Update firebasex plugin to use GoogleSignIn package version 7.1.0 - iOS Privacy Manifest Warnings

[OliverJacobRE]

Hello,

We've recently started receiving the following warnings from Apple due to our app consuming sdks that have not declared a privacy manifest file...

ITMS-91061: Missing privacy manifest - Your app includes “Frameworks/GTMAppAuth.framework/GTMAppAuth”, which includes GTMAppAuth, an SDK that was identified in the documentation as a privacy-impacting third-party SDK. Starting February 12, 2025, if a new app includes a privacy-impacting SDK, or an app update adds a new privacy-impacting SDK, the SDK must include a privacy manifest file. Please contact the provider of the SDK that includes this file to get an updated SDK version with a privacy manifest. For more details about this policy, including a list of SDKs that are required to include signatures and manifests, visit: Upcoming third-party SDK requirements - Support - Apple Developer .

ITMS-91061: Missing privacy manifest - Your app includes “Frameworks/GTMSessionFetcher.framework/GTMSessionFetcher”, which includes GTMSessionFetcher, an SDK that was identified in the documentation as a privacy-impacting third-party SDK. Starting February 12, 2025, if a new app includes a privacy-impacting SDK, or an app update adds a new privacy-impacting SDK, the SDK must include a privacy manifest file. Please contact the provider of the SDK that includes this file to get an updated SDK version with a privacy manifest. For more details about this policy, including a list of SDKs that are required to include signatures and manifests, visit: Upcoming third-party SDK requirements - Support - Apple Developer .

ITMS-91061: Missing privacy manifest - Your app includes “Frameworks/GoogleSignIn.framework/GoogleSignIn”, which includes GoogleSignIn, an SDK that was identified in the documentation as a privacy-impacting third-party SDK. Starting February 12, 2025, if a new app includes a privacy-impacting SDK, or an app update adds a new privacy-impacting SDK, the SDK must include a privacy manifest file. Please contact the provider of the SDK that includes this file to get an updated SDK version with a privacy manifest. For more details about this policy, including a list of SDKs that are required to include signatures and manifests, visit: Upcoming third-party SDK requirements - Support - Apple Developer .

We think potentially the firebasex plugin is using the GoogleSignIn sdk which is then using the GTMAppAuth & GTMSessionFetcher sdks.

However from what we can see the latest version of this plugin is still using GoogleSignIn version 7.0.0 and the privacy manifest file was only added in release 7.1.0...

https://github.com/google/GoogleSignIn-iOS/releases/tag/7.1.0

Is there any plan to update the plugin at some point to use the 7.1.0 version of GoogleSignIn?

[dpa99c]

The pinned default version can be updated in the next release but in the meantime you can use the IOS_GOOGLE_SIGIN_VERSION (typo intended as this is present in the hook script from the original PR):

cordova plugin rm cordova-plugin-firebasex --nosave && cordova plugin add cordova plugin rm cordova-plugin-firebasex --variable IOS_GOOGLE_SIGIN_VERSION=7.1.0

[OliverJacobRE]

Thank you! Will try this out.