Thursday, September 8, 2022

Mac App Store and Investing Engineering Time

Christopher Atlan:

We knew that some exceptions had been permitted in the 2018 Mac App Store refresh. However our conversation with Developer Relations and DTS went nowhere.

The existence of an exception was acknowledged, but at the same time not granted to us.


So we came up with a Plan B: sandboxing ksdiff and granting it file access to the file system via back channel to our app.


I should have known better. I knew the stats: fewer than 10% of our users actually run the Mac App Store version. Yet I committed the team to work for what turned out almost a month on tackling all the sandbox issues, creating the entire flow for a command line utility to request file access, and testing it by throwing every workflow at it that we could think of.

It should be noted that sandboxing ksdiff did not actually make anything more secure because, even unsandboxed, if it’s invoked from a sandboxed app it only has access to what that app can access. And, so far, the extra work hasn’t paid off because the app is still in limbo.

At this time, Kaleidoscope 3.6 has been in review for a full month without communication or progress, after an initial quick rejection. Not only is there frustration with the current update, our trepidation grows with regard to the updates we have been planning down the road.


This teaches me that the Mac App Store is no place for developer tools with more complex technical requirements than your average app. Which seems wrong, as Develop is one of the main categories in the App Store app.

Jonathan Deutsch:

I’d go so far to say that any applications that need to read or write files that it did not create (e.g. generic file types or another app’s files) are not suited for being on the Mac App Store.

So not just dev tools but also utilities and pro apps that have complex workflows.

Geoff Hackworth:

Well, that’s rather unsettling:

“We need additional time to evaluate your submission and Apple Developer Program account.”

My account? 😬 I got this after 10 minutes in review for both the free and paid version of an app which has been in the store for almost 8 years.


This ordeal has caused me a great deal of anxiety. I still can’t be sure what crime they suspected me of. They never told me. But I guess I’m not guilty. Although it does seem like I would have been unable to submit apps for the last 15 days. Not guilty, but punished anyway.

Jonathan Deutsch:

In my experience there’s often lots of small-but-cool features often pre-sandbox apps have that aren’t compatible. So joining the MAS means removing them and accepting that you have a worse app (and will likely get customer requests for it or confusion).


Update (2022-09-09): Jonathan Deutsch:

My educated speculation is that upper management is deeply afraid of macOS becoming Windows of ~20 years ago – stricken with malware.

Security restrictions are introduced but there’s no internal incentives to counterbalance these.


WebKit had a great performance philosophy: if you regress performance in one area you need to at least improve it back elsewhere.

I’d love to see this for security features - if one is added, you need to add some workflow/automation/enablement/creativity feature elsewhere :).

Update (2022-09-14): Hunter:

This new thing where App Review asks you to explain how you’re using public API (App Intents, Transferable) and provide a video to get approved is total BS. Infuriating.

4 Comments RSS · Twitter

The fact that the app store is not mandatory is precious. It’s also the only thing keeping me on the platform (since 1986).

Why anyone uses it is beyond me.

Apple has utterly failed in all their promises for the various app stores. At least with the Mac it isn't mandatory. It's beyond past time for them to allow side loading on iOS.

"WebKit had a great performance philosophy”

Why is this sentence written in past tense? Is this no longer the case?

@Leo I think it’s still the case, though personally I think there was a big drop in performance when they switched to the multi-process model, so that’s actually an early example of security trumping other stuff.

Leave a Comment