了解如何为你的移动应用配置 iOS 隐私清单。
如果你使用的是使用 "限制原因" API 的原生 iOS 库,则需要配置 iOS 隐私清单来声明为什么要包含原生代码来调用这些 API。
¥If you're using a native iOS library that uses a "restricted reason" APIs, you'll need to configure an iOS privacy manifest to declare why you're including native code to call those APIs.
更多详细信息和 "必需原因" API 列表可在 Apple 开发者文档 中找到。
¥More details and a list of "required reason" APIs can be found in the Apple Developer Documentation.
本指南中包含的信息和步骤仍在开发中,可能会因为此目的构建的新工具或 Apple 的新要求而发生变化。
¥What is a Privacy manifest?
隐私清单是一个名为 PrivacyInfo.xcprivacy 的文件,包含在你的 iOS 原生项目中。此文件用于声明应用包含调用 Apple 认为敏感的某些 API 的原生代码的原因。
¥A privacy manifest is a file named PrivacyInfo.xcprivacy that is included in your iOS native project. This file is used to declare why the app includes native code that calls into certain APIs that Apple considers sensitive.
这些 API 当前包括访问 UserDefaults、文件时间戳、系统启动时间、磁盘空间和活动键盘。Apple 认为这是一个开放列表,将来可以扩展。
¥These APIs currently include accessing UserDefaults, file timestamp, system boot time, disk space, and active keyboard. Apple considers it an open list that can be expanded in the future.
¥Configuration in app.json/app.config.js
你可以通过使用应用配置中 expo.ios 下的 privacyManifests 字段来包含 iOS 隐私清单。
¥You can include an iOS privacy manifest by using the privacyManifests field under expo.ios in your app config.
{
"expo": {
"name": "My App",
"slug": "my-app",
%%placeholder-start%%... %%placeholder-end%%
"ios": {
"privacyManifests": {
"NSPrivacyAccessedAPITypes": [
{
"NSPrivacyAccessedAPIType": "NSPrivacyAccessedAPICategoryUserDefaults",
"NSPrivacyAccessedAPITypeReasons": ["CA92.1"]
}
]
}
}
}
}
适用于 SDK 50 及更高版本。确保你已使用
npx expo install --fix将 Expo SDK 库更新为适用于你的 SDK 版本的最新版本。对于低于 50 的 SDK 版本,请使用expo-privacy-manifest-polyfill-plugin。¥Available with SDK 50 and above. Make sure you have updated your Expo SDK libraries to the latest versions for your SDK version using
npx expo install --fix. For SDK versions below 50, use theexpo-privacy-manifest-polyfill-plugin.
你可以通过使用 Xcode 创建 PrivacyInfo.xcprivacy 文件并将其添加到你的 iOS 应用目标,在裸 Expo 应用中包含 iOS 隐私清单。按照 Apple 的隐私清单文件 指南创建 PrivacyInfo.xcprivacy 文件。
¥You can include an iOS privacy manifest in a bare Expo app by creating a PrivacyInfo.xcprivacy file using Xcode and adding it to your iOS app target. Follow Apple's Privacy manifest files guide to create a PrivacyInfo.xcprivacy file.
你可以通过查看 Apple 开发者文档 来识别 NSPrivacyAccessedAPITypes 和 NSPrivacyAccessedAPITypeReasons 值。
¥You can identify the NSPrivacyAccessedAPITypes and NSPrivacyAccessedAPITypeReasons values by looking at the Apple Developer documentation.
¥Including required reasons for Expo SDK packages and other third-party libraries
截至目前,Apple 无法正确解析静态 CocoaPods 依赖(例如 Expo SDK 包和其他生态系统库)包含的所有 PrivacyInfo 文件。你可能需要在应用的 PrivacyInfo.xcprivacy 文件或 app.json 中的配置中包含这些依赖使用的 API 所需的原因。
¥As of now, Apple does not correctly parse all the PrivacyInfo files included by static CocoaPods dependencies (such as Expo SDK packages and other ecosystem libraries). You may need to include the required reasons for the APIs used by those dependencies in your app's PrivacyInfo.xcprivacy file or the configuration in the app.json.
所有使用 "必需原因" API 文件的 Expo SDK 包都在包目录中包含一个 PrivacyInfo 文件。这是 expo-application 库中包含的 示例文件。
¥All Expo SDK packages that use "required reason" APIs file have a PrivacyInfo file included in the package directory. Here's an example file included with the expo-application library.
通常,你可以通过检查你打算使用的库是否在 node_modules/package_name/ios 目录中具有 PrivacyInfo.xcprivacy 文件来确定其他第三方库使用的 API 所需的原因。如果确实如此,你可以检查该文件中的 NSPrivacyAccessedAPITypes 和 NSPrivacyAccessedAPITypeReasons 值,并将这些值复制到你的配置中。
¥You can usually identify the required reasons for the APIs used by other third-party libraries by checking if the library you intend to use has a PrivacyInfo.xcprivacy file in the node_modules/package_name/ios directory. If it does, you can check the NSPrivacyAccessedAPITypes and NSPrivacyAccessedAPITypeReasons values in that file and copy those values to your configuration.
作为替代方案,Apple 会在开发者提交缺少隐私清单文件或特定原因的版本后通知他们。你可以等到收到来自 Apple 的通知电子邮件,然后将电子邮件中列出的所需原因包含在应用的 PrivacyInfo.xcprivacy 文件中(如果你不使用 CNG)或 app.json 文件中的配置中。
¥As an alternative, Apple notifies developers after they submit a build with missing privacy manifest files or specific reasons. You can wait until you receive a notification email from Apple and then include the required reasons listed in the email in your app's PrivacyInfo.xcprivacy file (if you don't use CNG) or the configuration in your app.json file.
¥Testing the Privacy manifest
你可以通过构建应用并提交来测试隐私清单,无论是通过 App Store 审核流程还是 TestFlight 的外部审核。如果你的应用缺少所用 API 的任何必要原因,Apple 会在提交后的几分钟内向你发送电子邮件。
¥You can test the privacy manifest by building your app and submitting it, either through App Store review process or to TestFlight's external review. Apple will email you within a few minutes of submitting if your app is missing any required reasons for the APIs used.