React Native, AppStore requests NSLocationAlwaysUsageDescription value

Question

I have an app with React Native. I've been uploading correctly to the app store, but today the app is rejected with the following message:

Missing Info.plist key - This app attempts to access privacy-sensitive data without a usage description. The app's Info.plist must contain an NSLocationAlwaysUsageDescription key with a string value explaining to the user how the app uses this data.

Missing Info.plist key - This app attempts to access privacy-sensitive data without a usage description. The app's Info.plist must contain an NSLocationWhenInUseUsageDescription key with a string value explaining to the user how the app uses this data.

My app doesn't use any kind of location service. The npm packages have not changed since the last version published to the app store neither have been updated, they are the same versions.

So I don't understand why Apple is saying that I am attempting to access the user location.

It is a change in the Apple Store? How can I check where is my app trying to access the user location?

This is my packages.json

  "dependencies": {
    "axios": "^0.17.1",
    "lodash": "^4.17.4",
    "moment": "^2.18.1",
    "react": "^16.0.0",
    "react-addons-shallow-compare": "^15.5.2",
    "react-native": "0.53.0",
    "react-native-drawer": "^2.3.0",
    "react-native-elements": "^0.19.0",
    "react-native-fetch-blob": "^0.10.5",
    "react-native-fs": "^2.3.3",
    "react-native-linear-gradient": "^2.0.0",
    "react-native-onesignal": "^3.0.7",
    "react-native-orientation": "^3.0.0",
    "react-native-pdf": "^3.0.0",
    "react-native-progress": "^3.4.0",
    "react-native-render-html": "^3.8.1",
    "react-native-router-flux": "^4.0.0-beta.28",
    "react-native-vector-icons": "^4.1.1",
    "react-native-video": "^2.0.0",
    "react-native-video-controls": "^2.0.0",
    "react-redux": "^5.0.4",
    "redux": "^3.6.0",
    "redux-thunk": "^2.2.0"
  }

Thank you.

Answer 1

Apple scan your binary for any calls to privacy related APIs as they describe here.

From the list above, the method call that triggers the requirement of NSLocationAlwaysUsageDescription is CLLocationManager requestAlwaysAuthorization. From a quick search of my RN 0.46 codebase, this call appears in react-native/Libraries/Geolocation/RCTLocationObserver.m as well as in the react-native-permissions so even if you don't call this code from the JS, the fact that it exists in the binary will cause Apple to flag it.

The easiest solution is just to add a plist entry for NSLocationAlwaysUsageDescription even though it won't ever appear to the user if you never ask for permission. I had this issue this morning uploading to the app store and after adding the flag, my app went through to review no problem.

Technically, unlinking libRCTGeolocation from your Xcode project should also work, although I haven't tested this so I can't guarantee that your app will still run correctly.

Answer 2

As @TylerTheCompiler has pointed in the comments, it is working again. I've uploaded the same compilation again and now the app is accepted. So it has been an issue from Apple.

Answer 3

Simply remove RCTGeolocation.xcodeproj from your Libraries folder in the left panel of Xcode, if you are really positive you don't depend on any geo location. Removing .xcodeproj will unlink libs.