How to provide a privacy manifest for a SDK shipped as a static library

Hello, according to this doc Apple will begin blocking app store submissions in Spring 2024 when an application or one of its 3rd-party SDKs calls certain iOS/iPadOS system APIs without declaring a reason for doing so via a privacy manifest.

It seems that for framework and app targets, adding a privacy manifest is relatively straightforward: Add the xcprivacy file to the project and make it a member of the appropriate build target. For apps and fameworks, this will cause the privacy manifest to be copied into the root directory of the .app or .framework bundle at build time.

I work on a SDK which ships to application developers as a static library (.a) bundled within a xcframework. It seems that Xcode will not allow a privacy manifest file to be added as a member of a static library target. Which I assume is because when compiled, a static library build target does not produce a bundle like a ".app" or ".framework" which you'd get when compiling an app or framework target. Just a standalone (.a) file. What is the recommended way for developers of static libraries to provide application developers with a privacy manifest for their SDK? Is there a mechanism for including the privacy manifest somewhere within the xcframework bundle at the time it is created for the static lib, so that it automatically gets copied into an application which may link to it? If not, can the privacy manifest be included in a resource bundle which we already provide to our partners along with the static lib? Or does the manifest need to exist within the root directory of the application bundle since the contents of the static lib will ultimately get embedded into the app binary? If that is the case, do we need to provide our app partners with a separate standalone xcprivacy file, which they would need to incorporate into their project?

My team uses static libraries made with C and C++, which are distributed in the form of .a. Are you in the same situation?

Did you solve the problem?

If you are working on a static library then you need to create a separate resource bundle target and add the privacy manifest file in to that target. I'm also working on a static library and sharing privacy manifest in this way.

If you are working on a static library then you need to create a separate resource bundle target and add the privacy manifest file in to that target. I'm also working on a static library and sharing privacy manifest in this way.

@TorongoAzad

Thank you for your answer, but I didn't get it right because I'm a beginner.

The static library I have now is in C and C++ in an Xcode environment.

And when I build here, a .a file is created and brought to my app and I'm using it.

When you open a static library project with Xcode and add PrivacyInfo, it is not targeted.

Can you explain 'create a separate resource bundle target' in detail??

I'm still very bad at dealing with libraries.

How to provide a privacy manifest for a SDK shipped as a static library
 
 
Q