I received this rejection message from apple in the resolution center:
Guideline 2.5.1 - Performance - Software Requirements
Your app uses public APIs in an unapproved manner, which does not comply with guideline 2.5.1 of the App Store Review Guidelines.
Specifically, it would be appropriate to remove the HomeKit API from within your binary and resubmit your application for review.
Since there is no accurate way of predicting how an API may be modified and what effects those modifications may have, Apple does not permit unapproved uses of public APIs in App Store apps.
the app code I'm using is open sourced
https://github.com/SuperMarcus/NineAnimator
I need help on how to remove the HomeKit API from within the binary.
First remove it from the Signing and Capabilities:
Then try to run your code again.
If you where using a HomeKit API anywhere in code, Xcode will show you where it is.
Related
I received the below email shortly after I submit my app to the AppStore from XCode Organizer. My app contains the framework in this GitHub (https://github.com/wujianguo/iOSAppsInfo), I use it to create shortcuts to the rest of the users installed applications, and ONLY for that purpose.
Is there a different way of getting a list of all installed apps so I can create shortcuts or will all methods be instantly rejected as below?
Dear developer,
We have discovered one or more issues with your recent delivery "shortcut-app". To process your delivery, the following issues must be corrected:
Non-public API usage:
The app references non-public selectors in Xxxx xxxx: _applicationIconImageForBundleIdentifier:format:scale:, allInstalledApplications, appTags, applicationProxyForIdentifier:, localizedShortName, openApplicationWithBundleID:
If method names in your source code match the private Apple APIs listed above, altering your method names will help prevent this app from being flagged in future submissions. In addition, note that one or more of the above APIs may be located in a static library that was included with your app. If so, they must be removed.
If you think this message was sent in error and that you have only used Apple-published APIs in accordance with the guidelines, send the app's nine-digit Apple ID, along with detailed information about why you believe the above APIs were incorrectly flagged, to appreview#apple.com. For further information, visit the Technical Support Information page.
Once these issues have been corrected, you can then redeliver the corrected binary.
Regards,
The App Store team
This library uses private API which you cannot use especially when you submit the app to apple, as they will reject it like this.
I am not aware of another way to get installed apps, but in order for apple to accept uploading the app, you must stop using this library, specially this method.
Many iOS developers received the following message recently. Does it has any impact on React Native?
Your app, extension, and/or linked framework appears to contain code
designed explicitly with the capability to change your app’s behavior
or functionality after App Review approval, which is not in compliance
with section 3.3.2 of the Apple Developer Program License Agreement
and App Store Review Guideline 2.5.2. This code, combined with a
remote resource, can facilitate significant changes to your app’s
behavior compared to when it was initially reviewed for the App Store.
While you may not be using this functionality currently, it has the
potential to load private frameworks, private methods, and enable
future feature changes. This includes any code which passes arbitrary
parameters to dynamic methods such as dlopen(), dlsym(),
respondsToSelector:, performSelector:,
method_exchangeImplementations(), and running remote scripts in order
to change app behavior or call SPI, based on the contents of the
downloaded script. Even if the remote resource is not intentionally
malicious, it could easily be hijacked via a Man In The Middle (MiTM)
attack, which can pose a serious security vulnerability to users of
your app. Please perform an in-depth review of your app and remove any
code, frameworks, or SDKs that fall in line with the functionality
described above before submitting the next update for your app for
review.
The recent action by Apple seems to target frameworks that are about to modify native code bundles on the fly. If you are using this kind of library in your RN project then you might get effected. But if you are using a library like Code Push which lets you modify js bundle, you are not expected to get effected. There is a HN thread about it. You can search for Microsoft keyword to read about. You can also read this.
My app was rejected because
The use of non-public APIs is not permitted on the App Store because
it can lead to a poor user experience should these APIs change.
in the method
viewControllerForView:
I asked where I used viewControllerForView: and they responded
“viewControllerForView:” was found in the methods:
-[FBSDKLikeButton _handleTap:] and -[FBSDKLikeButton _like:].
