Privacy manifest in a non-embedded xcframework?

Hello all,

My team makes a third-party SDK in the form of an xcframework, and we're working on creating our privacy manifest. However, I've noticed that the privacy manifest we include in the xcframework does not seem to get aggregated in with the base app's manifest when generating the privacy report.

Is that even the expected behavior? That when generating a privacy report, it will aggregate the manifests from the app and all frameworks? We've always recommended to our clients to select "Do not embed" when adding our SDK, as embedding it seems to introduce problems when submitting to the app store. Are the problems in the aggregation due to the fact that it's not embedded?

If it turns out that our manifest won't get aggregated with the client's app's manifest, what should we do? Should we recommend that they manually include any items from our manifest into theirs?

I'd appreciate any information, I haven't been able to find any solid details on any of this.

Hi @derekahc ! Under the hood of xcframework is your SDK static or dynamic library? My team and me have dynamic library, so it's embedded into the app. When I added Privacy manifest for our SDK, I noticed that when PrivacyInfo file was not included to Xcode target which is used for building our SDK - info from it was not aggregated and used in the general privacy report. Once I included PrivacyInfo to the target - info from it is shown in privacy report.
Not sure if this is a correct way or not, but there are no much details about this from Apple.

Best regards, Olena

Privacy manifest in a non-embedded xcframework?
 
 
Q