cocoapods-privacy 0.1.5 → 0.1.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cba814ac41f376631ff6ad61aa17f9079504ffdeca70d67745fbff6ba66a7f9a
-  data.tar.gz: bc663a8c5bb09bdf7a63bda133bc9cef5a5b519a4abe63ddfc3a8581a23074ad
+  metadata.gz: 160e1e50e0b10ceb9008703a37b624861e89e48aa7626ba69db17d5958f57d11
+  data.tar.gz: 4d2f9bc6b15442f8759f22d3609716349281a2c33460bbfd55433d04362ae2a2
 SHA512:
-  metadata.gz: 87fafdd3717866fa0bb684f5e836c8de9ede0f21d69e979f0c2335977e26bdd9c8ee68af46277be567735b64e3a9330090756f176f8e148eab70e9a776f47eb3
-  data.tar.gz: d4021c5931c8439e21cfb45c99bb2d4a1601de30721e3fa0a636066aea9d614b83001163027ef346617de7e982ca7d0c94a347a430654938fe4fc844b4b4f2c9
+  metadata.gz: 040723e52f2c23ee4fbfe2f33469194faf9d48c6d6af0cc8aa901966ad15e89830e97f9e227a05565c2e988776bef53ab3ae8d789aacc860bb2bed6a365c441a
+  data.tar.gz: 3d239ca8ed9639bf88647ab5fb6802e55bfe011fa61417a26325806ca91b4f1dd5e9dc0ee4dffdd37f08c7803326f7401018d939067ed746a2745fb5c79686e4

data/README.md

@@ -1,11 +1,84 @@
 # cocoapods-privacy
 
-A description of cocoapods-privacy.
+Apple 2024 will review the App's privacy list in the spring, and any apps that don't submit a privacy list may be called back. For now, the privacy list is broken down by component, to facilitate the maintenance of component privacy, cocoapods-privacy is developed for management.
+[Click to view details on Apple](https://developer.apple.com/documentation/bundleresources/privacy_manifest_files)
 
 ## Installation
-
-    $ gem install cocoapods-privacy
+```
+$ gem install cocoapods-privacy
+```
 
 ## Usage
+#### init
+First of all, you must set a json config to cocoapods-privacy, this is a defalut config.json
+```
+$ pod privacy config https://raw.githubusercontent.com/ymoyao/cocoapods-privacy/main/resources/config.json
+```
+
+There has 3 keys in defalut config, you should custom it!
+* source.white.list : a white list of source, defalut is empty, so, you should add you self component sources, and it work in command 'pod privacy install' or 'pod install --privacy', will search white list for NSPrivacyAccessedAPITypes.
+* source.black.list : a black list of source, defalut is empty, it work in command 'pod privacy install' or 'pod install --privacy'.
+* api.template.url : its required, a template for search NSPrivacyAccessedAPITypes
+```
+"source.white.list": ["replace me with yourserver"], 
+"source.black.list": ["replace me such as github.com"],
+"api.template.url": "https://raw.githubusercontent.com/ymoyao/cocoapods-privacy/main/resources/NSPrivacyAccessedAPITypes.plist"
+```
+
+#### To Component
+```
+$ pod privacy spec [podspec_file_path]
+```
+This command will auto create privacy file, and search the path of podspec' source_files' define relate to NSPrivacyAccessedAPITypes, finaly, write to PrivacyInfo.xcprivacy file.
+if your component has much subspec,  all subspec that define ‘source_files’ will create PrivacyInfo.xcprivacy, and auto modify .podspec link .xcprivacy to 'resource_bundle' key.
+For example
+* origin podspec
+
+```
+Pod::Spec.new do |s|
+  s.name             = 'Demo'
+  ...
+  s.source_files = 'xxxx'
+  s.subspec 'idfa' do |sp|
+      sp.source_files = 'xxxxx'
+  end
+  s.subspec 'noidfa' do |sp|
+  end
+end
+
+```
+
+* podspec after commad  👇👇👇👇👇👇
+```
+Pod::Spec.new do |s|
+  s.name             = 'Demo'
+  ...
+  s.source_files = 'xxxx'
+  s.resource_bundle = {"Demo.privacy"=>"Pod/Privacy/Demo/PrivacyInfo.xcprivacy"}
+  s.subspec 'idfa' do |sp|
+      sp.source_files = 'xxxxx'
+      sp.resource_bundle = {"Demo.idfa.privacy"=>"Pod/Privacy/Demo.idfa/PrivacyInfo.xcprivacy"}
+  end
+  s.subspec 'noidfa' do |sp|
+  end
+end
+```
+<img width="961" alt="截屏2024-02-02 11 23 21" src="https://github.com/ymoyao/cocoapods-privacy/assets/13619221/a6678c8e-c4aa-4f7d-8881-657c6d703657">
+
+
+    
+#### To Project
+```
+$ pod install --privacy
+or
+$ pod privacy install
+```
+<img width="298" alt="截屏2024-02-02 10 59 59" src="https://github.com/ymoyao/cocoapods-privacy/assets/13619221/c6f10e36-0f62-497a-93d4-f8b336dc8df4">
+
+After command, a PrivacyInfo.xcprivacy will create to you project Resources if empty. and it will search component that configuration files allow and do not have their own privacy manifest file.
+
+## Notice
+The plugin is focus on NSPrivacyAccessedAPITypes and automatically search and create workflow.
+you should manager NSPrivacyCollectedDataTypes by yourself！
+    
 
