Now that Apple is running some kind of static analysis to automatically check for private API use, a number of people have been caught because of the Three20 library. I use another third-party library (which I compile myself from code) and I would like to automatically audit it for private API use before I submit to Apple, so I can eliminate/re-write those parts.
If I run nm
on my application executable, I get a list of symbols, and I am seeing symbols in there that I don't use. For example I see _AudioServicesPlaySystemSound, and if I search for "AudioServicesPlaySystemSound" in XCode I get no results. Is there any way to automatically discriminate calls to private APIs, for example I notice that Apple has a habit of naming them with an initial underscore.
However: if I deliberately include a call to a private API it doesn't show up in the output of nm
, but it does show up if I run strings
on the binary. Based on this, one idea I had was to compile a huge list of all private API calls into a huge table, and automatically search for them in the strings output. I haven't done that yet.
Does anyone have any tips on how to automatically catch this stuff so I'm only going through the review process once?