IOS - ITMS-91061: Missing privacy manifest

Capacitor
1

During my app review i’ve got the following issues from IOS:
ITMS-91061: Missing privacy manifest - Your app includes “Frameworks/FirebaseCore.framework/FirebaseCore”, which includes FirebaseCore, an SDK that was identified in the documentation as a privacy-impacting third-party SDK. Starting February 12, 2025, if a new app includes a privacy-impacting SDK, or an app update adds a new privacy-impacting SDK, the SDK must include a privacy manifest file. Please contact the provider of the SDK that includes this file to get an updated SDK version with a privacy manifest. For more details about this policy, including a list of SDKs that are required to include signatures and manifests, visit: Upcoming third-party SDK requirements - Support - Apple Developer.

And similar messages for: Frameworks/FBLPromises.framework/FBLPromises, Frameworks/FirebaseCoreInternal.framework/FirebaseCoreInternal, Frameworks/FirebaseInstallations.framework/FirebaseInstallations etc…

I Used the following topic to add push notifications: Push Notifications - Firebase | Capacitor Documentation with “@capacitor/push-notifications”: “^6.0.0” in my package.json

2

Interesting. I haven’t seen this come up for our app using push notifications, though the last time we published to the store was back in October.

It looks like Firebase added the required privacy manifest. See [FR]: Support App Privacy Manifest · Issue #11490 · firebase/firebase-ios-sdk · GitHub.

Maybe make sure your Firebase SDK is up-to-date? I think you run pod update. You could also check the version you are on in the Podfile.lock file.

3

Thanks for you quick reply, my version for firebase was 10.13.0, I pod update and uploaded to test flight. I will tell you if it fixed the issue after IOS process.

4

Awesome! Looks like it was added in 10.22.0 so you should be good now. My app is using 11.2.0.

5

Did you get it working with v10.13.0?
I’m still using v8.2.5 is there a way to add the privacy manifests manually for older versions?

I have been caught out by this and have limited time to resolve and I have 11 SDKs that need this resolved.

6

image
image1312×572 46.8 KB

I’m using this, and I’ve uploaded it to the store (only for testing with TestFlight for now), and I didn’t get any errors.

However, I haven’t updated my privacy file—maybe I should.
Firebase Version 11 works fine, and I can get push notifications working.

7

The privacy manifest only gets checked during a full submission.

My app works fine in TestFlight.
Went through all the testing etc then got rejected based on the privacy manifest.

8

Give App Privacy Manifest Fixer a try—it can help you out with this! It’s perfect if you can’t upgrade the SDKs, if they don’t support a privacy manifest, or if you simply want to keep things as they are.

Just keep in mind that this tool is only a temporary solution and shouldn’t replace proper SDK management practices.

1 Like
9

Ah interesting I wondered how long before someone made a tool to sort this mess out.

I did find a solution here but it was not pain free!