cocoapods-privacy 0.5.0 → 0.5.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +39 -13
- data/lib/cocoapods-privacy/gem_version.rb +1 -1
- data/lib/cocoapods-privacy/privacy/PrivacyHunter.rb +125 -4
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 94168860cf706b12ecc89c41a75635f23e11f5afcf0b775ebf5f927a16ab6cef
|
|
4
|
+
data.tar.gz: 8bf3705783a5023c2a6b9066029d9c8e1ec40c596101c0dcf832f5fda70b34de
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1bfc8743f267c99b07afb734ef2584cd9c4ffe07960118fe2a4d2f8d82e2783dd86dd88dd716299f63ed3c373f1148d48900a9aeff24d8fef4a24257e99eecfc
|
|
7
|
+
data.tar.gz: 2b42d00dcb94b13b9bbb35df5979762e65c6ba781d1f3bc16fdf7c80988c5213b96cf7df31c05b3219170f0c16953b9c0f33f8cb7f7e490f765afbf7d6779804
|
data/README.md
CHANGED
|
@@ -1,35 +1,59 @@
|
|
|
1
1
|
# cocoapods-privacy
|
|
2
2
|
|
|
3
|
-
Apple 2024 will review the App's privacy
|
|
3
|
+
Apple 2024 will review the App's privacy manifests in the spring, and any apps that don't submit a privacy list may be called back. For now, the privacy list is broken down by component, to facilitate the maintenance of component privacy, cocoapods-privacy is developed for management.
|
|
4
4
|
[Click to view details on Apple](https://developer.apple.com/documentation/bundleresources/privacy_manifest_files)
|
|
5
5
|
|
|
6
|
+
# Introduction
|
|
7
|
+
As name as,cocoapods-privacy is a plugin for privacy manifests, and focus on cocoapods!
|
|
8
|
+
|
|
6
9
|
## Installation
|
|
7
10
|
```
|
|
8
11
|
$ gem install cocoapods-privacy
|
|
9
12
|
```
|
|
10
13
|
|
|
11
14
|
## Usage
|
|
12
|
-
|
|
15
|
+
### init
|
|
13
16
|
First of all, you must set a json config to cocoapods-privacy, this is a defalut config.json
|
|
14
17
|
```
|
|
15
18
|
$ pod privacy config https://raw.githubusercontent.com/ymoyao/cocoapods-privacy/main/resources/config.json
|
|
16
19
|
```
|
|
17
20
|
|
|
18
|
-
There has 3 keys in defalut config,
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
21
|
+
There has 3 keys in defalut config, defalut rule is :To exclude retrieval a component that git source contains certain ‘github.com’ keywords
|
|
22
|
+
```
|
|
23
|
+
"source.white.list": [],
|
|
24
|
+
"source.black.list": ["github.com"],
|
|
25
|
+
"api.template.url": "https://raw.githubusercontent.com/ymoyao/cocoapods-privacy/main/resources/NSPrivacyAccessedAPITypes.plist"
|
|
26
|
+
```
|
|
27
|
+
* source.white.list : a white list of source, it effective in command 'pod privacy install' or 'pod install --privacy', will search white list for NSPrivacyAccessedAPITypes.
|
|
28
|
+
* when the whitelist is an empty array, it means all components are whitelist(default config).
|
|
29
|
+
* when the whitelist is not empty, it means only the components in the whitelist array are retrieved.
|
|
30
|
+
* source.black.list : a black list of source, defalut is ‘github.com’, based on the whitelist, the components need to be excluded。 it effective in command 'pod privacy install' or 'pod install --privacy'.
|
|
31
|
+
* api.template.url : its required, a template for search NSPrivacyAccessedAPITypes, you can use the provided by default。
|
|
32
|
+
|
|
33
|
+
If your needs are not met, you can custom! For example, there has some components,and it‘s your local config
|
|
22
34
|
```
|
|
23
|
-
"source.white.list": ["
|
|
24
|
-
"source.black.list": ["
|
|
35
|
+
"source.white.list": ["https://github.com/ReactiveCocoa/ReactiveObjC.git","git.yourserver.com","git.otherserver.com"],
|
|
36
|
+
"source.black.list": ["github.com","https://github.com/AFNetworking/AFNetworking.git"],
|
|
25
37
|
"api.template.url": "https://raw.githubusercontent.com/ymoyao/cocoapods-privacy/main/resources/NSPrivacyAccessedAPITypes.plist"
|
|
26
38
|
```
|
|
27
|
-
|
|
39
|
+
|
|
40
|
+
```
|
|
41
|
+
https://github.com/AFNetworking/AFNetworking.git ❌ (it's in 'github.com' black list)
|
|
42
|
+
https://github.com/ReactiveCocoa/ReactiveObjC.git ❌ (it's in 'github.com' black list, although also on the white list,but the blacklist priority is high when conflict)
|
|
43
|
+
https://git.yourserver.com/xxx/xxxx.git ✅
|
|
44
|
+
https://git.yourserver.com/mmm/mmm.git ✅
|
|
45
|
+
https://git.otherserver.com/ssss/ssss.git ✅
|
|
46
|
+
https://git.yourserver.com/AFNetworking/AFNetworking.git ✅
|
|
47
|
+
```
|
|
48
|
+
|
|
49
|
+
After custom,you just update config by local like this
|
|
28
50
|
```
|
|
29
51
|
$ pod privacy config /yourfilepath/config.json
|
|
30
52
|
```
|
|
53
|
+
In a word, if you define both white and black lists ,final search range: white list minus black list, and empty white list means all!
