Overview

Hi, we were recently approved for the com.apple.developer.web-browser.public-key-credential entitlement and have added it to our app. It initially worked as expected for a couple of days, but then it stopped working. We're now seeing the same error as before adding the entitlement: Told not to present authorization sheet: Error Domain=com.apple.AuthenticationServicesCore.AuthorizationError Code=1 "(null)" ASAuthorizationController credential request failed with error: Error Domain=com.apple.AuthenticationServices.AuthorizationError Code=1004 "(null)" Do you have any insights into what might be causing this issue? Thank you!

I'm converting my game from SceneKit to RealityKit. It has a SpriteKit overlay that according to Explore advanced rendering with RealityKit 2 I can add with the code below. The code runs fine if the SKScene only contains a SKSpriteNode (see the commented out line), but when I add a SKShapeNode with a fillColor instead, the app crashes with this error: -[MTLDebugRenderCommandEncoder validateCommonDrawErrors:]:5970: failed assertion `Draw Errors Validation MTLDepthStencilDescriptor uses frontFaceStencil but MTLRenderPassDescriptor has a nil stencilAttachment texture MTLDepthStencilDescriptor uses backFaceStencil but MTLRenderPassDescriptor has a nil stencilAttachment texture ' I don't know enough about low-level graphics and stencils yet to figure out a quick solution, so I would appreciate if anyone could share an easy fix or explanation of what's wrong. Thanks! class ViewController: NSViewController { var device: MTLDevice! var renderer: SKRenderer! override func loadView() { let arView = ARView(frame: NSScreen.main!.frame) view = arView arView.renderCallbacks.prepareWithDevice = { [weak self] device in guard let self = self else { return } self.device = device renderer = SKRenderer(device: MTLCreateSystemDefaultDevice()!) let scene = SKScene() let shape = SKShapeNode(rectOf: CGSize(width: 10, height: 10)) shape.fillColor = .red scene.addChild(shape) // scene.addChild(SKSpriteNode(color: .red, size: CGSize(width: 10, height: 10))) renderer.scene = scene } arView.renderCallbacks.postProcess = { [weak self] context in guard let self = self else { return } let encoder = context.commandBuffer.makeBlitCommandEncoder() encoder?.copy(from: context.sourceColorTexture, to: context.targetColorTexture) encoder?.endEncoding() renderer.update(atTime: context.time) let descriptor = MTLRenderPassDescriptor() descriptor.colorAttachments[0].loadAction = .load descriptor.colorAttachments[0].storeAction = .store descriptor.colorAttachments[0].texture = context.targetColorTexture renderer.render(withViewport: CGRect(x: 0, y: 0, width: context.targetColorTexture.width, height: context.targetColorTexture.height), commandBuffer: context.commandBuffer, renderPassDescriptor: descriptor) } } }

Hello, I am working on a cross-platform application where IPC between a LaunchDaemon and a LaunchAgent is implemented via Unix domain sockets. On macOS, the socket path length is restricted to 104 characters. What is the Apple-recommended directory for these sockets to ensure the path remains under the limit while allowing a non-sandboxed agent to communicate with a root daemon? Standard paths like $TMPDIR are often too long for this purpose. Thank you in advance!

Apple has introduced the Wireless Insights Service Predictions capability in iOS 26. After prior alignment with Apple engineers, we are working to integrate this capability into the Douyin App, and intend to provide a TestFlight build for Apple engineers to validate and debug the integration. We have encountered a blocking issue with entitlement configuration: We use our Apple Developer Enterprise Program account to build and submit TestFlight builds. When we manually create and configure provisioning profiles via the Apple Developer Portal, the required entitlement key com.apple.developer.wireless-insights.service-predictions is not available for selection or inclusion in the profile's Entitlements. This completely blocks us from enabling, using, and validating the Wireless Insights Service Predictions capability. For comparison, when we use our Apple Developer Program individual account, the entitlement com.apple.developer.wireless-insights.service-predictions is fully available. It is automatically included in provisioning profiles generated for local debugging, and can also be manually added to custom provisioning profiles via the Apple Developer Portal without issues. We request assistance to resolve this entitlement access discrepancy for our Enterprise Program account, so that we can complete the integration and provide the TestFlight build for validation as planned.

