Third-party SDK's privacy report are not shown when 'Generate Privacy Report' button tapped.

In Xcode 15, when performing an Archive build and clicking the 'Generate Privacy Report' button, it is believed that the app creates a PrivacyReport PDF file by inspecting the PrivacyInfo.xcprivacy file used by the Third-party SDKs within the app. However, upon testing, it appears that only the PrivacyInfo.xcprivacy file from the app itself is included in the generated PDF, and the PrivacyInfo.xcprivacy file from Third-party SDKs is not being included.

For example, I placed the PrivacyInfo.xcprivacy file inside the 'MyFramework' project and created an xcframework with it.

Then, I added MyFramework.xcframework into the TestApp and clicked the 'Generate Privacy Report' button after an Archive build, I encountered an error saying, 'The archive does not contain any PrivacyInfo.xcprivacy files.' (Of course, the added xcframework is already included in the TestApp target.)

If you know the solution, please help me out.

Up vote post of PhilipChung Down vote post of PhilipChung
5.7k views
Posted by
PhilipChung
Reply

  • I also faced similar issue. In my project settings, "Frameworks, Libraries, and Embedded Content" for XCFramework is set as Do Not Embed. When I change it to Embed & Sign, privacy report contains frameworks info as well.

    butchipeddi

  • This works well for me

    crazyfisher
Add a Comment

Accepted Reply

@PhilipChung i solved my problem:“For the privacy report to appear, you need to embed the framework, which contains the privacy manifest file. ” Hi, @YuusukeIekushi have you embed your framwork in your testApp ?

Posted by
zhanghulk
Up vote reply of zhanghulk Down vote reply of zhanghulk
Post marked as solved

  • @zhanghulk

    Oh, wow! That's amazing news. Setting the framework to embed fixed the issue.

    Is there an official document recommending it to be configured as embed?

    Typically, most SDKs are set to "Do not embed" (even CocoaPods defaults to "Do not embed" 😢). In the "Do not embed" configuration, is there a way to generate a privacy report?

    PhilipChung

  • well,i cant find an official document; i got my solution from Apple DTS, but i think that solution should only just used to generate the PrivacyReport PDF file,when we actually generates the ipa file, the static library file needs to be reset to not be embedded, which i confirmed with Apple DTS,but have not got a replay(Developer Technical Support will shut down from November 17 – November 26, 2023 for the U.S. Thanksgiving holiday.)

    zhanghulk

  • Thanks for the information. :)

    PhilipChung
Add a Comment

Replies

Also facing this issue. I created an xcprivacy file for the sample app and it only pulls in it's own data, nothing from a third part

Posted by
mapierce
Up vote reply of mapierce Down vote reply of mapierce

  • meet the same issue, had you solved that?

    zhanghulk
Add a Comment

@PhilipChung Did you add appropriate targets to the PrivacyInfo.xcprivacy file?

I fixed the same error by doing so. Hope it helps.

Posted by
YuusukeIekushi
Up vote reply of YuusukeIekushi Down vote reply of YuusukeIekushi
Add a Comment

@PhilipChung i solved my problem:“For the privacy report to appear, you need to embed the framework, which contains the privacy manifest file. ” Hi, @YuusukeIekushi have you embed your framwork in your testApp ?

Posted by
zhanghulk
Up vote reply of zhanghulk Down vote reply of zhanghulk
Post marked as solved

  • @zhanghulk

    Oh, wow! That's amazing news. Setting the framework to embed fixed the issue.

    Is there an official document recommending it to be configured as embed?

    Typically, most SDKs are set to "Do not embed" (even CocoaPods defaults to "Do not embed" 😢). In the "Do not embed" configuration, is there a way to generate a privacy report?

    PhilipChung

  • well,i cant find an official document; i got my solution from Apple DTS, but i think that solution should only just used to generate the PrivacyReport PDF file,when we actually generates the ipa file, the static library file needs to be reset to not be embedded, which i confirmed with Apple DTS,but have not got a replay(Developer Technical Support will shut down from November 17 – November 26, 2023 for the U.S. Thanksgiving holiday.)

    zhanghulk

  • Thanks for the information. :)

    PhilipChung
Add a Comment

The generated privacy report only includes nutrition labels from dynamics libraries and SDK resource bundle. If the privacy manifest file is in a static library instead of in a associated bundle, then the privacy report generator is not able to find it.

If the 3rd party SDK is integrated as source code and its privacy manifest is not in a bundle, then the SDK privacy manifest might overwrite the app privacy manifest in the product app package.

Posted by
Unipopcorn
Up vote reply of Unipopcorn Down vote reply of Unipopcorn

  • Thank you for sharing this important information! It was of great help to me.

    PhilipChung
Add a Comment

In my app, the 3rd party SDK (SDWebImage) is installed via Pods, SDWebImage it self includes a PrivacyInfo.xcprivacy, but when archiving the app, SDWebImage's privacy info is not shown in the PDF, only the app's PrivacyInfo is shown. How to solve this issue?

Posted by
kobunketsu
Up vote reply of kobunketsu Down vote reply of kobunketsu

  • I solved my problem, actually there is no label type marked in SDWebImage's PrivacyInfo.xcprivacy , so no information will be included in the final PDF.

    kobunketsu

  • How to solve this problem? Setting the static framework as "embed & sign"? If do like this,the App package will become bigger. Help me , thanks!

    codezhang

  • I have the same issue with SDWebImageSwiftUI (wich uses SDWebImage). How do I embed but not sign a swift package? We use the package with SPM.

    hrWalter
Add a Comment

It seems in order to include the privacy manifest of static framework to generate the privacy report, Xcode setting for the static framework should be 'embedded but not signed'. Can Apple Support team confirm this case ?

Posted by
0x9cats
Up vote reply of 0x9cats Down vote reply of 0x9cats
Add a Comment