iPhone Apps Have to Be Approved by Robots Now, Too

Sounds sinister, right? That's probably because I replaced the word "computers" with "robots!" For effect! But no, still, this is at least interesting: Developers are now reporting that apps are getting rejected, and not by humans.

Word is that Apple has added a new layer to the approval process, called a static analysis tool. This particular static analysis tool is intended to scan for the use of private APIs in submitted apps, and flag them if it finds any. For quite a few people, evidently, this means that apps that were kosher a while ago are, with their next updates, very suddenly not. Time for a FORENSIC RECAP! From Craig Hockenberry, developer of Twitterrific, and Guy Who Noticed This Early:

iPhone Apps Have to Be Approved by Robots Now, Too


To which John Gruber (Daring Fireball) knowingly responded:

iPhone Apps Have to Be Approved by Robots Now, Too


So yeah, what the hell does any of this mean?

Apple gives developers a bunch of public application programming interface (APIs) which are essentially documented, permitted tools or calls that they can invoke in their apps. For example, Apple has an API for recording microphone input, which developers can use, and which Apple, by publishing them, has basically promised to keep intact and working. Private APIs are calls and features that only Apple uses, and which they don't really tell developers about. There could be a few reasons for this: either they specifically don't want developers to use them, for security or consistency reasons, or they're not finished and subject to change, which means that for devs to use them would be risky—their apps could just break with the next system update, since these private APIs are, in effect, volatile. Remember all those early jailbreak apps, before the App Store was open? Those were built using entirely private APIs, many of which became public later. Anyway!

There's always been an official ban on the use of private APIs, but Apple hadn't really been enforcing it to date, partly because it's just hard to tell sometimes—unless the private API is used in a terribly obvious way, finding them is a matter of taking to apps with a fine-toothed code-comb, which the current crew obviously can't do, and which machines—as in, software—would be good at. With these new static analysis tools, Apple has created a machine filter for apps that breach this rule.

Given that actually App Store policy hasn't changed, this shouldn't amount to anything more than better rule enforcement for app devs. Shouldn't. Introducing something automated like this, even if it's a "serious tool, not simplistic" as Gruber claims, is bound to end in tears. Congratulations, developers! Your next appeal against app rejection will be to a piece of software, which has no capacity to feel your pain. Devs: Let us know if you've run up against this thing in the comments, and if it was fair. [Twitt-ah]