Seriously, get a grown-up comment system

What WOULD have been a comment on this...bit of electrons, except for the Fisher-Price™ commenting setup.

Apple can have little greppy bots compiling a list of public and private calls and run Clang or whatever else, the point is that there’s a first filter to kick the dreck back to the newbie coders like I may someday become. You can grep for calls in source and when private call/api combos are found, kick it back to the newb with a wagging finger and no-no-no. Or if you’re Google you get to slide. But I digress. There’s a top level pass/fail so that devs aren’t left in limbo over the painfully obvious.

this is literally untenable except for hobbyists. No commercial dev who, you know, wants to make money, is going to do this, because this isn't sharing, or caring, this is giving your code away to your competition. So at best, it's a sample code repository, and Apple already has gobs of sample code. If it's for devs to share among themselves, they can do that now, no need for Apple. The private API thing is kind of overblown, because you don't "accidentally" use one. There's no slipped, tripped, and fell on a private API. There's some work involved there.

Next is the reviewer, where code gets audited in its totality ONCE. Now the fun begins. Instead of having this 2 week plus wait over little code or even string changes, the dev checks in the change and a reviewer does a diff and a launch test. In fact, for string changes there’s no wait.

If everything’s kosher that’s it. Right now, if an AppStore dev finds an ohshit bug, in general he’s gotta fix, re submit, and wait 2+ weeks for a review to peer around his blackbox. So remove the black and make it glass box already.

Source code review won't actually tell you if the application works or not, if it's crashy, or what the parts of it that reach out to the internets for in-app purchases do. relying on a code audit here is about useless from the POV of what you'd actually care about. The other problem is that for code review to work, EVERY reviewer has to be able to write not just basic iPhone applications, but keep up with all the code they'll ever see. So now you're hiring talented devs to...sit around all day and read other people's code, and figure out what it will actually do. Yeah, retention in that department will be SKY high. Actual days even.

Because of the nature of the iPhone, what the source code says is not always going to be the totality of what the application does.

They can also put a label in the AppStore that says to me, an enduser, ‘code audited by Apple’ like some Good Housekeeping Seal o’ Approval. Devs using Apple’s approved tech get preference.

that's a fucking nightmare, because end users will not, ever, assume that this 'seal' means "oh it passed code review, no private APIs." They'll assume it means this application kicks ass, has no bugs, and works the way they think it should in their heads. Yeah. No.

Now, for Adopey, if they wanna compile a binary and spoof a signature and put a black box over the binary that’s fine with me. They can go thru the bynzantine clusterfcuk that is AppStore 1.0. I really don’t want half-assed crap on my iPhone, if I can help it, and I don’t think anyone else does either.

There's no more "spoofing" or "black box" with Adobe's ARM compiler that with the machine code you get from Xcode. Paranoia and other similar emotional states do not actually reflect reality. It's ARM code that meets Apple's specs. the source is irrelevant.

My point is that yes, ‘developers of all levels’ should be encouraged to submit apps. And they should be treated, if at all possible the way devs wanna be treated. In other words, not like the hoi-polloi.

devs are the computer equivalent of a new 2nd lieutenant Academy grad F-22 pilot. They want to be treated like God, and not that lame fuck who created the Universe.

So audit the code. And for the visigoths & barbarians of Fuh-lash & the ‘Compiled Script Kiddies’, you can make them wait 2+ weeks at the Great Wall o’ Segfault. That’s what walls are for, keeping the riff-raff out. And the current wall works. Just not for the Devs.

For someone who rails at Apple's snobbery, you sure seem in favor of it when it's convenient to you. There's enough wrong in this that the letters in the word "wrong" are inadequate to properly label the amount.

Categories: Other

Posted by John C. Welch at 06:20 | Permalink

Comments

Warning for Notes users: The commenting system uses HTML.
I know this will be scary for some of you, especially Notes fans. However, open standards, rah-rah.
If you want to use less-than or greater-than signs, or other similar charachters that HTML reserves,
you'll simply have to learn to do it the HTML way. Luckily, HTML is kind of popular, no matter what
your re-educators have told you, and you can easily find help on the intertubes.

