Sandbox Day

Today, June 1st, is Sandbox day. From now on, all new submissions to the Mac App Store must be sandboxed.

Developers with non-sandboxed applications already on the store have a choice to make in the near future if they haven't acted already, they can either implement sandboxing, submit only bugfix updates (no new features), or pull out of the Mac App Store entirely in favor of selling direct to customers over the web, which is a viable option in some cases as the Mac is still a very open platform compared to iOS.

For me, today isn't much of a deadline however, as both of the Mac software utilities I've published on the store are already sandboxed and don't require any special behaviors that would conflict with Apple's restrictions.

Codepoints

Codepoints for Mac is the simpler of the two utilities already on the store, it requires no "entitlements" of any kind. In addition, none of the features that are currently being added to it will run afoul of the sandbox rules either.

Here's the sandbox config for it in Xcode:

Codepoints Entitlements

It is essentially a happy resident of the Sandbox and has been there since it was released a few months ago.

Mi-Fi Monitor

Mi-Fi Monitor for Mac is also sandboxed, but does require one entitlement: Outgoing Network Connections.

Here's the sandbox config for it in Xcode:

Mi-Fi Monitor Entitlements

As Mi-Fi Monitor is essentially a display for the status API available on Novatel's Mi-Fi, it must be able to communicate with it over the network. Specifically, it must make periodic HTTP requests to a CGI script running on the Mi-Fi itself.

In addition there is a feature buried in the preferences area of Mi-Fi Monitor that allows users to manually submit debug information to me if something isn't working properly, and that also occurs with an HTTP POST connection to a special Google App Engine system I created for it.

This is all standard behavior for most applications though, so merely ticking the box to request that entitlement gives it everything it needs to do its job.