc, .hpp, .cpp, and .swift files) as well as binary files
  • Automatically detect missing privacy manifest files and API declarations
  • Support for tagging commonly used SDKs
  • Provide API usage that could affect your app's privacy manifest

Requirements

  • macOS: Xcode Command Line Tools installed

You can try executing the following command to determine if your Mac device supports the script:

xcrun swift -version

If the output after execution resembles the example below:

swift-driver version: 1.90.11.1 Apple Swift version 5.10 (swiftlang-5.10.0.13 clang-1500.3.9.4)

Congratulations! You are now ready to start using the script. Should you encounter any other issues, you can attempt to install Xcode Command Line Tools using the following command:

xcode-select --install

Usage

1. Getting Started

sh privacy_manifest_analyser.sh <directory_path>

Example output:

==================== Analyzing Target Directory ====================

๐Ÿ’ก Found privacy manifest file(s): 1
[0] ./Runner/PrivacyInfo.xcprivacy
API usage analysis result(s): 0
โœ… All required API reasons have been described in the privacy manifest.

==================== Analyzing Pods Directory ====================

Analyzing FBSDKCoreKit ๐ŸŽฏ ...
๐Ÿ’ก Found privacy manifest file(s): 3
[0] ./Pods/FBSDKCoreKit/XCFrameworks/FBSDKCoreKit.xcframework/ios-arm64_x86_64-simulator/FBSDKCoreKit.framework/PrivacyInfo.xcprivacy
[1] ./Pods/FBSDKCoreKit/XCFrameworks/FBSDKCoreKit.xcframework/ios-arm64_x86_64-maccatalyst/FBSDKCoreKit.framework/Versions/A/Resources/PrivacyInfo.xcprivacy
[2] ./Pods/FBSDKCoreKit/XCFrameworks/FBSDKCoreKit.xcframework/ios-arm64/FBSDKCoreKit.framework/PrivacyInfo.xcprivacy
API usage analysis result(s): 3
[0] NSPrivacyAccessedAPICategoryUserDefaults:NSUserDefaults:./Pods/FBSDKCoreKit/XCFrameworks/FBSDKCoreKit.xcframework/ios-arm64/FBSDKCoreKit.framework/FBSDKCoreKit
[1] NSPrivacyAccessedAPICategoryUserDefaults:NSUserDefaults:./Pods/FBSDKCoreKit/XCFrameworks/FBSDKCoreKit.xcframework/ios-arm64_x86_64-maccatalyst/FBSDKCoreKit.framework/FBSDKCoreKit
[2] NSPrivacyAccessedAPICategoryUserDefaults:NSUserDefaults:./Pods/FBSDKCoreKit/XCFrameworks/FBSDKCoreKit.xcframework/ios-arm64_x86_64-simulator/FBSDKCoreKit.framework/FBSDKCoreKit
โœ… All required API reasons have been described in the privacy manifest.

Analyzing DKImagePickerController ๐ŸŽฏ ...
โš ๏ธ  Missing privacy manifest file!
API usage analysis result(s): 1
[0] NSPrivacyAccessedAPICategoryFileTimestamp:.modificationDate:./Pods/DKImagePickerController/Sources/DKImagePickerController/DKImageAssetExporter.swift
๐Ÿ› ๏ธ  Descriptions for the following required API reason(s) may be missing: 1
[0] NSPrivacyAccessedAPICategoryFileTimestamp

Analyzing SDWebImage ๐ŸŽฏ ...
๐Ÿ’ก Found privacy manifest file(s): 1
[0] ./Pods/SDWebImage/WebImage/PrivacyInfo.xcprivacy
API usage analysis result(s): 1
[0] NSPrivacyAccessedAPICategoryFileTimestamp:NSURLContentModificationDateKey,NSURLCreationDateKey:./Pods/SDWebImage/SDWebImage/Core/SDDiskCache.m
โœ… All required API reasons have been described in the privacy manifest.

Analyzing Mantle ...
โš ๏ธ  Missing privacy manifest file!
API usage analysis result(s): 0

...

==================== Analyzing Flutter Plugins Directory ====================

Analyzing device_info_plus-9.1.0 ๐ŸŽฏ ...
โš ๏ธ  Missing privacy manifest file!
API usage analysis result(s): 0

Analyzing shared_preferences_ios-2.1.1 ๐ŸŽฏ ...
โš ๏ธ  Missing privacy manifest file!
API usage analysis result(s): 3
[0] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults,NSUserDefaults:./.symlinks/plugins/shared_preferences_ios/ios/Classes/FLTSharedPreferencesPlugin.m
[1] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults:./.symlinks/plugins/shared_preferences_ios/ios/Classes/messages.g.h
[2] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults:./.symlinks/plugins/shared_preferences_ios/ios/Classes/messages.g.m
๐Ÿ› ๏ธ  Descriptions for the following required API reason(s) may be missing: 1
[0] NSPrivacyAccessedAPICategoryUserDefaults

...

==================== Analysis completed! ๐Ÿ’ก: 6 โš ๏ธ : 30 ๐Ÿ› ๏ธ : 10 โœ…: 6 ๐ŸŽฏ: 10 ====================

โš ๏ธ ๐Ÿ› ๏ธ  https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api
๐ŸŽฏ https://developer.apple.com/support/third-party-SDK-requirements

๐Ÿ”” If the directory you are analyzing is the app project directory, your app's privacy manifest may be affected by these analysis results: 20
[0] NSPrivacyAccessedAPICategoryFileTimestamp:.modificationDate:./Pods/DKImagePickerController/Sources/DKImagePickerController/DKImageAssetExporter.swift
[1] NSPrivacyAccessedAPICategoryFileTimestamp:NSURLContentModificationDateKey,NSURLCreationDateKey:./Pods/SDWebImage/SDWebImage/Core/SDDiskCache.m
[2] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults,NSUserDefaults:./.symlinks/plugins/shared_preferences_ios/ios/Classes/FLTSharedPreferencesPlugin.m
[3] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults:./.symlinks/plugins/shared_preferences_ios/ios/Classes/messages.g.h
[4] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults:./.symlinks/plugins/shared_preferences_ios/ios/Classes/messages.g.m
...

โš ๏ธ ๐Ÿ› ๏ธ: When the privacy manifest of third-party SDKs is missing, please update the third-party SDKs or provide feedback to the developers.

If your app's code has the same issue, please refer to the following documents or video for resolution:

๐ŸŽฏ: Please promptly update these commonly used SDKs highlighted by the App Store. The complete list is from Upcoming third-party SDK requirements.

๐Ÿ””: For non-dynamically linked libraries, they are fully copied into the executable file of the application bundle during compilation, which may result in unknown API usage when scanning the executable file of the application.

To pass the App Store review, you need to declare the APIs used by these non-dynamically linked libraries in your app's privacy manifest. You might feel confused as you are not sure where exactly these APIs are being used.

To address this confusion, the analyzer will list API usage that may affect your app's privacy manifest. Pay attention to it, as it will help you fill out the app's privacy manifest more accurately.

2. Command Line Options

  • -c: Specify not to filter comments when scanning source code
sh privacy_manifest_analyser.sh -c <directory_path>

It is not recommended to enable this option for the accuracy of API scanning.

  • -e: Specify directory to exclude from analysis
sh privacy_manifest_analyser.sh -e <excluded_directory_path> <directory_path>

3. Saving Analysis Logs

sh privacy_manifest_analyser.sh <directory_path> >log.txt

4. More Examples

Acknowledgements

app_store_required_privacy_manifest_analyser's People

Contributors

crasowas avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.