Post not yet marked as solved
Is anyone else seeing that Xcode 13.2 no longer creates a single default.metallib that combines all *.air files together? (Seeing this with a framework target, at least.)
Nothing in the release notes suggests this change... so for now a custom script like the following seems needed:
if [ ! -d "${METAL_LIBRARY_OUTPUT_DIR}"/default.metallib ]; then
xcrun -sdk macosx metallib "${TARGET_TEMP_DIR}"/Metal/*.air -o "${METAL_LIBRARY_OUTPUT_DIR}"/default.metallib
fi;
Would be grateful to know if this is a bug or an intended change in the toolchain.
Thanks!
Post not yet marked as solved
I would like to be able to write CIKernels that output a lookup table or other blob of data, to be used by subsequent CIKernels.The data generated by such a kernel is fed to subsequent kernels whose corresponsing sampler input has been tagged with the "__table" attribute to disable colormatching for that input. This is a scenario that already works if one has the ability to allocate the CIImage himself, so that a nil colorspace can be passed. But when asking CIKernel for an output image, it is not possible to request an image without a colorspace associated with it. I'm referring to methods like this:- applyWithExtent:roiCallback:arguments:There are also no APIs in Core Image that would allow you to strip colorspace information from an existing image, AFAIK. (As in "hey I know this recipe is tagged with the working/output colorspace, but in reality it contains values that do not encode RGB at all")If I feed the output image from applyWithExtent:... to another kernel whose sampler has the __table attribute, from my observations it still appears to be colormatched. I can see three possibilities:1) I am clearly missing something.2) The __table attribute no longer has the desired effect, perhaps a regression.3) A new API is needed to cover this usage scenario.Any help is greatly appreciated!Best,Gabe
Post not yet marked as solved
Does anyone know why it is impossible to enable/test Private Relay even with an Apple One Premier subscription? Wouldn't it make sense that during the macOS Beta all users would be able to turn in on? This feature looks good on paper but the barrier to testing makes no sense.
Any help greatly appreciated.
Post not yet marked as solved
The Xcode 13 Beta (1 & 2) is showing some serious performance regressions when building our large project, and wondering if others are noticing the same.
If you Build again after a build had just completed, Xcode 13 redoes a ton of work, as visible through the thousands of tasks it takes on. It's as if Xcode 13 lost the ability to skip unnecessary work. Building again in Xcode 12 does incur a small penalty too, but the difference is between 2-3 seconds (Xcode 12) vs 1-2 minutes (Xcode 13).
...and as a side note, the new progress reporter is useless: it switches from reporting progress for one set of tasks (1928/3022 completed) to a completely different set of tasks (444/1255 completed). You never know which "set of tasks" is the last you'll need for the build process as a whole to be done. Any idea why it doesn't display cumulative progress?
Thanks!
We have a non-sandboxed app that uses a custom URL scheme to allow redirection of certain tasks from Safari to our app, when installed, and with permission from the user.
In the latest Beta of Safari 14 on macOS Big Sur Beta, Safari launches our app in its own Sandbox Container. This obviously breaks our software, which expects and requires a "normal" environment.
This is a regression in Safari. It still asks for permission before opening every single custom URL. Users still have to install our notarized software beforehand on their systems in order to access these custom URLs.
I tried filing a bug. Tried a DTS ticket. No reply to either. Does anyone know of this problem, and know of a workaround? Our software obviously cannot escape Safari’s sandbox container. At best we can detect it, right now, but our software is broken 😫
For the record, if the user launches our app *before* attempting to open the custom URL, then Safari is more than happy to pass along the URL to the running instance of our software (which is great). But if Safari has to launch our app in order to process the custom URL, our app lives within the confines of Safari’s container.
Post not yet marked as solved
Installed the Xcode 12 GM on a couple systems, updating from Beta 6, only to discover that it doesn't include macOS 11 SDK. No indication of this particular change in the release notes. Am I missing something obvious? I would imagine that to be the default SDK, if anything... but instead it defaults to the 10.15 SDK? 🤔
Thanks!
When looking under /System/Library/Frameworks, it is apparent that while the framework structure is all there, its binary is not. I presume this is due to SIP hiding binaries from the file system.
Is there any magic incantation to access those binaries for non-nefarious purposes (e.g. class-dump)? If one gets the NSBundle for one of the classes in AddressBook.framework, for example, its executable path is still reported as:
/System/Library/Frameworks/AddressBook.framework/Versions/A/AddressBook
...even though the file isn't part of the file system and thus cannot be accessed. Is there a way to get to the object code without having to disable SIP or otherwise cripple one’s system?
Thank you!
