Apple has today begun informing developers that use “hot code push” SDKs that their apps will soon be rejected by the App Store if they continue using this code. In a thread on Apple’s Developer forums, developers note that Apple has begun notifying them that their apps must remove the code otherwise it will not be approved by the App Store.
Apple has yet to comment on the change, however, has emailed developers. The root of the issue seems to be apps that use services such as Rollout.io. The email reads:
“Your app, extension, and/or linked framework appears to contain code designed explicitly with the capability to change your app’s behavior or functionality after App Review approval, which is not in compliance with section 3.3.2 of the Apple Developer Program License Agreement and App Store Review Guideline 2.5.2.
This code, combined with a remote resource, can facilitate significant changes to your app’s behavior compared to when it was initially reviewed for the App Store.”
For those who are unaware, services such as Rollout.io are able to push app updates after they’ve been submitted to the App Store. It would make sense for Apple to begin rejecting these apps as those apps may inject malware or use private APIs after they’ve been submitted to the App Store. Here’s how Rollout.io describes itself:
Rollout’s revolutionary SDK lets you react to production issues or modify your app in real time. And you don’t need to modify any existing code in advance. Whether it’s a bug you just discovered, a feature you want to toggle, or something else, you can use Rollout to modify any method or data in your app, instantly.