What WOULD have been a comment on this...bit of electrons, except for the Fisher-Price™ commenting setup.\n\n

Apple can have little greppy bots compiling a list of public and private calls and run Clang or whatever else, the point is that there’s a first filter to kick the dreck back to the newbie coders like I may someday become. You can grep for calls in source and when private call/api combos are found, kick it back to the newb with a wagging finger and no-no-no. Or if you’re Google you get to slide. But I digress. There’s a top level pass/fail so that devs aren’t left in limbo over the painfully obvious.

\n\nthis is literally untenable except for hobbyists. No commercial dev who, you know, wants to make money, is going to do this, because this isn't sharing, or caring, this is giving your code away to your competition. So at best, it's a sample code repository, and Apple already has gobs of sample code. If it's for devs to share among themselves, they can do that now, no need for Apple. The private API thing is kind of overblown, because you don't \"accidentally\" use one. There's no slipped, tripped, and fell on a private API. There's some work involved there.\n\n

Next is the reviewer, where code gets audited in its totality ONCE. Now the fun begins. Instead of having this 2 week plus wait over little code or even string changes, the dev checks in the change and a reviewer does a diff and a launch test. In fact, for string changes there’s no wait.

\n\n

If everything’s kosher that’s it. Right now, if an AppStore dev finds an ohshit bug, in general he’s gotta fix, re submit, and wait 2+ weeks for a review to peer around his blackbox. So remove the black and make it glass box already.

\n\nSource code review won't actually tell you if the application works or not, if it's crashy, or what the parts of it that reach out to the internets for in-app purchases do. relying on a code audit here is about useless from the POV of what you'd actually care about. The other problem is that for code review to work, EVERY reviewer has to be able to write not just basic iPhone applications, but keep up with all the code they'll ever see. So now you're hiring talented devs to...sit around all day and read other people's code, and figure out what it will actually do. Yeah, retention in that department will be SKY high. Actual days even. \n\nBecause of the nature of the iPhone, what the source code says is not always going to be the totality of what the application does.\n\n

They can also put a label in the AppStore that says to me, an enduser, ‘code audited by Apple’ like some Good Housekeeping Seal o’ Approval. Devs using Apple’s approved tech get preference.

\n\nthat's a fucking nightmare, because end users will not, ever, assume that this 'seal' means \"oh it passed code review, no private APIs.\" They'll assume it means this application kicks ass, has no bugs, and works the way they think it should in their heads. Yeah. No.\n\n

Now, for Adopey, if they wanna compile a binary and spoof a signature and put a black box over the binary that’s fine with me. They can go thru the bynzantine clusterfcuk that is AppStore 1.0. I really don’t want half-assed crap on my iPhone, if I can help it, and I don’t think anyone else does either.

\n\nThere's no more \"spoofing\" or \"black box\" with Adobe's ARM compiler that with the machine code you get from Xcode. Paranoia and other similar emotional states do not actually reflect reality. It's ARM code that meets Apple's specs. the source is irrelevant.\n\n

My point is that yes, ‘developers of all levels’ should be encouraged to submit apps. And they should be treated, if at all possible the way devs wanna be treated. In other words, not like the hoi-polloi.

\n\ndevs are the computer equivalent of a new 2nd lieutenant Academy grad F-22 pilot. They want to be treated like God, and not that lame fuck who created the Universe.\n\n

So audit the code. And for the visigoths & barbarians of Fuh-lash & the ‘Compiled Script Kiddies’, you can make them wait 2+ weeks at the Great Wall o’ Segfault. That’s what walls are for, keeping the riff-raff out. And the current wall works. Just not for the Devs.

\n\nFor someone who rails at Apple's snobbery, you sure seem in favor of it when it's convenient to you. There's enough wrong in this that the letters in the word \"wrong\" are inadequate to properly label the amount.