cocoapods-privacy 0.1.4 → 0.1.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 06cfd0105293d04c3f940b48b2a591daa1c361ddceeca67e4c19263984b5e5dd
-  data.tar.gz: bdbba9767ad2127bee8fbbbac60bd2b06adcd3471d29899f6f2a829582f68f06
+  metadata.gz: 84dea61fc2bc984ef88adabe1aa4de41f27b05dbea00a570ae1dc2e2a43966e3
+  data.tar.gz: 61ba57f0692ca5c5034379f0c1abc02c7dd6b69048c3fe033981115b2f729c63
 SHA512:
-  metadata.gz: bc73b9f26811740f419e0519e34f765ee596e9bb52c17c8767866867d078d697c509a17cf0ee111a4ec8db755550d32b4fda4920cb67bcea3a747c48c218e0fa
-  data.tar.gz: 2142d38a2e33517f88c44b2108c5db12adc40467b95b4135a30692c28cad5c71a81c37b0f5ff34b8b1cfb74823785c4f64b5a8d86960fab385788f77f5ecde93
+  metadata.gz: f5c68b15d9089e1cd43732c1f33e302748e4d8bbb6abf6c74394d5ce3bdd4bf57e5fe1a26dfba9ce6530b9f12e9b1deda38fc73e3089f8f0778b746a94d75867
+  data.tar.gz: 76a55bb3e4486e640ff20a909863f49cdf3e19b120c06e28346e6898a9cc9d745a8568b197d230abc925b240660cf3c11de18fd8b7756fdf8346c23805f4dc27

data/README.md

@@ -1,11 +1,83 @@
 # cocoapods-privacy
 
-A description of cocoapods-privacy.
+Apple 2024 will review the App's privacy list in the spring, and any apps that don't submit a privacy list may be called back. For now, the privacy list is broken down by component, to facilitate the maintenance of component privacy, cocoapods-privacy is developed for management.
+[Click to view details on Apple](https://developer.apple.com/documentation/bundleresources/privacy_manifest_files)
 
 ## Installation
 
     $ gem install cocoapods-privacy
 
 ## Usage
+#### init
+First of all, you must set a json config to cocoapods-privacy, this is a defalut config.json
+```
+$ pod privacy config https://raw.githubusercontent.com/ymoyao/cocoapods-privacy/main/resources/config.json
+```
+
+There has 3 keys in defalut config, you should custom it!
+* source.white.list : a white list of source, defalut is empty, so, you should add you self component sources, and it work in command 'pod privacy install' or 'pod install --privacy', will search white list for NSPrivacyAccessedAPITypes.
+* source.black.list : a black list of source, defalut is empty, it work in command 'pod privacy install' or 'pod install --privacy'.
+* api.template.url : its required, a template for search NSPrivacyAccessedAPITypes
+```
+"source.white.list": ["replace me with yourserver"], 
+"source.black.list": ["replace me such as github.com"],
+"api.template.url": "https://raw.githubusercontent.com/ymoyao/cocoapods-privacy/main/resources/NSPrivacyAccessedAPITypes.plist"
+```
+
+#### To Component
+```
+    $ pod privacy spec [podspec_file_path]
+```
+This command will auto create privacy file, and search the path of podspec' source_files' define relate to NSPrivacyAccessedAPITypes, finaly, write to PrivacyInfo.xcprivacy file.
+if your component has much subspec,  all subspec that define ‘source_files’ will create PrivacyInfo.xcprivacy, and auto modify .podspec link .xcprivacy to 'resource_bundle' key.
+For example
+* origin podspec
+
+```
+Pod::Spec.new do |s|
+  s.name             = 'Demo'
+  ...
+  s.source_files = 'xxxx'
+  s.subspec 'idfa' do |sp|
+      sp.source_files = 'xxxxx'
+  end
+  s.subspec 'noidfa' do |sp|
+  end
+end
+
+```
+
+* podspec after commad  👇👇👇👇👇👇
+```
+Pod::Spec.new do |s|
+  s.name             = 'Demo'
+  ...
+  s.source_files = 'xxxx'
+  s.resource_bundle = {"Demo.privacy"=>"Pod/Privacy/Demo/PrivacyInfo.xcprivacy"}
+  s.subspec 'idfa' do |sp|
+      sp.source_files = 'xxxxx'
+      sp.resource_bundle = {"Demo.idfa.privacy"=>"Pod/Privacy/Demo.idfa/PrivacyInfo.xcprivacy"}
+  end
+  s.subspec 'noidfa' do |sp|
+  end
+end
+```
+<img width="961" alt="截屏2024-02-02 11 23 21" src="https://github.com/ymoyao/cocoapods-privacy/assets/13619221/a6678c8e-c4aa-4f7d-8881-657c6d703657">
+
+
+    
+#### To Project
+```
+    $ pod install --privacy
+    or
+    $ pod privacy install
+```
+<img width="298" alt="截屏2024-02-02 10 59 59" src="https://github.com/ymoyao/cocoapods-privacy/assets/13619221/c6f10e36-0f62-497a-93d4-f8b336dc8df4">
+
+After command, a PrivacyInfo.xcprivacy will create to you project Resources if empty. and it will search component that configuration files allow and do not have their own privacy manifest file.
+
+## Notice
+The plugin is focus on NSPrivacyAccessedAPITypes and automatically search and create workflow.
+you should manager NSPrivacyCollectedDataTypes by yourself！
+    
 
