Our hybrid mobile app for iOS (that is developed with MobileFirst 7.1) was rejected recently by Apple:
This app attempts to access privacy-sensitive data without a usage description. The app's Info.plist must contain an NSPhotoLibraryUsageDescription key with a string value explaining to the user how the app uses this data.
However, the app does not use Photo Library. So, the issue should come from one of the libraries we use. Besides CordovaLib (that comes with MobileFirst), we use email-composer (cordova-plugin-email-composer), PushPlugin (https://github.com/phonegap-build/PushPlugin) and barcodescanner (https://github.com/phonegap/phonegap-plugin-barcodescanner). Barcodescanner requires camera access (the key was included to Info.plist before submission), but not photo library access. For the other two plugins there is no information on their web pages about iOS 10 and their use cases is too far away from Photo Library.
So, the questions are:
P.S. I know that I can just add NSPhotoLibraryUsageDescription key to Info.plist, but thats not what I want: the app does not need photo library and I don't want to add such a key. Can not post a link to email-composer due to stack overflow restrictions.
So, it is the answer: embedded Cordova plugins that comes with MobileFirst caused problems. Submission to TestFlight without barcodescanner but with these plugins failed with the same issue. Removing embedded plugins solved the problem and submission was accepted.
https://mobilefirstplatform.ibmcloud.com/blog/2016/10/25/supporting-privacy-changes-in-ios-10/
P.S. It is not clear why there were only problems with Photo Library and not with Contacts, for example, but anyway it worked.