initial implementation

Author: fxwx23

LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2024 fxwx23
+Copyright (c) 2024 fxwx23 (Fumitaka Watanabe)
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

Package.swift

@@ -4,20 +4,27 @@
 import PackageDescription
 
 let package = Package(
-    name: "PrivacyReportGen",
-    products: [
-        // Products define the executables and libraries a package produces, making them visible to other packages.
-        .library(
-            name: "PrivacyReportGen",
-            targets: ["PrivacyReportGen"]),
-    ],
-    targets: [
-        // Targets are the basic building blocks of a package, defining a module or a test suite.
-        // Targets can depend on other targets in this package and products from dependencies.
-        .target(
-            name: "PrivacyReportGen"),
-        .testTarget(
-            name: "PrivacyReportGenTests",
-            dependencies: ["PrivacyReportGen"]),
-    ]
+  name: "PrivacyReportGen",
+  platforms: [.macOS(.v14)],
+  products: [
+    .plugin(name: "PrivacyReport Generate", targets: ["PrivacyReport Generate"])
+  ],
+  targets: [
+    .plugin(
+      name: "PrivacyReport Generate",
+      capability: .command(
+        intent: .custom(
+          verb: "generate-privacy-report",
+          description: "Generate privacy report from xcarchive"),
+        permissions: [
+          .writeToPackageDirectory(reason: "Save generated privacy report if needed")
+        ]
+      )
+    ),
+    .target(name: "PrivacyReportGen"),
+    .testTarget(
+      name: "PrivacyReportGenTests",
+      dependencies: ["PrivacyReportGen"]
+    ),
+  ]
 )

Plugins/PrivacyReport Generate/ArgumentExtractor.swift

@@ -0,0 +1,34 @@
+import Foundation
+import PackagePlugin
+
+enum ArgumentParsingError: LocalizedError, CustomStringConvertible {
+  case missingValue(option: String)
+  case unintendedValue(option: String)
+
+  var description: String {
+    switch self {
+    case .missingValue(let option):
+      return "missing value for the option named --\(option)"
+    case .unintendedValue(let option):
+      return "unintended value for the option named --\(option)"
+    }
+  }
+
+  var errorDescription: String? {
+    return description
+  }
+}
+
+extension ArgumentExtractor {
+  mutating func extractXCArchiveURL() throws -> URL {
+    let optionName = "xcarchive-path"
+    let xcarchivePath = extractOption(named: optionName)
+    guard let path = xcarchivePath.first else {
+      throw ArgumentParsingError.missingValue(option: optionName)
+    }
+    guard path.hasSuffix(".xcarchive") else {
+      throw ArgumentParsingError.unintendedValue(option: optionName)
+    }
+    return URL(fileURLWithPath: path, isDirectory: true)
+  }
+}

Plugins/PrivacyReport Generate/PrivacyReportGenerate.swift

@@ -0,0 +1,26 @@
+import Foundation
+import PackagePlugin
+
+/// Generate privacy report from xcarchive.
+@main struct PrivacyReportGenerate: CommandPlugin {
+
+  func performCommand(context: PluginContext, arguments: [String]) throws {
+    var argumentExtractor = ArgumentExtractor(arguments)
+
+    let xcachiveURL = try argumentExtractor.extractXCArchiveURL()
+
+    let jsonFlag = argumentExtractor.extractFlag(named: "json")
+    let outputDirectoryPathOption = argumentExtractor.extractOption(named: "output-directory")
+    let reportNameOption = argumentExtractor.extractOption(named: "report-name")
+
+    let privacyReportGen = PrivacyReportGen(
+      arguments: .init(
+        outputFileType: jsonFlag == 1 ? .json : .plist,
+        outputDirectoryPath: outputDirectoryPathOption.first,
+        reportName: reportNameOption.first
+      )
+    )
+
+    try privacyReportGen.generateReportFromXCArchive(at: xcachiveURL)
+  }
+}

