How to resolve bug for macOS app store approval?

Our app was rejected because of an outdated entitlement key. We have to use this key, because othervise our app won't. work.


Our app makes use of the scripting bridge. I we follow the documentation, we should use the com.apple.security.automation.apple-events key. The app would prompt a dialogue to ask the user to grant access to apple events.


In practice, I doeasn't work. We need to add com.apple.security.temporary-exception.apple-events for the particular app, we use scripting bridge for. If we do that, the system promts the dialogue as expected and the spcipting bridge wordls. I seems to be a bug of macOS.


However we need to resolve the issue, because the app is rejected and the reviewer doesn't respond to our explanation. I don't understand the problem. The seucrity mechanism of macOS is working and the user experience is aligned with Apple's requirements. We just need to use the old entitlement as a workaround until Apple will fix this bug. We also want to be compatible with Sierra and High Sierra, which don't know the new entitlement, that is introduced with Mojave.


Some ideas?

Replies

Thanks for your recommendations. Our app has now passed the review after we have applied the approval for another build. I think, the user experience was not the reason of the rejection, but just a formal reason. We have used a deprecated entitlement, because there is currently no alternative, while the new introduced entitlement doesn't work properly.


Our app should indeed provide the core feature in a very convenient way. If the user is in any of the supported apps like Mail, Safari oder Pages, we can just press the shortcut and our app pops up with contextual content.


Can you confirm, that the use of Scripting Bridge is definately not allowed in apps for the store except the use case for sending messages with Mail? If this is the case, we would start with a major refactoring. I'm not sure, wether we can find an alternative for context app.


Your suggestion to make our app scriptable in combination with predefined scripts is an interesting. Is your idea to create an independent helper app, that implements NSUserScriptTask and triggers our main app? So you suggest an additional hop with a helper app, that has to be downloaded by the user and needn't pass the app review?


It is possible to execute a script wich a shortcut, if any app like Mail is the active one with the frontmost window?

So how did you get the approval? Did you simply remove the com.apple.security.temporary-exception.apple-events - com.apple.mail entitlement and the functionality of your app to communicate with Apple Mail at all? Or did you find some way to still be able to communicate with Apple Mail and not use the entitlement?

This is an old thread. I suggest you start a new thread with your question.


Generally speaking, temporary exceptions are automatic rejections. Apple's documentation has specific instructions on how to interact with Apple Mail: https://developer.apple.com/library/archive/documentation/Miscellaneous/Reference/EntitlementKeyReference/Chapters/EnablingAppSandbox.html#//apple_ref/doc/uid/TP40011195-CH4-SW25

For anyone running into this Question and scrolling actually till my answer:
The entitlement:

Code Block
com.apple.security.automation.apple-events


is actually still allowed, my app just got approved a month ago.
A few things that you need to look into:
  • Can it be done differently? If so then it won't be approved so don't even try.

  • Is this feature outdated and can be done by a different app from apple already? If so it also won't be approved

If you can make sure that you answer both with no, then think about why into the very detail. Then go over to make a bug report about it - they will probably tell you: Not really our business but sure go along and submit for review.
Now in the review basically list everything that you just thought of again, tell them what your code does, show them it isn't able to do harm to the user, tell them what your future plan is, why it can't be done in any other way, show them that it won't break the intended use of any other application.
Now that you are a novel writer quit swift - eh wait no sorry wrong step. But seriously write everything, till you nearly hit the limit.
Slap the Bug Report Code on the Top of that novel and then you will probably get through the review.

Apple is very strict on the entitlements and if it is not absolutely necessary for an application the will not approve it. If their is something unclear they will ask you to specify why something is like it is but you need to give them a basis to ask and the more you give them the easier it is for them to ask further questions.