portrait picture


balancing software engineering & infosec

Apple does not like Electron apps

posted on Nov. 20, 2019, 7:55 p.m. in apple, news

It looks like Apple started rejecting applications build using Electron in the AppStore review process. Chromium, the foundation of Electron, is using private APIs, something Apple, to my knowledge, always was pretty clear about is a no-go for the AppStore. Judging by Firefox using those private APIs is a requirement to get the browser more performant and battery efficient.

I think the link summarises the problem pretty well and to me the biggest problem here is the inconsistency of the AppStore review process and the fact that Apple is willing to bend or ignore the rules for companies of a certain size.

If an application is not conforming to the AppStore guidelines I expect it to be rejected. With private API usage this has to be the case for all Electron based applications. But it only hit a few. And bigger players like Slack get away with it. They either were not caught yet or it was ignored. Your guess will be as good as mine. Maybe it will hit them at some point, maybe it will not. And this is the real problem.

I like the AppStore. I fully understand all the criticism it gets from developers. Having shipped apps to it and having jumped through some hoops to get an app featured it is hard to deny any of the valid points people regularly bring up. But from a user perspective the AppStore is amazing.

In a perfect world one of the things that make the AppStore amazing would be the review process. Chance for malware? Zero. Chance for an app breaking my system? Zero. Chance for being scammed and not being able to get my money back? Zero.

In a perfect world. In the world we live in most of the things I mentioned above are often the case. And some bad - as in do not follow the rules - apps slip through.

To get closer to a perfect world there has to be some rules and Apple laid them out. They did not necessarily create tooling making it easier to conform to them and require developers to actually understand the whole stack, frameworks and libraries they are using. This is relatively simple if you write an app in Swift and primarily stick to Apples SDK. It gets a lot harder and I would argue nearly impossible if you use something like Electron.

The big problem to me is not that Apple is banning some Electron apps because they violate the private API rule. They are enforcing a rule they put in place for a likely very good reason.

To me the real problem is that Apple is enforcing a rule we all know a lot of apps still being live in the AppStore violate, but action is only taken against a few. As long as they lack consistency one of the most critical things that would make the AppStore amazing is lacklustre.