Coda 2.5 and the Mac App Store

It strike me as a bit punitive that only Mac App Store applications are permitted to access iCloud and is probably a barrier to further adoption of iCloud by developers; particularly in light of the fact that there are certain legitimate classes of app for which the sandboxing restrictions have egregious impacts on a user&#x27;s workflow.<p>Consequently developers are forced to implement their own sync solutions (e.g. Panic Sync, and Omigroup&#x27;s OmniSync) - which can be a hard component to get right and increases the overall attack surface of the application + its server-side sync solution. Or rely on Dropbox, etc which I&#x27;m sure Panic had good reasons to avoid (most likely 3rd-party vendor lock-in).<p>Hopefully the WWDC will show Apple being more accommodating on this front, but I won&#x27;t hold my breath.

Had similar experience with a project that I was responsible to release a couple of months ago. We already had an app available on Mac App Store. We then spent about 2 months adding new features and fixing bugs. Turned out, because of stupid sandboxing, we could no longer add any new features. Only bug fixes were accepted. Release got stalled for about 2 weeks trying to find a workaround. It was really depressing 2 weeks. Eventually we decided to release on our own. We notified our existing customers and gave heavy discounts for those who wanted to get the new version. Received few angry emails from our existing customers but most of them understood our problems. Other than that, it&#x27;s been going smooth. We are happy we did it. We don&#x27;t have to pay 30% to Apple (there is a little cost associated with licensing but it is just like 3% of the total cost). We now can release bug fixes as soon as we want. In fact, the first bug fix we did was within an hour! I&#x27;d recommend everyone to skip MAS if possible.

Frankly the only Mac App store apps that I have bought are Apple branded apps, and that&#x27;s because that is the only place to get them. When I look for a new app, the Mac App store is the absolute last place I look. The iOS mentality of apps simply does jive with how I use a computer, a tablet maybe, but not a desktop&#x2F;laptop.

On one hand, developer tools really are a worst case situation for sandboxing, as they are the most closely tied to a rich Unix heritage that happens to have been designed with security only to protect users from each other, not from their own compromised applications. (I suspect it would work much better if Unix were designed with capabilities in mind from the beginning, though I&#x27;m not sure exactly how such a system would work.) Plus, sending people compromised source code to build isn&#x27;t exactly a common attack vector - although to be fair, if you think about how often people download random source tarballs and run the shell scripts inside, and the known existence of &quot;watering hole&quot; attacks targeting developers, someone somewhere has probably tried it. And of course, Apple does not require itself to implement sandboxing in Xcode.<p>On the other hand, sandboxing in general is definitely a good thing - you can&#x27;t constantly bring up the security threat posed by the NSA et al. and then complain about the most effective type of anti-exploitation measure we know of today. Apple&#x27;s sandbox implementation on OS X is reasonably flexible, and the post itself seems to concede that given more time, Panic could have come up with a reasonable experience that runs under it, perhaps with some features more awkward than without but essentially intact. So is it really that evil?

It&#x27;s a shame that this stuff happens really; I think it relegates the Mac App Store to a certain niche more than anything else.<p>I was surprised at the limited selection I found in the store. Having just got a new Mac, I went searching for the usual suspects - no VMware or Parallels? I understand why as these apps can&#x27;t be sandboxed. Hardly any commercial 3D authoring tools? Where&#x27;s Illustrator and their ilk (not the Lite versions, the actual full versions). I was really surprised at the lack of big creative and high-end apps on the store - at least in the sense the big apps that the Mac is known for. It seems to be a bit of a wasteland in that regard. I&#x27;m sure there are many gems in the store from smaller developers, but I found the app discovery experience roughly on par with that of the iOS app store, which isn&#x27;t a compliment :)<p>The convenience factor is wonderful though - it&#x27;s been a few years since my last Mac and apps I purchased were right there waiting. Setting up the new machine was bliss. Hopefully many of these issues can be worked out as the store evolves.<p>Slightly off-topic; where do I go to find the gems on the store? What are the good review sites (something like what TouchArcade is for iOS games)? Any with a focus on creative apps?

<p><pre><code> In short, we’ll trade you iCloud for something great. </code></pre> Love this subtle dig at iCloud.

I certainly hope their new syncing is better than their Transmit Dropbox implementation. I had to stop using sync it was so bad.<p>I prefer MAS apps because of how easy it is to purchase, install and update. I&#x27;m particularly annoyed when an app is available in the App Store and is then pulled out later. By then, I&#x27;ve already purchased and have to transition, awkwardly, to a non App Store version.<p>This isn&#x27;t the first developer tool that&#x27;s done this for me.

I remember Tim Cook saying that hybrid tablets devices were doomed to fail because they tried to do two things and failed at both. That the desktop and mobile experience were separate experiences and should be treated as such. Yet it seems like this is the exact mistake they&#x27;re making trying to make the Mac App Store into aa iOS App Store - Mac Edition.

Coda is a great editor and although I didn&#x27;t really use it for what it was designed for, I really liked it.

So it seems that syncing was the feature or a primary feature that presented sandboxing problems? Are there any other features that are problematic?

Wait... WTH is Panic Sync?