-    $ pod spec privacy POD_NAME

data/lib/cocoapods-privacy/gem_version.rb

@@ -1,3 +1,3 @@
 module CocoapodsPrivacy
-  VERSION = "0.1.5"
+  VERSION = "0.1.7"
 end

data/lib/cocoapods-privacy/privacy/PrivacyHunter.rb

@@ -116,35 +116,54 @@ module PrivacyHunter
       local_file_path = File.join(PrivacyUtils.cache_privacy_fold, 'NSPrivacyAccessedAPITypes.plist')
       
       # 获取远程文件更新时间
-      remote_file_time = remoteFileTime?(template_url)
+      remote_file_time,etag = remoteFile?(template_url)
 
       # 判断本地文件的最后修改时间是否与远端文件一致，如果一致则不进行下载
-      if File.exist?(local_file_path) && file_identical?(local_file_path, remote_file_time)
+      if File.exist?(local_file_path) && file_identical?(local_file_path, remote_file_time,etag)
       else
         # 使用 curl 下载文件
         system("curl -o #{local_file_path} #{template_url}")
         puts "隐私清单模版文件已更新到: #{local_file_path}"
 
-        # 同步远程文件时间到本地文件
-        syncFileTime?(local_file_path,remote_file_time)
+        # 同步远程文件标识（时间或者etag）
+        syncFile?(local_file_path,remote_file_time,etag)
       end
       
       local_file_path
     end
 
     # 获取远程文件更新时间
-    def self.remoteFileTime?(remote_url)
+    def self.remoteFile?(remote_url)
       uri = URI.parse(remote_url)
       http = Net::HTTP.new(uri.host, uri.port)
       http.use_ssl = (uri.scheme == 'https')
       response = http.request_head(uri.path)
 
-      response['Last-Modified']
+      last_modified = response['Last-Modified']
+      etag = response['ETag']
+
+      [last_modified,etag]
     end
 
     # 判断本地文件的最后修改时间与远端文件的最后修改时间是否一致
-    def self.file_identical?(local_file_path, remote_file_time) 
-      remote_file_time && Time.parse(remote_file_time) == File.mtime(local_file_path)
+    def self.file_identical?(local_file_path, remote_file_time, etag) 
+      if remote_file_time
+        remote_file_time && Time.parse(remote_file_time) == File.mtime(local_file_path)
+      elsif etag
+        File.exist?(File.join(PrivacyUtils.cache_privacy_etag_fold,etag))
+      else
+        false
+      end
+    end
+
+
+    # 同步文件标识
+    def self.syncFile?(local_file_path, remote_file_time, etag)
+      if remote_file_time
+        syncFileTime?(local_file_path,remote_file_time)
+      elsif etag
+        PrivacyUtils.create_file_and_fold_if_no_exit(File.join(PrivacyUtils.cache_privacy_etag_fold,etag))
+      end
     end
 
     # 同步远程文件时间到本地文件

data/lib/cocoapods-privacy/privacy/PrivacyModule.rb

@@ -174,11 +174,13 @@ module PrivacyModule
 
   # 处理组件
   def self.load_module(podspec_file_path)
+    puts "👇👇👇👇👇👇 Start analysis component privacy 👇👇👇👇👇👇"
     privacy_hash = PrivacyModule.check(podspec_file_path)
     privacy_hash.each do |privacy_file_path, source_files|
       data = PrivacyHunter.search_pricacy_apis(source_files)
       PrivacyHunter.write_to_privacy(data,privacy_file_path) unless data.empty?
     end
+    puts "👆👆👆👆👆👆 End analysis component privacy 👆👆👆👆👆👆"
   end
 
   def self.check(podspec_file_path)

data/lib/cocoapods-privacy/privacy/PrivacyUtils.rb

@@ -61,6 +61,12 @@ module PrivacyUtils
       target_directory
     end
 
+    # etag 文件夹
+    def self.cache_privacy_etag_fold
+      File.join(cache_privacy_fold,'etag')
+    end
+    
+    # config.json 文件
     def self.cache_config_file
       config_file = File.join(cache_privacy_fold, 'config.json')
     end

data/lib/cocoapods-privacy/privacy/privacy_installer_hook.rb

@@ -74,6 +74,8 @@ module Pod
 
 
     def privacy_handle(custom_folds)
+
+      puts "👇👇👇👇👇👇 Start analysis project privacy 👇👇👇👇👇👇"
       # 过滤出自身组件 && 自身没有隐私协议文件的spec
       modules = @analysis_result.specifications.select { 
         |obj| obj.is_need_search_module && !obj.has_privacy
@@ -96,8 +98,12 @@ module Pod
               podspec_fold_path = File.dirname(podspec_file_path)
               source_files = spec.attributes_hash['source_files']
               if source_files && !source_files.empty?
-                source_files.each do |file|
-                  development_folds << File.join(podspec_fold_path,file)
+                if source_files.is_a?(String) && !source_files.empty?
+                  development_folds << File.join(podspec_fold_path,source_files)
+                elsif source_files.is_a?(Array)
+                  source_files.each do |file|
+                    development_folds << File.join(podspec_fold_path,file)
+                  end
                 end
               end
             end
@@ -118,6 +124,7 @@ module Pod
         # 处理工程隐私协议
         PrivacyModule.load_project(pod_folds)
       end
+      puts "👆👆👆👆👆👆 End analysis project privacy 👆👆👆👆👆👆"
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cocoapods-privacy
 version: !ruby/object:Gem::Version
-  version: 0.1.5
+  version: 0.1.7
 platform: ruby
 authors:
 - youhui
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-02-01 00:00:00.000000000 Z
+date: 2024-02-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler