My most recent Mac App Store submission of StopTheMadness was rejected by Apple App Review for the reason "Your app contains the Game Center entitlement, but it does not link against the GameKit framework." This was puzzling, because my app does not contain the Game Center entitlement!
% codesign --display --entitlements - ~/Library/Developer/Xcode/Archives/2022-09-26/AppStore\ 9-26-22,\ 8.44\ PM.xcarchive/Products/Applications/StopTheMadness.app[Dict]
[Key] com.apple.security.app-sandbox
[Value]
[Bool] true
[Key] com.apple.security.application-groups
[Value]
[Array]
[String] 8LT69JF8NZ.com.underpassapp.StopTheMadness
[Key] com.apple.security.files.user-selected.read-write
[Value]
[Bool] trueDespite the mystery, App Review allowed me to get the submission approved without changing anything: "The issues we've identified below are eligible to be resolved on your next update. If this submission includes bug fixes and you'd like to have it approved at this time, reply to this message and let us know. You do not need to resubmit your app for us to proceed." (I'll discuss this a bit more at the end of the blog post.)
It turns out that the entitlements of StopTheMadness downloaded from the Mac App Store are different from the entitlements of the build that I submitted to App Review.
% codesign --display --entitlements - /Applications/StopTheMadness.app[Dict]
[Key] com.apple.application-identifier
[Value]
[String] 8LT69JF8NZ.com.underpassapp.StopTheMadness
[Key] com.apple.developer.game-center
[Value]
[Bool] true
[Key] com.apple.developer.team-identifier
[Value]
[String] 8LT69JF8NZ
[Key] com.apple.security.app-sandbox
[Value]
[Bool] true
[Key] com.apple.security.application-groups
[Value]
[Array]
[String] 8LT69JF8NZ.com.underpassapp.StopTheMadness
[Key] com.apple.security.files.user-selected.read-write
[Value]
[Bool] trueThe Game Center entitlement is there! But why?
If you login to your Apple Developer account on the web, the Certificates, Identifiers & Profiles section has a list of your App IDs. I discovered that the Game Center capability was enabled for the StopTheMadness App ID, even though I never specifically enabled it.
When I submitted the app to App Review, Apple silently added the game center entitlement to my app, even though the app didn't have the entitlement when I submitted it. And then App Review rejected me for it!
Why now, when I hadn't changed anything relevant? I don't know. My theory, based on vague memory, is that the Game Center capability was previously mandatory — like the In-App Purchase capability still is today, as you can see in the screenshot — but then Apple made the Game Center capability optional (without telling developers, of course) and then started flagging apps for having it. Because Apple loves to find new ways to torture App Store developers, it seems.
While I was looking through my App IDs, I also found that the iOS version of StopTheMadness had the Push Notifications capability enabled. The app doesn't use push notifications. So I've disabled that one too, in case App Review is looking for more rejection reasons.
I recommend that App Store developers go through your App IDs and disable any unused capabilities, otherwise you may be receiving unexpected rejections of your submissions.
My question for Apple: why not scan every app in the App Store, find all the apps where the entitlements don't match the framework linkage — the same check performed during review — and email the developers to warn them, instead of waiting for a new submission that the developer is hoping to get approved ASAP? An ounce of prevention is worth a pound of cure. It seems though that Apple would rather pound us into submission.
Two years ago, Apple claimed that they wouldn't hold up bug fixes for unrelated issues:
for apps that are already on the App Store, bug fixes will no longer be delayed over guideline violations except for those related to legal issues. Developers will instead be able to address the issue in their next submission.
This claim appears to be partly true and partly false. It's true that when App Review identified an issue with my submission, I was given an opportunity to address the issue in my next submission, without having to fix it immediately. However, it's false that my bug fixes were not delayed. I received the rejection email from App Review at midnight my time, after I had already gone to bed. I saw the email in the morning and replied to App Review, but then it took four more hours for my submission to go back into review. So there was a delay in approval of more than ten hours.
Fortunately my bug fixes in this case were not urgent, but what if they were? The whole point of this new policy by Apple is supposedly to avoid holding up urgent bug fixes, but that's precisely what Apple is still doing! Why couldn't App Review approve the submission and also give the developer a warning that they must fix the issue in the next submission, instead of rejecting the submission and waiting for a reply from the developer?
Four months ago, after I wrote a blog post about an App Store submission issue, I received an unsolicited email from Apple's senior director of App Review, who said "We’ve found that most developers prefer to fix the issues we find and resubmit". This is a strange response, because why did Apple even change its policy if there was to be mostly no change from before, when rejections required immediate fixes? It's also unclear what "most" means: is it closer to 99% or closer to 51%? In any case, this is cold comfort to the developers who need to release a bug fix ASAP. You have to wonder how Apple determined that developers "prefer" this, because developers have never been given the option of approval with no delay, as I suggested above. Once the submission process has already been interrupted, and the rejection has already occurred, then developers may prefer to quickly fix the issue; however, they might prefer that the submission process is never interrupted in the first place. How does Apple know? They certainly never polled me for my opinion about it.
Consider this blog post a "No" vote on the proposition of interrupting the submission process to ask developers whether they want their submission approved. After all, we wouldn't be submitting an app for approval now if we didn't want it approved now.