-    $ pod spec privacy POD_NAME

data/lib/cocoapods-privacy/gem_version.rb

@@ -1,3 +1,3 @@
 module CocoapodsPrivacy
-  VERSION = "0.1.4"
+  VERSION = "0.1.6"
 end

data/lib/cocoapods-privacy/privacy/PrivacyHunter.rb

@@ -116,35 +116,54 @@ module PrivacyHunter
       local_file_path = File.join(PrivacyUtils.cache_privacy_fold, 'NSPrivacyAccessedAPITypes.plist')
       
       # 获取远程文件更新时间
-      remote_file_time = remoteFileTime?(template_url)
+      remote_file_time,etag = remoteFile?(template_url)
 
       # 判断本地文件的最后修改时间是否与远端文件一致，如果一致则不进行下载
-      if File.exist?(local_file_path) && file_identical?(local_file_path, remote_file_time)
+      if File.exist?(local_file_path) && file_identical?(local_file_path, remote_file_time,etag)
       else
         # 使用 curl 下载文件
         system("curl -o #{local_file_path} #{template_url}")
         puts "隐私清单模版文件已更新到: #{local_file_path}"
 
-        # 同步远程文件时间到本地文件
-        syncFileTime?(local_file_path,remote_file_time)
+        # 同步远程文件标识（时间或者etag）
+        syncFile?(local_file_path,remote_file_time,etag)
       end
       
       local_file_path
     end
 
     # 获取远程文件更新时间
-    def self.remoteFileTime?(remote_url)
+    def self.remoteFile?(remote_url)
       uri = URI.parse(remote_url)
       http = Net::HTTP.new(uri.host, uri.port)
       http.use_ssl = (uri.scheme == 'https')
       response = http.request_head(uri.path)
 
-      response['Last-Modified']
+      last_modified = response['Last-Modified']
+      etag = response['ETag']
+
+      [last_modified,etag]
     end
 
     # 判断本地文件的最后修改时间与远端文件的最后修改时间是否一致
-    def self.file_identical?(local_file_path, remote_file_time) 
-      remote_file_time && Time.parse(remote_file_time) == File.mtime(local_file_path)
+    def self.file_identical?(local_file_path, remote_file_time, etag) 
+      if remote_file_time
+        remote_file_time && Time.parse(remote_file_time) == File.mtime(local_file_path)
+      elsif etag
+        File.exist?(File.join(PrivacyUtils.cache_privacy_etag_fold,etag))
+      else
+        false
+      end
+    end
+
+
+    # 同步文件标识
+    def self.syncFile?(local_file_path, remote_file_time, etag)
+      if remote_file_time
+        syncFileTime?(local_file_path,remote_file_time)
+      elsif etag
+        PrivacyUtils.create_file_and_fold_if_no_exit(File.join(PrivacyUtils.cache_privacy_etag_fold,etag))
+      end
     end
 