We have a macOS system extension with NETransparentProxyProvider which is able to intercept traffic and handle it. We also wanted to setup few search domains from our network extension. However, unlike PacketTunnelProvider, NEDNSSettings are completely ignored with NETransparentProxyProvider. So whats the best way to setup few DNS search domains when using NETransparentProxyProvider.

I have a bunch of Audio Unit v3 plugins that are approaching release, and I was considering using subscription-model pricing, as I have done in a soon to be released iOS app. However, whether this is possible or not is not at all obvious. Specifically: The plugin can, depending on the host app, be loaded in-process or out-of-process - yes, I know, Logic Pro and Garage Band will not load a plug-in in-process anymore, but I am not going to rule that out for other audio apps and force on them the overhead of IPC (I spent two solid weeks deciphering the process to actually make it possible for an AUv3 to run in-process - see this - https://github.com/timboudreau/audio_unit_rust_demo - example with notes) Depending on how it is loaded, the value of Bundle.main.bundleIdentifier will vary. If I use the StoreKit API, will that return product results for my bundle identifier when being called as a library from a foreign application? I would expect it would be a major security hole if random apps could query about purchases of other random apps, so I assume not. Even if I restricted the plugins to running out-of-process, I have to set up the in-app purchases on the app store for the App container's ID, not the extension's ID, and the extension is what run - the outer app that is what you purchase is just a toy demo that exists solely to register the audio unit. I have similar questions with regard to MetricKit, which I would similarly like to use, but which may be running inside some random app. If there were some sort of signed token, or similar mechanism, that could be bundled or acquired by the running plugin extension that could be used to ensure both StoreKit and MetricKit operate under the assumption that purchases and metrics should be accessed as if called from the container app, that would be very helpful. This is the difference between having a one-and-done sales model and something that provides ongoing revenue to maintain these products - I am a one-person shop - if I price these products where they would need to be to pay the bills assuming a single sale per customer ever, the price will be too high for anyone to want to try products from a small vendor they've never heard of. So, being able to do a free trial period and then subscription is the difference between this being a viable business or not.

Hello, I have an application that needs to be published to the App Store. This application consists of two processes, A and B, where B is a child process of A. I found that if process B needs to be launched as a child process of A in sandbox mode, it is necessary to set the following keys in the entitlements.plist file: <key>com.apple.security.app-sandbox</key><true/><key>com.apple.security.inherit</key><true/> However, after setting these keys, process B can no longer be launched directly. This issue is particularly prominent because process B has a window and a Dock icon — in this case, if the user pins the Dock icon, they will be unable to launch process B. Could you please advise on a solution to this problem?

I am building a simple iOS app that shows the total phone usage time for today using the Screen Time APIs. Architecture: Main app → requests authorization using AuthorizationCenter.shared.requestAuthorization(for: .individual) → displays a DeviceActivityReport Report extension → DeviceActivityReportExtension → calculates total usage using DeviceActivityResults<DeviceActivityData> → shows the number in a SwiftUI view The report works correctly. The extension successfully calculates the total usage and displays it on screen. Example logic inside the report extension: for await activityData in data { for await segment in activityData.activitySegments { totalSeconds += segment.totalActivityDuration } } let totalMinutes = Int(totalSeconds / 60) The problem: I need the main app to access that number so I can store it daily in my own database. I tried to send the value from the extension to the main app using: App Group + UserDefaults(suiteName:) App Group + shared file (FileManager.containerURL) writing inside makeConfiguration(...) Example: if let defaults = UserDefaults(suiteName: "group.myapp") { defaults.set(value, forKey: "savedTotalActivity") } But the main app cannot read the value. The report extension displays the number correctly, but the data never appears in shared storage. Questions: Is DeviceActivityReportExtension intentionally sandboxed so Screen Time data cannot be exported to the containing app? Is there any supported way for the main app to access the total usage value calculated in the report extension? If exporting the value is restricted, what is the recommended architecture for apps that want to store daily Screen Time totals for later analysis? Goal: I want a simple app that records something like: 2026-03-08 → 244 minutes 2026-03-09 → 198 minutes and stores it inside the app database. Any guidance on the correct architecture would help.