|
|
31
54
|
|
|
32
|
-
|
|
55
|
+
|
|
56
|
+
### To Component
|
|
33
57
|
```
|
|
34
58
|
$ pod privacy spec [podspec_file_path]
|
|
35
59
|
```
|
|
@@ -71,7 +95,7 @@ end
|
|
|
71
95
|
|
|
72
96
|
|
|
73
97
|
|
|
74
|
-
|
|
98
|
+
### To Project
|
|
75
99
|
```
|
|
76
100
|
$ pod install --privacy
|
|
77
101
|
or
|
|
@@ -83,6 +107,8 @@ After command, a PrivacyInfo.xcprivacy will create to you project Resources if e
|
|
|
83
107
|
|
|
84
108
|
## Notice
|
|
85
109
|
The plugin is focus on NSPrivacyAccessedAPITypes and automatically search and create workflow.
|
|
86
|
-
you should manager NSPrivacyCollectedDataTypes by yourself!
|
|
87
|
-
|
|
110
|
+
you should manager NSPrivacyCollectedDataTypes by yourself!
|
|
111
|
+
|
|
112
|
+
##
|
|
113
|
+
Could you please consider giving our repository a star🌟🌟🌟? It would mean a lot to us and help our project gain more visibility. Thank you!
|
|
88
114
|
|
|
@@ -187,18 +187,139 @@ module PrivacyHunter
|
|
|
187
187
|
File.utime(File.atime(local_file_path), Time.parse(remote_file_time), local_file_path)
|
|
188
188
|
end
|
|
189
189
|
|
|
190
|
+
|
|
191
|
+
|
|
192
|
+
#💡💡💡以下是 invalid byte sequence in UTF-8 错误复现 的数据代码
|
|
193
|
+
# File.write("/Users/xxx/.cache/cocoapods-privacy/privacy/file.txt", "vandflyver \xC5rhus \n
|
|
194
|
+
|
|
195
|
+
# \n
|
|
196
|
+
|
|
197
|
+
# \\n
|
|
198
|
+
|
|
199
|
+
# vandflyver
|
|
200
|
+
# \xC5rhus
|
|
201
|
+
# ")
|
|
190
202
|
# 文件是否包含内容
|
|
191
203
|
def self.contains_apis?(file_path, apis)
|
|
192
|
-
|
|
204
|
+
|
|
205
|
+
#使用UTF-8 读取,无法读取的会被默认处理,修复 https://github.com/ymoyao/cocoapods-privacy/issues/7
|
|
206
|
+
file_content = File.read(file_path, encoding: 'UTF-8', invalid: :replace, undef: :replace)
|
|
207
|
+
|
|
208
|
+
#核心文件检查段落注释 /* */
|
|
209
|
+
file_extension = File.extname(file_path).downcase
|
|
210
|
+
need_check_paragraph_comment = ['.m', '.c', '.swift', '.mm', '.h', '.hap', '.hpp', '.cpp'].include?(file_extension)
|
|
211
|
+
|
|
212
|
+
if need_check_paragraph_comment
|
|
213
|
+
# 计算段注释 /**/
|
|
214
|
+
apis_found = contains_apis_ignore_all_comment(file_content.lines,apis)
|
|
215
|
+
else
|
|
216
|
+
# 计算单独行注释 //
|
|
217
|
+
apis_found = contains_apis_ignore_line_comment(file_content.lines,apis)
|
|
218
|
+
end
|
|
219
|
+
apis_found
|
|
220
|
+
end
|
|
221
|
+
|
|
222
|
+
def self.contains_apis_ignore_line_comment(lines,apis)
|
|
193
223
|
apis_found = {}
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
|
|
224
|
+
# 初始化状态机,表示不在注释块内
|
|
225
|
+
in_block_comment_count = 0
|
|
226
|
+
in_block_comment = false
|
|
227
|
+
lines.each do |line|
|
|
228
|
+
next if line.strip.empty? #忽略空行
|
|
229
|
+
next if line.strip.start_with?('//') #忽略单行
|
|
230
|
+
|
|
231
|
+
apis.each do |keyword, value|
|
|
232
|
+
if line.include?(keyword)
|
|
233
|
+
apis_found[keyword] = value
|
|
234
|
+
end
|
|
197
235
|
end
|
|
198
236
|
end
|
|
199
237
|
|
|
200
238
|
apis_found
|
|
201
