Appstore source code verification

The answer to your question in general is Yes, the code is being checked.

In general, the review of the application can take place in 2 stages:

1. Bot check
2. Review by "Live" QA specialists.

The bot generally looks at which API calls are present in your application. Among all possible APIs, there is some list of forbidden ones. For example, Apple does not allow you to embed payment functionality in applications that bypass the official Apple billing system. In the confirmation, you can find a lot of topics on forums and English SO, where developers complain about the reject application due to the fact that the application package contained plugins a la "XiaomiPay"/"SamsungPay" (proof).

Another point - Apple prohibits the use of dylib in the iOS app. If you send the build to the review, where dylib will be present, you will immediately receive a reject and it will not go to the review until the application is launched.

With regard to access rights (for example, to contacts or camera) - you you will have to specify the setting in the Xcode project itself, why exactly you use this or that right. Next, the QA team comes into play - if they think that you are using something unreasonably when checking the application, they will get reject.

There is also such a practice - Apple is making more and more efforts to shift most of the review to bots and auto-tests. For this reason, in some cases, even now, QA is not always involved in the verification of the application. With a high probability of this a lightweight review is given to apps that are already in the store that release updates, where no new purchases or access rights are added