My last post made it to hacker news where there are over 420 comments about this issue. I am glad that this bug got some widespread attention and I am also grateful to the electron developers that are looking for a way to fix the private API usage issue.
In a strange turn of events it appears that Apple now directly suggests which electron version to use:
"To resolve this issue, please either remove the Electron SDK entirely from your app (I was shocked reading this), or revise your app to utilize version 3.0.0-beta.7, 2.0.8, 1.8.8, or 1.7.16 of the Electron SDK. Once you have made one of those changes, resubmit your binary for review." source: GitHub issue
but promptly someone is already reporting that an app using electron 3.0.0-beta 7 was also rejected.
There are several opinions about the current state of affairs. Some developers are blaming Electron, and others are blaming Apple.
I don't blame either of them but it is clear that this bug should be addressed because new security protections in Mac OS X Catalina do make the distribution through the Mac Apple Store still relevant to many developers.
Catalina requires applications to be notarized. This works fine with Electron but even after the notarization process an app still trigger a warning before install asking the user if he still wishes to proceed an install an app downloaded from the internet.
The previous notice that "Apple checked against malware" disappears in Catalina (I assume because you can't even install an app that is not notarized) yet an App installed via the Mac Apple Store will not trigger any extra warning.
In this day and age security is paramount so having a trusted channel to distribute apps becomes very important.
Atom, one of most important Electron App, is not available in the App Store and many others are also using the direct distribution model.
Yet I feel that for many (not me as I don't have any paid app) the App Store is an essential distribution channel.
We all forget how fortunate we are to benefit from the hard work of open-source developers, like the team at Electron, to create applications that years ago were just a dream. (of course the cynic among us will say that many of these open sources technologies are still backed by the usual tech giants like Google and Microsoft...still).
I was surprised to see several negative comments about cross-platform development. Imposing to a developer to do use 3 different codebases (or 2 for mobile apps) makes no sense. It would just reduce the diversity of apps available in all platforms. Particularly, smaller and indie apps will suffer the most as small development teams do not have the resources to maintain 3 code bases.
I am confident that a solution will be found soon. Electron apps are just too important to be excluded from the Apple Store.