Monday, November 16, 2009

Increased caution regarding "undocumented" API calls

It has always been Apple's official policy that you shouldn't use private frameworks or undocumented API calls in iPhone apps. However, in the past, it seemed the policy was only enforced with regard to using private frameworks. Using undocumented APIs in an app would usually go unnoticed, although as a practice they were risky since at any time Apple could change or remove the undocumented API causing your app to break with a newer release of the OS.

Well, based on reports from many developers recently, it seems Apple now has a tool for scanning submitted apps for undocumented API calls and Apple will reject such apps.

So, double-check those compiler warnings in your code. It could be you are using some undocumented API calls and are at risk for having your next app submission rejected. It's easy to accidentally add some undocumented API calls when searching the Internet for a code snippet to address a problem you've been struggling with for days. A quick cut and paste and your problem is solved, and at the time you might overlook the compiler warning that states the object may not respond to the method being passed (a sure sign that you are using an undocumented API).


Note the compiler warning for this undocumented API call above...

Regardless of how useful some of these undocumented API calls might be, and regardless of the fact that Apple may be using them, if you use them in your apps, your app WILL now get rejected during review.

If Apple does in fact have an automated tool which is scanning submitted apps for these violations, it would be extremely helpful if Apple were to integrate this into the iTunesConnect submission process. Why make a developer wait two weeks to find out their app was rejected because of an API violation when it could have been flagged immediately on submission?

Apple already scans the app binary for some simple items such as version number matching the version listed in the app description during the upload process, so it should be possible to add some more scanning features. Even if it were to take a few minutes, getting an automated rejection several minutes after submission would be preferable to waiting 14 days.

All content copyright © 2009  Brian Stormont, unless otherwise noted.   All rights reserved.