TIL that self-updating mobile apps are a thing. It is quite surprising to me that the app store gatekeepers don't force all app changes through their vetting process! Has this always been the case, or is this a new development?
The stores obviously can punish apps who break their terms (not just around updates), but code push is ubiquitous because so many apps need the ability to fix bugs w/o waiting for every single user to click "update" in a store.
I am very curious about this too. Wouldn't this allow you to remotely inject malware into an app? For my own, non-malicious, project, I'd love for this to work, but I don't want the app store gods to wreak vengeance on me.
UPDATE: I found this.
Examples of SDK-caused violations
Your app includes an SDK that downloads executable code, such as dex files or native code, from a source other than Google Play.
> It is quite surprising to me that the app store gatekeepers don't force all app changes through their vetting process!
It's be because they can't anyways, what about web pages, feature flags & server side rendered views? The review process is mostly there to not circumvent their payment process.
eseidel|1 year ago
There are also various other commercial services offering code push. Even Microsoft has one: https://learn.microsoft.com/en-us/appcenter/distribution/ina...
The stores obviously can punish apps who break their terms (not just around updates), but code push is ubiquitous because so many apps need the ability to fix bugs w/o waiting for every single user to click "update" in a store.
dr_kiszonka|1 year ago
UPDATE: I found this.
Examples of SDK-caused violations
Your app includes an SDK that downloads executable code, such as dex files or native code, from a source other than Google Play.
fngjdflmdflg|1 year ago
[0] https://docs.shorebird.dev/faq#does-shorebird-comply-with-pl...
realusername|1 year ago
It's be because they can't anyways, what about web pages, feature flags & server side rendered views? The review process is mostly there to not circumvent their payment process.