My FBSDKLoginKit, FBSDKCoreKit and FBSDKCoreKit pods are all at 4.15.1 (the latest version). How should I go about fixing this?
You don´t need to make any changes in your code, read this post from Facebook developers of how to solve it.
After integrating our SDK into your iOS app, you will need to submit
your app to Apple for review. As part of this review process, you will
be asked if your app uses the Advertising Identifier (IDFA). Please
check "Yes". You will then be asked how your app makes use of it. The
question will take this form: This app uses the Advertising Identifier
to (select all that apply)?
- Serve advertisements within the app
- Attribute this app installation to a previously served advertisement
- Attribute an action taken within this app to a previously served advertisement
If you will be using the Audience Network framework, you must select
the first option. If you are using our core framework to track
install attribution and app events, please select the second and third
options. If you are using both, select all three.
You will also be asked to check a box to confirm that your app honors
a user's Limit Ad Tracking setting in iOS. The Facebook SDK honors the
iOS Limited Ad Tracking Setting. When a person enables Limited Ad
Tracking, Facebook only uses data obtained through the use of the
Advertising Identifier for “Limited Advertising Purposes” as defined
by the iOS Developer Program License Agreement. Please make sure check
this box when prompted.
Marking these questions in this way will help ensure a smooth review
process
I am trying to find device lock state as UIApplicationState gives the wrong state when Lock the device, it gives UIApplicationStateActive for few second.
I found one solution using Darwin notifications for notification "com.apple.springboard.lockcomplete".
Is it the correct way to get Lock state? Does Apple allow this?
No Apple won't allow to use "com.apple.springboard.lockcomplete".My application get rejected due to this.
The answer is... it depends.
Using non-public API is not permitted, and these Darwin notifications are not publicly documented. So the official answer is no, you are not allowed to use this notification in a production code. Otherwise, you risk getting this unpleasant email from Apple:
Your app uses or references the following non-public APIs:
com.apple.springboard.lockcomplete
On the other hand, I've used that very notification for 4 years till I got a rejection from the App Store for one of my apps. Another app of mine still uses it without problems. So if you really need it and you think it's worth the risk, you may give it a try.
Based on our experience, your app WILL be rejected for use of com.apple.springboard.lockcomplete with the following notification:
Guideline 2.5.1 - Performance - Software Requirements
Your app uses or references the following non-public APIs:
com.apple.springboard.lockcomplete
The use of non-public APIs is not permitted on the App Store because
it can lead to a poor user experience should these APIs change.
Continuing to use or conceal non-public APIs in future submissions of
this app may result in the termination of your Apple Developer
account, as well as removal of all associated apps from the App Store.
Next Steps
If you are using third-party libraries, please update to the most
recent version of those libraries. If you do not have access to the
libraries' source, you may be able to search the compiled binary using
the "strings" or "otool" command line tools. The "strings" tool can
output a list of the methods that the library calls and "otool -ov"
will output the Objective-C class structures and their defined
methods. These tools can help you narrow down where the problematic
code resides. You could also use the "nm" tool to verify if any
third-party libraries are calling these APIs.
Resources
If there are no alternatives for providing the functionality your app
requires, you can file an enhancement request.
Apple won't allow this.Here is there comments for this
"The use of non-public APIs is not permitted on the App Store because it can lead to a poor user experience should these APIs change.
Continuing to use or conceal non-public APIs in future submissions of this app may result in the termination of your Apple Developer account, as well as removal of all associated apps from the App Store."
As I have submitted my first app on App Store but I got rejection with given reason-
27.6 Details
Your app also uses the HealthKit APIs but does not indicate integration with the Health app in your Application Description and clearly identify the HealthKit functionality in your app’s UI, as required by the App Store Review Guidelines.
I have implementing this feature for the next version so I am not using this framework anywhere in my project. Because of this I have also disable HealthKit capability Off from project setting like here Screenshot But they still rejecting the app. Do I have to submit again new binary or is there is way to continue with this?
disable the capability and don't link to the framework
a new binary is needed for sure to reflect both changes