239
|
end
|
|
240
|
+
|
|
241
|
+
def self.contains_apis_ignore_all_comment(lines,apis)
|
|
242
|
+
apis_found = {}
|
|
243
|
+
|
|
244
|
+
# 段注释和单行注释标志
|
|
245
|
+
in_block_comment = false
|
|
246
|
+
in_line_comment = false
|
|
247
|
+
|
|
248
|
+
# 是否可以触发注释标识,当为true 时可以触发 /*段注释 或者 //单行注释
|
|
249
|
+
can_trigger_comments_flag = true
|
|
250
|
+
|
|
251
|
+
# 统计计数器
|
|
252
|
+
count_comments = 0
|
|
253
|
+
|
|
254
|
+
lines.each do |line|
|
|
255
|
+
next if line.strip.empty? #忽略空行
|
|
256
|
+
next if line.strip.start_with?('//') && !in_block_comment #忽略单行
|
|
257
|
+
|
|
258
|
+
chars = line.chars
|
|
259
|
+
index = 0
|
|
260
|
+
while index < chars.size
|
|
261
|
+
char = chars[index]
|
|
262
|
+
|
|
263
|
+
if char == '/'
|
|
264
|
+
if chars[index + 1] == '*'
|
|
265
|
+
# 检测到 /* 且can_trigger_comments_flag标识为true时,判定为进入 段注释
|
|
266
|
+
if can_trigger_comments_flag
|
|
267
|
+
in_line_comment = false #重置行标识
|
|
268
|
+
in_block_comment = true #标记正在段注释中
|
|
269
|
+
can_trigger_comments_flag = false #回收头部重置标识
|
|
270
|
+
end
|
|
271
|
+
|
|
272
|
+
#段注释每次 遇到 /* 都累加1
|
|
273
|
+
if in_block_comment
|
|
274
|
+
count_comments += 1
|
|
275
|
+
end
|
|
276
|
+
|
|
277
|
+
#跳过当前 /* 两个字符
|
|
278
|
+
index += 2
|
|
279
|
+
next
|
|
280
|
+
# 检测到 can_trigger_comments_flag 为true,且 // 时,说明触发了段注释之后的单行注释 ==》 /**///abcd
|
|
281
|
+
elsif chars[index + 1] == '/' && can_trigger_comments_flag
|
|
282
|
+
in_line_comment = true
|
|
283
|
+
in_block_comment = false
|
|
284
|
+
can_trigger_comments_flag = true
|
|
285
|
+
break
|
|
286
|
+
end
|
|
287
|
+
# 检测到段注释的end 标识 */
|
|
288
|
+
elsif in_block_comment && char == '*' && chars[index + 1] == '/'
|
|
289
|
+
|
|
290
|
+
#段注释每次 遇到 */ 都累减1
|
|
291
|
+
count_comments -= 1
|
|
292
|
+
|
|
293
|
+
#当/* */ 配对时,说明当前段注释结束了
|
|
294
|
+
if count_comments == 0
|
|
295
|
+
in_line_comment = false
|
|
296
|
+
in_block_comment = false
|
|
297
|
+
can_trigger_comments_flag = true
|
|
298
|
+
end
|
|
299
|
+
|
|
300
|
+
#跳过当前 */ 两个字符
|
|
301
|
+
index += 2
|
|
302
|
+
next
|
|
303
|
+
end
|
|
304
|
+
|
|
305
|
+
# 其他情况,前进一个字符
|
|
306
|
+
index += 1
|
|
307
|
+
end
|
|
308
|
+
|
|
309
|
+
if !in_block_comment && !in_line_comment
|
|
310
|
+
apis.each do |keyword, value|
|
|
311
|
+
if line.include?(keyword)
|
|
312
|
+
apis_found[keyword] = value
|
|
313
|
+
end
|
|
314
|
+
end
|
|
315
|
+
end
|
|
316
|
+
|
|
317
|
+
#每行结束时,重置行标识
|
|
318
|
+
in_line_comment = false
|
|
319
|
+
end
|
|
320
|
+
apis_found
|
|
321
|
+
end
|
|
322
|
+
|
|
202
323
|
|
|
203
324
|
#搜索所有子文件夹
|
|
204
325
|
def self.search_files(folder_paths, exclude_folders, apis)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cocoapods-privacy
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.5.
|
|
4
|
+
version: 0.5.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- youhui
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-04-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|