Post not yet marked as solved
Is notarization via altool under Xcode 12 Beta 2 and macOS Big Sur Beta supposed to work yet?
Altool still works when using the Xcode 11.x tools, but if I switch the command line tools to Xcode 12, any attempt to submit software for notarization via xcrun altool returns error -19,060: "There is no embedded Java executable. Please reinstall the Xcode developer tools."
Thanks!
Post not yet marked as solved
Neither the available documentation or WWDC video "All About Notarization" (oh the irony :-)) make any mention of privileged helper tools. Do they need special treatment?I am referring to executables stored inside the container app bundle in: Some.app/Contents/Library/LaunchServices and installed via SMJobBless.Thank you!
Post not yet marked as solved
As part of a custom notarization workflow, I am currently submitting a flat installer package which contains a number of different components (app, frameworks, loadable bundles, etc.). This package does not contain any loadable code such as KEXTs that seems to have its own stricter set of rules.So here is the workflow:1) Upload the flat PKG via altool2) Wait for the ticket to be ready3) Staple the same PKGThis seems like a straighforward workflow, but other posts in the forum suggest that one might have to do this instead:1) Upload all apps that you plan to eventually include in the PKG via altool2) Wait for the ticket to be ready3) Staple apps4) Build flat PKG5) Upload flat PKG via altool6) Wait for the ticket to be ready7) Staple the PKGIs it even necessary to go through the extra steps? Is there any benefit to stapling an app that is installed via a stapled installer?
Post not yet marked as solved
Hi,My software installs frameworks in the local domain (/Library/Frameworks) that are accessed from third-party apps. Some of these apps are simply code-signed, others are sandboxed. They are obviously signed by other companies, and so far there have been no problems on the part of DYLD in loading and executing code inside our frameworks. The loader is happy to continue looking for our framework outside the app container, in the case of sandboxed apps.What changes are necessary to ensure that our frameworks remain accessible from hardened apps? Hardened Runtime, to the best of my understanding, only allows executables to load code that has been code-signed by the same team, or by Apple. I also think that hardened runtime affects only executables, and yet when I enable the ENABLE_HARDENED_RUNTIME setting in Xcode on my framework targets (via xcconfig) it clearly influences the way they are signed, and suddenly these "hardened frameworks" fail to be loaded by third-party apps, even if these apps aren't yet hardened themselves. In what its perhaps the key to solving this issue, how can one mark non-app targets to enable the library-validation exception? Why would a non-hardened app fail to load code whose only difference may be a simple flag (kill,runtime) in its signature?Maybe I'm wrong to assume that non-app targets deserve any special treatment, but the fact remains that when I enable hardened runtime, our code simply stops being "seen" and loaded by DYLD, with all other variables remaining identical.Thank you!Gabe
Post not yet marked as solved
Xcode currently provides a UI for declaring Hardened Runtime exceptions only when building an app target. Is it possible to specify Hardened Runtime exceptions for other types of targets? How about specifying these exceptions via xcconfig files?The reason for asking is that we build an XPCService that is loaded by Final Cut Pro. If we build our loadable code bundles + frameworks with Hardened Runtime enabled, Final Cut Pro fails to load our code, presumably because there is a mismatch between how our own code is signed vs theirs. While it is possible to enable the hardened runtime via xcconfig, there seems to be no obvious way (or documentation) on adding exceptions such as com.apple.security.cs.disable-library-validation via xcconfig files.Thank you!
Post not yet marked as solved
When using a WKWebView as the accessory view inside an NSAlert, the content doesn't always load and display. It seems that WKWebView needs to do its work on a secondary thread/dispatch queue that isn't running while a modal run loop is active.Is there any way to make this work?Thank you!Gabe
How does one go about feeding a 2D texture based on MTLPixelFormatBGRA8Unorm to a compute shader? I tried what seemed obvious:texture2d<uchar, ...texture2d<unsigned char, ...texture2d<uint8_t, ......with the intention of sampling a uchar4 out of the texture, but all three are flagged as errors.Any help appreciated!
Post not yet marked as solved
I'm building a Framework that is meant to be accessible by multiple apps, and therefore installed in /Library/FrameworksBeginning with High Sierra, this location appears to be protected by SIP. It is impossible to make the directory writeable by the current user or group (AFAIK), which happend to be the method I used until 10.12.x to allow Xcode to build and copy my framework directly at its install location.What would be the strategy to get this done in High Sierra? I hope I'm overlooking something because the thought of having to drag files in the Finder and authenticate every time I want to copy something to /Library/Frameworks makes me cringe.Thanks!GabeFxFactory
FxFactory.