MIssing API declaration warning on AppStore submission

App: "Nappkin" Apple ID: 639242085

Hi,

We are getting several "Missing API declaration" warnings (see below) when submitting our iOS app to the AppStore. Our app doesn't not use the mentioned api's but apparently one or more of the libraries we use do. We have included a privacy manifest that states this fact (included below).

  • Why are we still getting these warnings/errors when we have included a privacy manifest?
  • If each framework used must have a manifest can you tell me which frameworks are in error?
  • We have no influence on the contents of the frameworks used in our apps. How can we comply if a framework we use does not have a required manifest and is unable or unwilling to include it?

Our app is a point-of-sale app used by 100's of professionals. We have been in the AppStore for more than 10 years. Our app is fully dependend on several frameworks and not being able to update our app will mean we have to close our business.

Thanks!

Willem Bison

= Privacy manifest ====

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">

<plist version="1.0">

<dict>

	<key>NSPrivacyAccessedAPITypes</key>

	<array>

		<dict>

			<key>NSPrivacyAccessedAPIType</key>

			<string>NSPrivacyAccessedAPICategoryDiskSpace</string>

			<key>NSPrivacyAccessedAPITypeReasons</key>

			<array>

				<string>Our app does not use this api directly but (apparently) an included framework does</string>

			</array>

		</dict>

		<dict>

			<key>NSPrivacyAccessedAPIType</key>

			<string>NSPrivacyAccessedAPICategorySystemBootTime</string>

			<key>NSPrivacyAccessedAPITypeReasons</key>

			<array>

				<string>Our app does not use this api directly but (apparently) an included framework does</string>

			</array>

		</dict>

		<dict>

			<key>NSPrivacyAccessedAPITypeReasons</key>

			<array>

				<string>NSUserDefault is used to store and retrieve several user preferences</string>

			</array>

			<key>NSPrivacyAccessedAPIType</key>

			<string>NSPrivacyAccessedAPICategoryUserDefaults</string>

		</dict>

		<dict>

			<key>NSPrivacyAccessedAPITypeReasons</key>

			<array>

				<string>Our app does not use this api directly but (apparently) an included framework does</string>

			</array>

			<key>NSPrivacyAccessedAPIType</key>

			<string>NSPrivacyAccessedAPICategoryFileTimestamp</string>

		</dict>

	</array>

</dict>

</plist>

= Warnings ====

Hello,

We noticed one or more issues with a recent submission for App Store review for the following app:

Nappkin
Version 179.0
Build 33854
Although submission for App Store review was successful, you may want to correct the following issues in your next submission for App Store review. Once you've corrected the issues, upload a new binary to App Store Connect.

ITMS-91053: Missing API declaration - Your app’s code in the “Nappkin” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryFileTimestamp. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.

ITMS-91053: Missing API declaration - Your app’s code in the “Nappkin” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryDiskSpace. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.

ITMS-91053: Missing API declaration - Your app’s code in the “Nappkin” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategorySystemBootTime. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.

ITMS-91053: Missing API declaration - Your app’s code in the “Nappkin” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryUserDefaults. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.

Apple Developer Relations

============

				<string>Our app does not use this api directly but (apparently) an included framework does</string>

No, that field is not supposed to be a human-readable string. It's supposed to be one of Apple's "reason codes", which look like AB12.3.

Our app does not use any of the api's but apparently some of our included frameworks do. So I guess we should not include a privacy manifest file. I have no idea which frameworks are "in violation" - the report from Apple has no specifics. How can we find out? And what if there simply is no update of the framework with a manifest file?

MIssing API declaration warning on AppStore submission
 
 
Q