AvoidIosInAppBrowserForAuthRule class

Warns when apps use advertising/tracking without App Tracking Transparency.

Since: v2.4.0 | Updated: v4.13.0 | Rule version: v2

iOS 14.5+ requires apps to request user permission before tracking via App Tracking Transparency (ATT). Apps that track without permission are rejected by App Store review.

What Requires ATT

IDFA (Identifier for Advertisers) access
Third-party advertising SDKs (AdMob, Facebook Ads, etc.)
Analytics that link user data across apps/websites
Any form of cross-app user tracking

What Does NOT Require ATT

First-party analytics (no cross-app linking)
Fraud detection
Security purposes
Contextual advertising (not user-based)

Example

BAD:

// Using AdMob without ATT check
await AdMob.initialize();

GOOD:

// Request ATT permission first
final status = await AppTrackingTransparency.requestTrackingAuthorization();
if (status == TrackingStatus.authorized) {
  await AdMob.initialize();
}

@see App Tracking Transparency @see app_tracking_transparency package

Inheritance

Object
SaropaLintRule
AvoidIosInAppBrowserForAuthRule

Constructors

AvoidIosInAppBrowserForAuthRule(): Creates a new instance of AvoidIosInAppBrowserForAuthRule.

Properties

accuracyTarget → AccuracyTarget?: Optional accuracy target for this rule (for documentation and tooling). Does not enforce; used by reports and rule-audit scripts.
no setterinherited
applicableFileTypes → Set<FileType>?: The file types this rule applies to.
no setterinherited
canUseParsedResult → bool: Indicates whether this analysis rule can work with just the parsed information or if it requires a resolved unit.
no setterinherited
certIds → List<String>: CERT coding standard identifiers (e.g. STR02-C). Populate only where there is a clear mapping; leave empty for most rules initially.
no setterinherited
code → LintCode: The lint code for this rule.
no setterinherited
configAliases → List<String>: Alternate config keys that can be used to reference this rule.
no setterinherited
cost → RuleCost: The estimated execution cost of this rule.
no setteroverride
cweIds → List<int>: CWE identifiers this rule helps prevent or detect. https://cwe.mitre.org/ — e.g. 798 for CWE-798 (Hardcoded Credentials).
no setterinherited
description → String: Short description suitable for display in console output and IDEs.
finalinherited
diagnosticCode → DiagnosticCode: The code to report for a violation.
no setterinherited
diagnosticCodes → List<DiagnosticCode>: The diagnostic codes associated with this analysis rule.
no setterinherited
documentationUrl → String: Returns the documentation URL for this rule.
no setterinherited
effectiveSeverity → DiagnosticSeverity?: Get the effective severity for this rule, considering overrides.
no setterinherited
exampleBad → String?: Short code example that VIOLATES this rule (shown in CLI walkthrough).
no setterinherited
exampleGood → String?: Short code example of COMPLIANT code (shown in CLI walkthrough).
no setterinherited
fixGenerators → List<SaropaFixGenerator>: Fix producer generators for this rule.
no setterinherited
hashCode → int: The hash code for this object.
no setterinherited
hyphenatedName → String: Returns the rule name in hyphenated format for display.
no setterinherited
impact → LintImpact: OAuth via WebView is blocked by identity providers.
no setteroverride
incompatibleRules → List<String>: A list of incompatible rule names.
no setterinherited
isDisabled → bool: Check if this rule is disabled via configuration.
no setterinherited
maximumLineCount → int: Maximum line count for this rule to run.
no setterinherited
minimumLineCount → int: Minimum line count for this rule to run.
no setterinherited
name → String: The rule name.
finalinherited
owasp → OwaspMapping?: OWASP categories this rule helps prevent.
no setterinherited
pubspecVisitor → PubspecVisitor?: A visitor that visits a Pubspec to perform analysis.
no setterinherited
reporter ← DiagnosticReporter: Sets the DiagnosticReporter for the CompilationUnit currently being visited.
no getterinherited
requiredPatterns → Set<String>?: String patterns that must be present in the file for this rule to run.
no setterinherited
requiresAsync → bool: Whether this rule only applies to async code.
no setterinherited
requiresBlocImport → bool: Whether this rule only applies to files that import Bloc.
no setterinherited
requiresClassDeclaration → bool: Whether this rule only applies to files with class declarations.
no setterinherited
requiresFlutterImport → bool: Whether this rule only applies to files that import Flutter.
no setterinherited
requiresImports → bool: Whether this rule only applies to files with imports.
no setterinherited
requiresMainFunction → bool: Whether this rule only applies to files with a main() function.
no setterinherited
requiresProviderImport → bool: Whether this rule only applies to files that import Provider.
no setterinherited
requiresRiverpodImport → bool: Whether this rule only applies to files that import Riverpod.
no setterinherited
requiresWidgets → bool: Whether this rule only applies to Flutter widget code.
no setterinherited
ruleStatus → RuleStatus: Lifecycle status. Default RuleStatus.ready. Use RuleStatus.beta for new or heuristic-heavy rules; RuleStatus.deprecated for sunset.
no setterinherited
ruleType → RuleType?: Semantic type of this rule. Default null = unspecified (legacy). When set, used for quality gates, accuracy targets, and reporting.
no setteroverride
runtimeType → Type: A representation of the runtime type of the object.
no setterinherited
skipExampleFiles → bool: Whether to skip example files (example/**).
no setterinherited
skipFixtureFiles → bool: Whether to skip fixture files (fixture/, fixtures/).
no setterinherited
skipGeneratedCode → bool: Whether to skip generated files (*.g.dart, *.freezed.dart, *.gen.dart).
no setterinherited
skipTestFiles → bool: Whether to skip test files (*_test.dart, test/**).
no setterinherited
state → RuleState: The state of this analysis rule.
finalinherited
tags → Set<String>: Tags for filtering and discovery (e.g. in docs, IDE, or CI). Examples: 'performance', 'accessibility', 'suspicious', 'convention'.
no setteroverride
testRelevance → TestRelevance: How this rule relates to test files.
no setterinherited

Methods

noSuchMethod(Invocation invocation) → dynamic: Invoked when a nonexistent method or property is accessed.
inherited
registerNodeProcessors(RuleVisitorRegistry registry, RuleContext ruleContext) → void: Registers node processors in the given registry.
inherited
reportAtNode(AstNode? node, {List<Object> arguments = const [], List<DiagnosticMessage>? contextMessages}) → Diagnostic?: Reports a diagnostic at node with message arguments and contextMessages.
inherited
reportAtOffset(int offset, int length, {List<Object> arguments = const [], List<DiagnosticMessage>? contextMessages}) → Diagnostic: Reports a diagnostic at offset, with length, with message arguments and contextMessages.
inherited
reportAtPubNode(PubspecNode node, {List<Object> arguments = const [], List<DiagnosticMessage> contextMessages = const []}) → Diagnostic: Reports a diagnostic at Pubspec node, with message arguments and contextMessages.
inherited
reportAtSourceRange(SourceRange sourceRange, {List<Object> arguments = const [], List<DiagnosticMessage>? contextMessages}) → Diagnostic: Reports a diagnostic at sourceRange, with message arguments and contextMessages.
inherited
reportAtToken(Token token, {List<Object> arguments = const [], List<DiagnosticMessage>? contextMessages}) → Diagnostic?: Reports a diagnostic at token, with message arguments and contextMessages.
inherited
runWithReporter(SaropaDiagnosticReporter reporter, SaropaContext context) → void: Override this method to implement your lint rule.
override
shouldSkipFile(String path) → bool: Check if a file path should be skipped based on context settings.
inherited
toString() → String: A string representation of this object.
inherited

Operators

operator ==(Object other) → bool: The equality operator.
inherited