I am trying to notarize my first macOS app for direct distribution outside the Mac App Store using Developer ID Application signing. Team ID: 32S6XVAQPY Environment: macOS app distributed via Developer ID notarytool with a saved keychain profile archive exported locally, app zipped with ditto What I already verified locally: The archived app is signed with: Developer ID Application: (32S6XVAQPY) codesign --verify --deep --strict passes spctl shows: source=Unnotarized Developer ID syspolicy_check distribution only reports the expected missing notary ticket Hardened runtime is enabled The app bundle and nested Sparkle executables were re-signed and now have valid Developer ID signatures with secure timestamps Important note: I previously had a real signing issue in nested Sparkle binaries, and Apple rejected that submission quickly as Invalid. I fixed those signatures, and now new submissions no longer fail quickly but remain stuck In Progress. Submission IDs currently stuck: bea6c4b3-b107-4c81-8042-6c58b1cf5087 5489e29c-d583-4779-a125-ca0fbd9cad0b Earlier invalid submission with a concrete Sparkle signing error: 10df648b-eca8-428f-98d6-4cb4096153ad Apple reported invalid Developer ID / missing secure timestamp on: Sparkle.framework/Versions/B/Updater.app/Contents/MacOS/Updater Sparkle.framework/Versions/B/Autoupdate Sparkle.framework/Versions/B/XPCServices/Downloader.xpc/Contents/MacOS/Downloader Sparkle.framework/Versions/B/XPCServices/Installer.xpc/Contents/MacOS/Installer That Sparkle issue has since been fixed locally and re-verified. Question: Is there currently a notarization backlog or any known issue affecting first-time macOS notarizations or Developer ID submissions? At this point the remaining submissions appear valid locally but sit In Progress for a very long time.

All my notarization submissions are rejected with statusCode 7000 ("Team is not yet configured for notarization"), even though my Apple Developer Program membership has been active since February 26, 2026. Error log: status: Rejected statusCode: 7000 statusSummary: "Team is not yet configured for notarization" My setup: Team ID: 9NL8W3646T Membership: Individual, ACTIVE (confirmed by Apple Support on Feb 26) Certificate: Developer ID Application — valid, signing works Hardened runtime: enabled Latest failed submission: ce6a4ca9-ccc2-4838-b96a-d9ed16557237 (March 6) I have support case 102832266798 open since March 4. Apple responded on March 6, but the email never arrived in my inbox and the portal doesn't let me view the response. Could DTS help enable notarization for my team? This is blocking distribution of my macOS app. Thank you.

In the WWDC 2019 session "Extended Runtime for WatchOS apps" the video talks about an entitlement being required to use the HR sensor judiciously in the background. It provides a link to request the entitlement which no longer works: http://developer.apple.com/contect/request/health-monitoring The session video is also quite hard to find these days. Does anyone know why this is the case? Is the API and entitlement still available? Is there a supported way to run, even periodically, in the background on the Watch app (ignoring the background observer route which is known to be unreliable) and access existing HR sensor data

Does Xcode 26 still support creating pull requests and/or viewing comments from GitHub pull requests associated with the current branch? This used to be possible, but I cannot get it to work with the current version of Xcode (26.0.1). The "Create Pull Request" menu item takes me to github.com directly, instead of presenting a nice UI menu; hence I'm wondering.

does anyone know why app store is doing this? all screenshots have uploaded. i’ve signed out and back in, deleted all screenshots and reuploaded, allowed it all night, and now i’ve cancelled the submission. yet when i try again it still says the same thing. it worked before, but there was something they said i should remove from the screenshots, and since i removed it i’ve been stuck here.

