iOS - 超好用的隐私清单分析脚本(连续更新)
前言在这篇文章中先容了App Store最新的审核政策,此中最需要留意的就是隐私清单(Privacy Manifest)中的所用API声明,毕竟假如你不声明,App Store在机审阶段会直接把你拒了。在2024/05/01之前,暂时还只是收到这样的警告邮件:
Although submission for App Store review was successful, you may want to correct the following issues in your next submission for App Store review. Once you've corrected the issues, upload a new binary to App Store Connect.
ITMS-91053: Missing API declaration - Your app’s code in the “Runner” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryDiskSpace. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.
ITMS-91053: Missing API declaration - Your app’s code in the “Runner” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryFileTimestamp. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.
ITMS-91053: Missing API declaration - Your app’s code in the “Runner” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategorySystemBootTime. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.
ITMS-91053: Missing API declaration - Your app’s code in the “Runner” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryUserDefaults. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.
在隐私清单中声明所用API很简单,难的是怎么知道这些API是在哪用到了。我看到文档中列出的这么多API,说实话有点蒙,就算一个个拿去项目中搜索,那也累的够呛,更何况这些API可能在二进制文件内里也有。
当然,以上还不是最麻烦的,最麻烦的是假如第三方库是静态链接库又用了这些API,那么项目最终打包后,这些静态链接库是会和你的程序一起合并到应用的可执行文件。App Store机审的时候用工具一扫,哦吼!你要背锅了,你都不知道应用可执行文件被扫出来的API是哪个第三方库的。
基于以上这些,花时间写了一个脚本专门用于分析项目的隐私清单,颠末多次迭代,已经非常易用与正确。猛烈推荐各人试试,反正试试也不亏,顶多浪费几分钟,对吧?
开辟环境
[*]macOS: 14.4
脚本获取
通过以下命令或前往GitHub获取脚本:
git clone https://github.com/crasowas/app_store_required_privacy_manifest_analyser.git
环境要求
需要安装有Xcode Command Line Tools。
这一样平常不是题目,都开辟iOS项目了,Xcode应该都有安装。
快速使用
通过以下命令开始分析你的项目:
sh privacy_manifest_analyser.sh <directory_path>
关于脚本路径和项目目录路径题目,最便捷的方式是拖拽。打开终端应用,先输入sh ,然后依次将privacy_manifest_analyser.sh脚本文件和项目目录拖入终端应用即可。
脚本开始执行后,假如你分析的是你的项目目录,你会得到类似这样的分析结果:
==================== Analyzing Target Directory ====================
页:
[1]