* [pve-devel] [PATCH pve_flutter_frontend v2] chore: ios: add export compliance key to info.plist @ 2025-09-25 12:32 Shan Shaji 2025-09-26 9:21 ` Dominik Csapak 0 siblings, 1 reply; 3+ messages in thread From: Shan Shaji @ 2025-09-25 12:32 UTC (permalink / raw) To: pve-devel Every time when a new build is uploaded to appstoreconnect, the export compliance [0] status needs to be manually selected. Since there are no proprietary encryptions used in the app in-order to avoid manually filling the export compliance add `ITSAppUsesNonExemptEncryption` [1] to `Info.plist`. - [0] https://developer.apple.com/help/app-store-connect/manage-app-information/overview-of-export-compliance - [1] https://developer.apple.com/documentation/security/complying-with-encryption-export-regulations References: - https://medium.com/@thibault.jamet/navigating-export-compliance-a-flutter-developers-journey-to-the-app-store-ce7a5328f37d - https://developer.apple.com/help/app-store-connect/reference/export-compliance-documentation-for-encryption - https://www.reddit.com/r/FlutterDev/comments/1elm705/comment/lgyk31y/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button Signed-off-by: Shan Shaji <s.shaji@proxmox.com> --- changes since v1: - Fixed broken link inside commit message. ios/Runner/Info.plist | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ios/Runner/Info.plist b/ios/Runner/Info.plist index 9949e0f..a5587ed 100644 --- a/ios/Runner/Info.plist +++ b/ios/Runner/Info.plist @@ -22,6 +22,8 @@ <string>????</string> <key>CFBundleVersion</key> <string>$(FLUTTER_BUILD_NUMBER)</string> + <key>ITSAppUsesNonExemptEncryption</key> + <false/> <key>LSRequiresIPhoneOS</key> <true/> <key>NSFaceIDUsageDescription</key> -- 2.50.1 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [pve-devel] [PATCH pve_flutter_frontend v2] chore: ios: add export compliance key to info.plist 2025-09-25 12:32 [pve-devel] [PATCH pve_flutter_frontend v2] chore: ios: add export compliance key to info.plist Shan Shaji @ 2025-09-26 9:21 ` Dominik Csapak 2025-09-26 9:51 ` Thomas Lamprecht 0 siblings, 1 reply; 3+ messages in thread From: Dominik Csapak @ 2025-09-26 9:21 UTC (permalink / raw) To: Proxmox VE development discussion, Shan Shaji; +Cc: Thomas Lamprecht I'm not a lawyer, but are you sure we are compliant with this? the https client will use encryption, so it's not like we don't use encryption at all. (Especially with the cupertino_http package) I guess this is exempt, but having some reference for that (aside some medium/reddit post) would be nice. At least some kind of rationale in the commit would be good. (IMHO 'we don't use proprietary encryption' is not a good reason when also 'standard encryption' falls under the export regulation...) @Thomas, what do you think? On 9/25/25 2:32 PM, Shan Shaji wrote: > Every time when a new build is uploaded to appstoreconnect, the export > compliance [0] status needs to be manually selected. Since there are no > proprietary encryptions used in the app in-order to avoid manually > filling the export compliance add `ITSAppUsesNonExemptEncryption` [1] > to `Info.plist`. > > - [0] https://developer.apple.com/help/app-store-connect/manage-app-information/overview-of-export-compliance > - [1] https://developer.apple.com/documentation/security/complying-with-encryption-export-regulations > > References: > - https://medium.com/@thibault.jamet/navigating-export-compliance-a-flutter-developers-journey-to-the-app-store-ce7a5328f37d > - https://developer.apple.com/help/app-store-connect/reference/export-compliance-documentation-for-encryption > - https://www.reddit.com/r/FlutterDev/comments/1elm705/comment/lgyk31y/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button > > Signed-off-by: Shan Shaji <s.shaji@proxmox.com> > --- > changes since v1: > - Fixed broken link inside commit message. > > ios/Runner/Info.plist | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/ios/Runner/Info.plist b/ios/Runner/Info.plist > index 9949e0f..a5587ed 100644 > --- a/ios/Runner/Info.plist > +++ b/ios/Runner/Info.plist > @@ -22,6 +22,8 @@ > <string>????</string> > <key>CFBundleVersion</key> > <string>$(FLUTTER_BUILD_NUMBER)</string> > + <key>ITSAppUsesNonExemptEncryption</key> > + <false/> > <key>LSRequiresIPhoneOS</key> > <true/> > <key>NSFaceIDUsageDescription</key> _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [pve-devel] [PATCH pve_flutter_frontend v2] chore: ios: add export compliance key to info.plist 2025-09-26 9:21 ` Dominik Csapak @ 2025-09-26 9:51 ` Thomas Lamprecht 0 siblings, 0 replies; 3+ messages in thread From: Thomas Lamprecht @ 2025-09-26 9:51 UTC (permalink / raw) To: Dominik Csapak, Proxmox VE development discussion, Shan Shaji Am 26.09.25 um 11:21 schrieb Dominik Csapak: > I'm not a lawyer, but are you sure we are compliant with this? > > the https client will use encryption, so it's not like we don't use > encryption at all. (Especially with the cupertino_http package) We use it, but we do not implement it, which is the key point here. > I guess this is exempt, but having some reference for that (aside > some medium/reddit post) would be nice. > > At least some kind of rationale in the commit would be good. > (IMHO 'we don't use proprietary encryption' is not a good reason > when also 'standard encryption' falls under the export regulation...) > > @Thomas, what do you think? We basically only need to check if any of the used dependencies implements the (lower level) encryption that HTTPS builds upon themselves, compared to using the platform libraries for that. And doing so would be good in any case, which would be an actual blocker for us anyway, i.e. independent of legal compliance with app stores, as that needs to be thoroughly vetted then, and even if we could to that (which I don't think we got the capacity to thoroughly do for this, especially considering the ROI here), would still need other to feel somewhat confident. I quickly checked cupertino_http [0], and from what I saw it uses only iOS platform native interfaces for TLS and the like, if that holds true (please check closer), we would be indeed compliant and can indeed signal this through setting ITSAppUsesNonExemptEncryption flag to false. [0]: https://github.com/dart-lang/http/tree/master/pkgs/cupertino_http/lib/src _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2025-09-26 9:51 UTC | newest] Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2025-09-25 12:32 [pve-devel] [PATCH pve_flutter_frontend v2] chore: ios: add export compliance key to info.plist Shan Shaji 2025-09-26 9:21 ` Dominik Csapak 2025-09-26 9:51 ` Thomas Lamprecht
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox