foreword
The Other question is a cliché, but because Apple's policies are constantly changing, sometimes old questions often come up with new tricks. Recently, many small developers have "inexplicably" encountered Other, but in fact, everyone knows that the so-called "inexplicably" must have a reason.
Recently, on my knowledge planet, a netizen posted such a question:
https://t.zsxq.com/0cp8IJSgG .
It probably means that under a brand new and unique account, only one app is on the shelves and still encounters other delays.
And recently I checked the situation of foreign developers encountering Other problems, and found a lot of points that can be re-summarized. In addition to the account associations we often encounter, product duplication checks, etc., foreigners are more likely to encounter problems. Some other situations.
Basic copywriting:
We need additional time to evaluate your submission and Apple Developer Program account. Your submission status will appear as “Rejected” in App Store Connect while we investigate. However, we do not require a revised binary or additional information from you at this time.
Everyone knows that account association is easy to be triggered, so I won’t talk about this part. I have mentioned it in previous articles, and I will put it at the end of the article.
I communicated with many friends in the same industry and found similar problems (my WeChat: xq2723866). I feel the need to address this topic.
A lot of "desperate" posts
If you think that Other is just Apple’s discrimination against Chinese developers, that’s not necessarily true. You can read the following posts by foreigners. There are many, many similar posts. This is the experience of a developer named SSPGames_1:
Im in this situation over 3 months, always got this message. In 8 months i managed to publish only 2 apps. Very frustrating for my company, because of this and i wont extend Apple Developer subscription next year. I tryed everything, submit and resumbit, contact support, publish only 1 by 1 app and no help, always message “other” that they need extra time to evaluate app that stays in status forever. Realy embarrassing from company like Apple. Other stores publish app reviews in max 48 hours. — SSPGames_1
translate:
I've been in this situation for over 3 months and keep getting this message. In 8 months, I've only released 2 apps. Very frustrating for my company so I won't be renewing my Apple Developer subscription next year. I tried everything, repeatedly submitting, contacting tech support, publishing apps one by one, nothing helped, and I always ended up getting an "Other" rejection, and they always needed extra time to evaluate the app. A company like Apple is really embarrassing. Other stores have up to 48 hours to post app reviews. — SSPGames_1
This netizen named SSPGames_1 has decided to quit the iOS developer team sadly because of the Other problem, which shows how lethal the Other is.
There are still many posts like this on the international network, not to mention there are many Youtube Up complaints.
code review tool
There is a post that reads:
Automatically detect Security Vulnerabilities and Security Hotspots during your code review. Write the most efficient code possible with SonarQube. Basic analysis is always free! - kakaiikaka
translate:
Automatically detect security vulnerabilities and security hotspots during code reviews. Write the most efficient code possible with SonarQube. Fundamental analysis is always free! - kakaiikaka
It means that the Apple machine has scanned the unsafe code in the application and needs more time to review and confirm.
This possibility is very high, especially when the developer calls some private API, another possibility is the machine misjudgment.
There is also a suggestion here, which is to use a tool to review the code quality. This tool is called SonarQube , which is an open source code quality management system, which provides the function of code scanning. The author recommends that the submitted code be scanned with it to do a self-examination.
I think that if you are a programmer who is used to developing through many github code bases under cocoapods, you can consider it. Because many third-party libraries may contain code that Apple considers unsafe.
SonarQube's official website is here:
https://www.sonarsource.com/products/sonarqube/
Private API calls are the trigger
In another post, I mentioned the experience of introducing a private API when submitting a new version, which was immediately rejected by Other:
yeah, several years ago, we used private APIs to get Wi-Fi signal strength(via method swizzling), then suddenly, in one submission, we received one message that contains "we need additional time to evaluate your submission…
translate:
Yep, a few years ago we were using a private API to get Wi-Fi signal strength (via a mix of methods), then suddenly, in one commit, we got a message that said "We need more time to evaluate your submit…
Obviously, we are not the only ones who like to "death"... This friend used a private API to get the Wi-Fi signal strength, and then immediately encountered Apple's delayed review.
In addition to the typical post above, there are many similar situations. It is not difficult to see that Apple's machine review is quite strict now, and the call of private API is actually not a sensitive matter for many developers. Especially in small companies, programmers just implement the code, and don't consider whether the methods that are called too much are allowed by the audit regulations. The outsourcing company is even worse, because most of the function implementation is directly copied and pasted, as long as there is an implementation plan on the Internet, it will be copied over. As for whether it can pass the trial, that is another story. And even if the account is investigated, it may not necessarily be found on my own head, anyway, "I am also a part-time job".
On the other hand, a large number of third-party libraries also have a large number of security risks of API call violations. That's why I'm particularly cautious about dealing with third-party libraries.
summary
For sensitive APIs , which may lead to other review, I have summarized the following key solutions:
- A static scanning tool seems to be helpful. For example, SonarQube just mentioned . Interested netizens can try the following, I haven't tried it yet (mainly I am very careful when developing it myself, it is difficult to encounter such problems).
- The naming of classes and methods in the code is still required to be "exquisite". The static scanning of Apple's code review has a certain "name discrimination". Be careful not to use some suspicious words.
- Pay attention to the selection of third-party libraries. If third-party libraries are referenced, you can pay attention to whether there are audit problems caused by these libraries on the Internet, and it is best to use the prepared string list to do a binary full-text scan.
- After encountering the review, I can only wait patiently for a week. After a week, you can consider urging. Whether to urge or not depends on the developer's own situation.
read more
Summary of recent large-scale 4.3, 2.3.1 problems
Several behaviors of Apple developers that are prone to investigation