Python grapples with Apple App Store rejections

Original Article ↗ Hacker News Discussion ↗

Immediate issue: Python apps rejected on iOS/macOS stores

  • Apps embedding Python are being rejected because binaries contain the string itms-services, which App Review associates with installing other apps and violating guideline 2.5.2.
  • The affected apps do not actually use that URL scheme at runtime; the rejection is based on static string scanning.
  • Current Python-side workaround is a compiler/config flag to exclude the problematic code on iOS, rather than obfuscation, which is seen as risky with Apple.

Apple’s review and security practices

  • Several comments describe Apple’s checks as crude substring scans (“cockroach security”) layered on top of other mechanisms.
  • Others argue Apple likely has more sophisticated checks too, but evidence in this case points to a simple string match.
  • App Review feedback is criticized as vague; developers want precise locations of offending strings and clearer remediation paths.
  • Some question why the sandbox doesn’t just block itms-services for App Store–signed apps, instead of relying on static scanning.
  • Enterprise distribution and out-of-store macOS apps do legitimately use this scheme, complicating a blanket ban.

Why itms-services is in Python at all

  • The string lives in urllib.parse’s list of schemes that have a “netloc”, to correctly parse Apple’s nonstandard URL format.
  • Discussion notes that Python’s URL handling is partly working around other software’s quirks; some argue proprietary schemes should be handled heuristically, not hard-coded.
  • There’s debate over whether Python’s URL implementation is spec-correct regarding empty vs null hosts.
  • Some suggest the immediate fix could be as trivial as changing a test case string or restructuring tests so they don’t ship.

OSS responsibility vs platform bugs

  • One view: OSS can accept small, localized workarounds for big-vendor bugs, but only with a time limit and after filing upstream reports, to avoid being the permanent band-aid.
  • Others are skeptical this works in practice, given perceptions that Apple’s bug reporting is a “black hole.”

Wider ecosystem: signing, AV, and small developers

  • Parallels are drawn to Windows Defender and SmartScreen falsely flagging small, unsigned binaries (including Python/PyInstaller) as malware.
  • Code-signing costs and platform hurdles push some small or OSS developers away from macOS/Windows or from updating apps, and toward Linux or niche distribution methods.

Platform control and user freedom

  • Strong debate over whether Apple’s tightly controlled model is acceptable “custodianship” or “digital serfdom.”
  • Some emphasize that users can choose Android, including de-Googled variants with sideloading and FOSS-only setups.
  • Others argue a duopoly still leaves too little real freedom, and criticize Apple’s browser engine lock-in and limits on running arbitrary code on owned hardware.