Plugins/PrivacyReport Generate/Symbolic Links/PrivacyReportGen

@@ -0,0 +1 @@
+../../../Sources/PrivacyReportGen

README.md

@@ -1 +1,47 @@
-# PrivacyReportGen
+# PrivacyReportGen
+
+PrivacyReportGen is an open-source tool that generates JSON or plist files from xcarchive files, containing the same data as the [privacy peport](https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_data_use_in_privacy_manifests#4239187) PDF file that can be generated from Xcode. This allows for easy comparison of differences between reports.
+
+## Features
+
+- Extracts privacy report data from xcarchive files
+- Generates JSON and plist format files
+- Facilitates comparison of privacy report data
+
+## Installation
+
+To use PrivacyReportGen, install it via Swift Package Manager. Add PrivacyReportGen as plugin in your `Package.swift`.
+
+```Package.swift
+let package = Package(
+    name: "Tools",
+    platforms: [.macOS(.v14)],
+    products: [ ... ],
+    dependencies: [
+        ...
+        .package(url: "https://github.com/fxwx23/PrivacyReportGen", exact: "0.0.0"),
+    ],
+    targets: [ ... ]
+)
+```
+
+## Usage
+
+To generate a privacy report in JSON or plist format, run the following command plugin:
+```bash
+$ swift package plugin generate-privacy-report --xcarchive-path '/path/to/your/App.xcarchive'
+```
+
+### Command Options
+- `--xcarchive-path` : Specifies the path to the xcarchive file from which to generate the privacy report data. (Required)
+- `--json` : Specifies JSON as the output format for the generated privacy report. (default is plist)
+- `--output-directory` : Specifies the directory where the generated privacy report file will be saved. (default is package path) 
+- `--report-name` : Specifies the name of the generated privacy report file. (default is `PrivacyReport` )
+
+## Contributing
+
+Contributions are welcome! Please fork the repository and submit a pull request with your improvements.
+
+## License
+
+PrivacyReportGen is released under the MIT License. See LICENSE for more information.

Sources/PrivacyReportGen/AppPrivacyConfiguration.swift

@@ -0,0 +1,93 @@
+import Foundation
+
+/// AppPrivacyConfiguration is mapping for prvacy manifest named PrivacyInfo.xcprivacy.
+///
+/// refs:
+///  - https://developer.apple.com/documentation/bundleresources/privacy_manifest_files
+///  - https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/adding_a_privacy_manifest_to_your_app_or_third-party_sdk
+///  - https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_data_use_in_privacy_manifests
+///  - https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api
+struct AppPrivacyConfiguration: Codable {
+  var isTrackingEnabled: Bool?
+  var trackingDomains: [String]?
+  var privacyNutritionLabels: [PrivacyNutritionLabel]
+  var privacyAccessedAPITypes: [PrivacyAccessedAPIType]
+
+  enum CodingKeys: String, CodingKey {
+    case isTrackingEnabled = "NSPrivacyTracking"
+    case trackingDomains = "NSPrivacyTrackingDomains"
+    case privacyNutritionLabels = "NSPrivacyCollectedDataTypes"
+    case privacyAccessedAPITypes = "NSPrivacyAccessedAPITypes"
+  }
+
+  struct PrivacyNutritionLabel: Codable {
+    var collectedDataType: CollectedDataType
+    var isLinkedToUser: Bool
+    var isUsedForTracking: Bool
+    var collectionPurposes: [CollectionPurpose]
+
+    enum CodingKeys: String, CodingKey {
+      case collectedDataType = "NSPrivacyCollectedDataType"
+      case isLinkedToUser = "NSPrivacyCollectedDataTypeLinked"
+      case isUsedForTracking = "NSPrivacyCollectedDataTypeTracking"
+      case collectionPurposes = "NSPrivacyCollectedDataTypePurposes"
+    }
+
+    enum CollectedDataType: String, Codable {
+      case name = "NSPrivacyCollectedDataTypeName"
+      case emailAddress = "NSPrivacyCollectedDataTypeEmailAddress"
+      case phoneNumber = "NSPrivacyCollectedDataTypePhoneNumber"
+      case physicalAddress = "NSPrivacyCollectedDataTypePhysicalAddress"
+      case otherUserContactInfo = "NSPrivacyCollectedDataTypeOtherUserContactInfo"
+      case health = "NSPrivacyCollectedDataTypeHealth"
+      case fitness = "NSPrivacyCollectedDataTypeFitness"
+      case paymentInfo = "NSPrivacyCollectedDataTypePaymentInfo"
+      case creditInfo = "NSPrivacyCollectedDataTypeCreditInfo"
+      case otherFinancialInfo = "NSPrivacyCollectedDataTypeOtherFinancialInfo"
+      case preciseLocation = "NSPrivacyCollectedDataTypePreciseLocation"
+      case coarseLocation = "NSPrivacyCollectedDataTypeCoarseLocation"
+      case sensitiveInfo = "NSPrivacyCollectedDataTypeSensitiveInfo"
+      case contacts = "NSPrivacyCollectedDataTypeContacts"
+      case emailsOrTextMessages = "NSPrivacyCollectedDataTypeEmailsOrTextMessages"
+      case photosOrVideos = "NSPrivacyCollectedDataTypePhotosorVideos"
+      case audioData = "NSPrivacyCollectedDataTypeAudioData"
+      case gameplayContent = "NSPrivacyCollectedDataTypeGameplayContent"
+      case customerSupport = "NSPrivacyCollectedDataTypeCustomerSupport"
+      case otherUserContent = "NSPrivacyCollectedDataTypeOtherUserContent"
+      case browsingHistory = "NSPrivacyCollectedDataTypeBrowsingHistory"
+      case searchHistory = "NSPrivacyCollectedDataTypeSearchHistory"
+      case userId = "NSPrivacyCollectedDataTypeUserID"
+      case deviceId = "NSPrivacyCollectedDataTypeDeviceID"
+      case purchaseHistory = "NSPrivacyCollectedDataTypePurchaseHistory"
+      case productInteraction = "NSPrivacyCollectedDataTypeProductInteraction"
+      case advertisingData = "NSPrivacyCollectedDataTypeAdvertisingData"
+      case otherUsageData = "NSPrivacyCollectedDataTypeOtherUsageData"
+      case crashData = "NSPrivacyCollectedDataTypeCrashData"
+      case performanceData = "NSPrivacyCollectedDataTypePerformanceData"
+      case otherDiagnosticData = "NSPrivacyCollectedDataTypeOtherDiagnosticData"
+      case environmentScanning = "NSPrivacyCollectedDataTypeEnvironmentScanning"
+      case hands = "NSPrivacyCollectedDataTypeHands"
+      case head = "NSPrivacyCollectedDataTypeHead"
+      case otherDataTypes = "NSPrivacyCollectedDataTypeOtherDataTypes"
+    }
+
+    enum CollectionPurpose: String, Codable {
+      case thirdPartyAdvertising = "NSPrivacyCollectedDataTypePurposeThirdPartyAdvertising"
+      case developerAdvertising = "NSPrivacyCollectedDataTypePurposeDeveloperAdvertising"
+      case analytics = "NSPrivacyCollectedDataTypePurposeAnalytics"
+      case productPersonalization = "NSPrivacyCollectedDataTypePurposeProductPersonalization"
+      case appFunctionality = "NSPrivacyCollectedDataTypePurposeAppFunctionality"
+      case purposeOther = "NSPrivacyCollectedDataTypePurposeOther"
+    }
+  }
+
+  struct PrivacyAccessedAPIType: Codable {
+    var accessedAPIType: String
+    var accessedAPIReasons: [String]
+
+    enum CodingKeys: String, CodingKey {
+      case accessedAPIType = "NSPrivacyAccessedAPIType"
+      case accessedAPIReasons = "NSPrivacyAccessedAPITypeReasons"
+    }
+  }
+}