Hi, I am trying to implement a PHBackgroundResourceUploadExtension to upload backup media files to an external cloud service based on these docs: https://developer.apple.com/documentation/PhotoKit/uploading-asset-resources-in-the-background#Acknowledge-completed-jobs Creating jobs and actual uploading is working as expected, but the problem I have is in the acknowledgeCompletedJobs() function. When trying to access a job's resource, the resource is nil and thus has empty assetLocalIdentifier and originalFilename. Did anybody successfully implement this extension or knows, why this would happen? Because the resource of an acknowledgable job is empty, I can not match it back to my processed assets.

For me it looks like Xcode 26 has problems reading SPM packages from a locally hosted BitBucket git solution. While Xcode 16 work perfectly fine, Xcode 26 fails to load and gives "Server SSH Fingerprint Failed to Verify" as error description. Cleaning build data and DerivedData sometimes makes loading work. Any change in Package dependencies will break it again. Anyone having same problems? How do you handle it?

Hello team, I am trying to find out a way to block urls in the chrome browser if it is found in local blocked list cache. I found URL Filter Network very much suitable for my requirement. But I see at multiple places that this solution is only for Enterprise level or MDM or supervised device. So can I run this for normal user ? as my targeting audience would be bank users. One more thing how can I test this in development environment if we need supervised devices and do we need special entitlement ? When trying to run sample project in the simulator then getting below error

Hi everyone, We are facing a critical blocker with our macOS app processing. Since March 5, 2026, every single build we have uploaded (8 builds total) has been stuck in the "Processing" state for over 4 days. For our project, due to the large binary size, processing usually takes about 4 to 6 hours normally. However, we now have a long queue of builds that haven't transitioned to "Ready to Submit" for up to 80+ hours. Stuck Builds List: 1.0.0 (444): Mar 8, 3:09 PM (Processing) 1.0.0 (443): Mar 8, 5:36 AM (Processing) 1.0.0 (440): Mar 7, 6:37 AM (Processing) 1.0.0 (438): Mar 6, 5:01 PM (Processing) 1.0.0 (434): Mar 6, 12:04 AM (Processing) 1.0.0 (433): Mar 5, 6:26 PM (Processing) 1.0.0 (432): Mar 5, 10:51 AM (Processing) 1.0.0 (431): Mar 5, 6:11 AM (Processing) (Note: The last successful build was 1.0.0 (429) on March 4, which processed within the expected 6-hour window.) There have been no changes to our project settings, Info.plist, or entitlements since the last successful build. This is completely halting our scheduled update release. Is anyone else experiencing a similar backlog with large macOS binaries? Or is there a known issue with the App Store Connect pipeline for the macOS platform recently? Any help or investigation from Apple engineers would be greatly appreciated. (Feedback ID: FB22156358)

Alright, so I'm gonna send an email out to Eddy, Matt and Susan. If anyone wants to be copied, paste your email address here. This is just beyond belief. It is unfortunate we have to let Apple leadership know this service is broken and most probably call out people (sadly). This sort of delay is severely severed my relationship with customers and users. I plan to send the email out over the week-end

Hi everyone, I’m looking for some insight or advice on a persistent review delay. My app, has been stuck in the "Waiting for Review" status since Feb 9th. I thought it got glitched or whatsoever so I rejected and resubmitted a week ago March 2nd. and yet its still in waiting for review status. I applied for expedite review with case ID: 102825200414 I have already: Verified that all metadata is complete. Ensured there are no "Action Required" flags or "Metadata Rejected" notices. Checked that the "Availability" date is set to "As soon as it is approved." Confirmed the build runs perfectly in TestFlight.

Hello everyone, Our application has been pending review since February 23rd. There's been no progress, and I'm not getting any concrete answers. My projects have suffered serious delays and inconvenience. What's going on at Apple? I've never waited this long before. Is there an explanation? Thank you for your help.