     # 同步远程文件时间到本地文件

data/lib/cocoapods-privacy/privacy/PrivacyModule.rb

@@ -147,16 +147,19 @@ module PrivacyModule
     # 打开 Xcode 项目，在Resources 下创建
     project = Xcodeproj::Project.open(File.basename(project_path))
     main_group = project.main_group
-    resources_group = PrivacyUtils.find_group_by_path(main_group,resources_folder_path)
+    resources_group = main_group.find_subpath('Resources',false)
     if resources_group.nil?
       resources_group = main_group.new_group('Resources',resources_folder_path)
     end
 
     # 如果不存在引用，创建新的引入xcode引用
     if resources_group.find_file_by_path(PrivacyUtils.privacy_name).nil?
-      privacy_file_ref = resources_group.new_reference(PrivacyUtils.privacy_name)
+      privacy_file_ref = resources_group.new_reference(PrivacyUtils.privacy_name,:group)
+      privacy_file_ref.last_known_file_type = 'text.xml'
       target = project.targets.first
-      target.add_file_references([privacy_file_ref]) # 将文件引用添加到 target 中
+      resources_build_phase = target.resources_build_phase
+      resources_build_phase.add_file_reference(privacy_file_ref) # 将文件引用添加到 resources 构建阶段中
+      # target.add_file_references([privacy_file_ref]) # 将文件引用添加到 target 中
       # resources_group.new_file(privacy_file_path)
     end
     
@@ -171,11 +174,13 @@ module PrivacyModule
 
   # 处理组件
   def self.load_module(podspec_file_path)
+    puts "👇👇👇👇👇👇 Start analysis component privacy 👇👇👇👇👇👇"
     privacy_hash = PrivacyModule.check(podspec_file_path)
     privacy_hash.each do |privacy_file_path, source_files|
       data = PrivacyHunter.search_pricacy_apis(source_files)
       PrivacyHunter.write_to_privacy(data,privacy_file_path) unless data.empty?
     end
+    puts "👆👆👆👆👆👆 End analysis component privacy 👆👆👆👆👆👆"
   end
 
   def self.check(podspec_file_path)

data/lib/cocoapods-privacy/privacy/PrivacyUtils.rb

@@ -61,6 +61,12 @@ module PrivacyUtils
       target_directory
     end
 
+    # etag 文件夹
+    def self.cache_privacy_etag_fold
+      File.join(cache_privacy_fold,'etag')
+    end
+    
+    # config.json 文件
     def self.cache_config_file
       config_file = File.join(cache_privacy_fold, 'config.json')
     end

data/lib/cocoapods-privacy/privacy/privacy_installer_hook.rb

@@ -74,6 +74,8 @@ module Pod
 
 
     def privacy_handle(custom_folds)
+
+      puts "👇👇👇👇👇👇 Start analysis project privacy 👇👇👇👇👇👇"
       # 过滤出自身组件 && 自身没有隐私协议文件的spec
       modules = @analysis_result.specifications.select { 
         |obj| obj.is_need_search_module && !obj.has_privacy
@@ -118,6 +120,7 @@ module Pod
         # 处理工程隐私协议
         PrivacyModule.load_project(pod_folds)
       end
+      puts "👆👆👆👆👆👆 End analysis project privacy 👆👆👆👆👆👆"
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cocoapods-privacy
 version: !ruby/object:Gem::Version
-  version: 0.1.4
+  version: 0.1.6
 platform: ruby
 authors:
 - youhui
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-02-01 00:00:00.000000000 Z
+date: 2024-02-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler