Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Begins Rejecting Apps With 'Hot Code Push' Feature (apple.com)

Posted by msmash on from the assuming-control dept.

Apple has long permitted "hot code push", a feature that allows developers to continuously deploy changes to their mobile apps and have those changes reflect in their apps instantly. This allowed developers to make quick changes to their apps without having to resubmit the new iteration and get approval from the Apple Store review team. But that's changing now. In response to a developer's query, Apple confirmed that it no longer permits "hot code push." The company told the developer: Your app, extension, and/or linked framework appears to contain code designed explicitly with the capability to change your app's behavior or functionality after App Review approval, which is not in compliance with section 3.3.2 of the Apple Developer Program License Agreement and App Store Review Guideline 2.5.2. This code, combined with a remote resource, can facilitate significant changes to your app's behavior compared to when it was initially reviewed for the App Store. While you may not be using this functionality currently, it has the potential to load private frameworks, private methods, and enable future feature changes.

2 of 149 comments (clear)

  1. Re:Pray I don't change it again by mccalli · · Score: 4, Informative

    Money. You're doing it for money, and that's where the app revenues are.

  2. Re:Recipe for disaster by Anubis+IV · · Score: 3, Informative

    Hot fixes such as this should be limited to enterprise apps only - i.e. apps that don't affect the world.

    Was the hot fix permitted for all apps or just enterprise apps? If the former, then it should be definitely be removed.

    Enterprise apps don't have to go through the review process because they aren't in the App Store in the first place. They're distributed privately, with the enterprise signing each app using a cert and each employee's device being configured to accept apps signed by that cert. Updates can be deployed directly to employee devices, as a result.

    As for apps using this feature, I know that a variety of games download content updates outside of the App Store, though if I had to guess, I'd wager that when Plants vs. Zombies 2 and Final Fantasy Record Keeper say they're downloading new content, it's just a package of art assets and the like that the existing executable knows how to parse. If it is arbitrary code, however, I'd also wager that I'll suddenly see those games issuing a lot more frequent updates, given that FFRK pushes out content updates 1-2 times per week as it is.