Add a privacy manifest #8455
Add a privacy manifest #8455
Conversation
Since we don't include the analytics code in builds for the app store, the only thing we need to declare is that we call fstat() on files in the app container, which core uses internally to check the size of Realm files. This is assuming that if the app logs into Atlas that's something that the app itself has to declare rather than us, as we don't automatically talk to the server on our own behalf. The CocoaPods bundling might not actually work. This is the approach that most of the SDKs on the mandatory privacy manifest list are taking, but since Apple isn't actually checking the manifests yet no one knows if they'll accept this fairly weird way of bundling the xcprivacy file. The less weird way breaks building pods as non-framework static libraries.
dianaafanador3
left a comment
dianaafanador3
left a comment
There was a problem hiding this comment.
LGTM! Just some minor questions
| @@ -0,0 +1,23 @@ | |||
| <?xml version="1.0" encoding="UTF-8"?> | |||
There was a problem hiding this comment.
Why not have just one manifest for both frameworks? Also, I don't think is required to have it in the framework folder, and seems a little bit distracting to have this next to the implementation files.
There was a problem hiding this comment.
SPM requires it to be within the source root for the target.
| 'OTHER_LDFLAGS' => '$(REALM_LD_CLASSIC)', | ||
| } | ||
| s.preserve_paths = %w(include scripts) | ||
| s.resource_bundles = {'realm_objc_privacy' => ['Realm/PrivacyInfo.xcprivacy']} |
There was a problem hiding this comment.
https://github.com/SDWebImage/SDWebImage/pull/3649/files What I'm seeing in some other SDKs is they use the name of the framework as the key, so shouldn't be
s.resource_bundles = {'Realm' => ['Realm/PrivacyInfo.xcprivacy']}, or maybe it is irrelevant given that we don't know if it is going to even work
There was a problem hiding this comment.
I based this on what Flutter is doing since they appeared to put a bunch of effort into looking into things.
There was a problem hiding this comment.
What I'm seeing in some other SDKs is they use the name of the framework as the key
FYI, see this comment for the relevant discussion about why we aren't doing that.
| @@ -0,0 +1,77 @@ | |||
| <?xml version="1.0" encoding="UTF-8"?> | |||
There was a problem hiding this comment.
Any reason for adding this new schema to the installation examples project
There was a problem hiding this comment.
Running the installation test locally was sometimes failing due to the App scheme not existing.
Since we don't include the analytics code in builds for the app store, the only thing we need to declare is that we call fstat() on files in the app container, which core uses internally to check the size of Realm files. This is assuming that if the app logs into Atlas that's something that the app itself has to declare rather than us, as we don't automatically talk to the server on our own behalf. The CocoaPods bundling might not actually work. This is the approach that most of the SDKs on the mandatory privacy manifest list are taking, but since Apple isn't actually checking the manifests yet no one knows if they'll accept this fairly weird way of bundling the xcprivacy file. The less weird way breaks building pods as non-framework static libraries.
Since we don't include the analytics code in builds for the app store, the only thing we need to declare is that we call fstat() on files in the app container, which core uses internally to check the size of Realm files. This is assuming that if the app logs into Atlas that's something that the app itself has to declare rather than us, as we don't automatically talk to the server on our own behalf.
The CocoaPods bundling might not actually work. This is the approach that most of the SDKs on the mandatory privacy manifest list are taking, but since Apple isn't actually checking the manifests yet no one knows if they'll accept this fairly weird way of bundling the xcprivacy file. The less weird way breaks building pods as non-framework static libraries.
Fixes #8428.