Sources/PrivacyReportGen/PrivacyManifestExplorer.swift

@@ -0,0 +1,65 @@
+import Foundation
+
+enum PrivacyManifestExploringError: LocalizedError, CustomStringConvertible {
+  case directoryEnumeratorInitializationFailed
+  var description: String {
+    switch self {
+    case .directoryEnumeratorInitializationFailed:
+      "failed to initialize directory enumerator"
+    }
+  }
+
+  var errorDescription: String? {
+    return description
+  }
+}
+
+class PrivacyManifestExplorer {
+  private static let fileManager = FileManager.default
+
+  func exploreManifestURLs(at xcachiveURL: URL) throws -> [URL] {
+    let resourceKeys = Set<URLResourceKey>([.nameKey, .isDirectoryKey])
+    guard
+      let directoryEnumerator = Self.fileManager.enumerator(
+        at: xcachiveURL,
+        includingPropertiesForKeys: Array(resourceKeys),
+        options: [.skipsHiddenFiles, .producesRelativePathURLs]
+      )
+    else {
+      throw PrivacyManifestExploringError.directoryEnumeratorInitializationFailed
+    }
+
+    var manifestURLs: [URL] = []
+    for case let fileURL as URL in directoryEnumerator {
+      guard let resourceValues = try? fileURL.resourceValues(forKeys: resourceKeys),
+        let isDirectory = resourceValues.isDirectory,
+        let name = resourceValues.name
+      else {
+        continue
+      }
+
+      if isDirectory {
+        if shouldSkipDescendants(at: directoryEnumerator.level, name: name) {
+          directoryEnumerator.skipDescendants()
+        }
+      } else if name == "PrivacyInfo.xcprivacy" {
+        manifestURLs.append(fileURL)
+      }
+    }
+
+    return manifestURLs
+  }
+
+  private func shouldSkipDescendants(at directoryLevel: Int, name: String) -> Bool {
+    switch (directoryLevel, name) {
+    case (1, "Products"), (2, "Applications"), (4, "Frameworks"):
+      return false
+    case (3, _) where name.hasSuffix(".app"):
+      return false
+    case _ where name.hasSuffix(".bundle") || name.hasSuffix(".framework"):
+      return false
+    default:
+      return true
+    }
+  }
+}

Sources/PrivacyReportGen/PrivacyManifestFile.swift

@@ -0,0 +1,6 @@
+import Foundation
+
+struct PrivacyManifestFile {
+  let path: String
+  let configuration: AppPrivacyConfiguration
+}