Thursday, January 20, 2011

[Developers] Tips for submitting software to the Mac App Store [Update: Feb. 3]

We still have no apps in the Mac App Store since they alway got rejected but we won't give up. In the meantime we have learnt some important things about submitting successfully. And we want to share that here to help other developers who may have similar problems.

First Steps
Read Apple's own checklist and guides (developer login required): (don't read the code you won't understand it anyway - the introduction suffices)

Complementary Checklist for submitting
  • set up your app on itunes connect
  • set up your app bundle id in the developer certificates utility (go there from the apple developer website when logged in)
  • delete aquatic prime framework and any references including update urls in info.plist
  • delete sparkle framework and any references including public keys
  • delete any update menu items
  • delete any references from your About and Help windows that say your app costs anything, or updates can be downloaded from your website [update]
  • delete any sparkle update objects from nibs
  • delete and deactivate any demo-mode code
  • don't use growl or other frameworks that require installation
  • don't use any deprecated methods
Click Read On for the lengthy rest because we don't want to bore the normal people :-)

  • In your build settings:
    • set base sdk to 10.6
    • Install your code signing certificate and select it. This looks something like “3rd Party Mac Developer Application.” 
    • set debug information to “DWARF with dSYM,” 
    • Make sure your list of valid architectures does not include PPC (only x84_84 and i388).
    • set compiler to LLVM GCC 4.2 [update: this does not matter. you can use any. GCC 4.2 is fine]
    • make sure (in Xcode 3.x) that the build settings of your project and that of the target match, yes this is necessary
  • In your Info.plist file include:
    • CFBundelIdentifier (this must match the one provided on itunes connect. Don't use blanks and special chars. Avoid underscores and minuses.)
    • CFBundleShortVersionString (make this exaclty the same as provided on itunes connect. Only numbers and points like: "1.0.1"  but not "1.0b")
    • LSMinimumSystemVersion set to "10.6.6"
    • LSApplicationCategoryType and set to one of the possible values provided on apples website
    • NSHumanReadableCopyright set to something like "©2011 My Company"
Test your App
  • Delete your build folder in your project folder
  • make "Clean all" (deleting and cleaning is very important because build and archive does not always build the newest version)
  • Build and Archive your App (Build Menu)
  • Go to Organizer. Here you find your archived app
    • Click validate
    • If validation fails make sure you have already provided all App information on iTunes Connect and in the Developer Certificates Utility (accessable from apples developer website) and ensure the information there matches that of your app (version and app id)
    • Click "Share" and save it 
  • Delete all copies of your app (or zip them if you need them) - especially the builds
  • go to terminal and do: sudo installer -store -pkg <path-to-package> -target /
  • now your app gets installed. If you have deleted all copies it will be placed to "Applications"
  • open it and test if it works
Submit your App
  • Because you just deleted all copies you need to do Build and Archive again. 
  • Go to Organizer and click Submit
  • If it does not work it will give you either a meaningfull error message or it will say something like "Could not extract from Package + ".
    If you experience the latter (what we did every time) do the following:
    • Click validate 3-10 times
    • Click Submit
    • If it does not work repeat

Copy protection
You need to take care of copy protection yourself. App Store Apps by default have no copy protection at all. Apple provides some kind of tutorial how to do this (see above) but to be honest we did not understand that. When you used AquaticPrime before or any other DRM-Framework we recommend using the open source App Store Validation package provided here:

  • Include it in your project and replace the hard coded bundle id and version number with your own
  • include all requried framworks (see code)
  • Check if the app is valid in the beginning of your main method before NSApp starts.
  • Test with the test receipt provided by apple (this is documented in the code)
  • comment out the test #define
  • try if it works as described above. If you open the app after installing it will ask you for your itunes connect account data (you should create a test user before in itunes connect). If your validation code is correct it will open afterwards if not check if you test the receipt from the right path and that you app id and version match.

Of course Apple is right when saying every app should use its own copy protection algorithm (thats why they don't provide any useful code) but before everyone was using AquaticPrime without modification. So if it was good enough before why make such a huge effort for DRM now?
Anyway if someone wants to steel your app he will always find a way. But if you feel to have too much spare time modify the validation code and include some cool security anti reverse engineering tricks. Or just improve your app so more people will buy it voluntarily...

If you maintain two project versions one for Apple and one for your own shop you can do the following:

  • make the regular build (non AppStore) your main project. Only make changes here. When a new version is done copy the entire folder and modify it to match Apples requriements
  • include all Apple stuff that does not hurt (like the info.plist stuff and frameworks needed for package validation, as well as build settings) in both builds so you don't need to add it after copying it every time.
By the way don't be surprised if the review process takes weeks.

If you have some tips of your own please post a comment.

If you're interested what apps we wanted to submit go to
We can tell you that Papapapaya is still in review because we forgot some of the steps described above, Floret was rejected because it resembles the iOS version (that's strange because Mac OS Tiger does much more resemble and iOS version...), Toady will not be submitted because it relies on grow, and for Dragonfly and Quokka we are waiting to see how Papapapaya turns out.

No comments:

Post a Comment