I've used SPM to install some dependencies, however for one of them, CocoaLumberjackSwift the Embed section is blank and attempting to click in it doesn't brink up any dropdown menuetc. Why is that, how can I change it or check what its set to if its blank? (Code 16.2)

I'm sending push notifications to a notification extension, and within the extension setting the threadIdentifier to be the same. But I'm observing inconsistent grouping behaviour, and behaviour that changes over time. The general iPhone settings are to display notifications as a Stack, and the app settings are to show on lock screen, notification center and banners and the notification grouping is set to by app (changing it to automatic doesn't affect the behaviour below). Pushes are displayed on the lock screen grouped together, then if the device is roused and the screen swiped down to reveal the notification center then they are still grouped. So far so good. If the iphone is active then the notifications appear at the top of the screen, one by one, but in this case if there is a swipe down to reveal the notification center then the notifications are not grouped when displayed, but shown individually. But then if one waits a few minutes and then displays the notification center for a 2nd time, sometimes now they will be grouped, but sometimes not. Why are they not (always) being displayed as grouped in the notification center?

There's plenty of articles out there about programatically grouping push notifications. However I have tried setting the thread-id in the push payload when sending a push, or setting the threadIdentifier for a received push in a notification service extension to be the same for several pushes. But if within the iPhone Settings / Notifications the user selects to display pushes as List and turns off Notification Grouping, then each notification resulting from the push appears on its own separately. Is there something other than thread-id/threadidentifier that is used to programmatically group them? If not then whats the point of these as grouping and display is actually under the control of user.

If I install RealmSwift into an ios app using SPM, I have no problems. However if I install it into an ios framework, then when building there is this error: error: missing required modules: 'Realm.Private', 'Realm', 'Realm.Swift' I have discovered that if I change the import statement from: import RealmSwift to private import RealmSwift then doing that makes this build error goes away (but doing that isn't a feasible workaround as I would like to publicly export classes stored in Realm from the framework). There's no point in posting issues with Realm on their support board as its being deprecated and its tumble weeds on their forum. But I would be very interested in hearing from the Apple expects explanation or speculation on: why is importing the same framework via SPM into a framework xcode project resulting in different behavior then when importing it into an app? why would changing import to private import make the build error go away? TIA

The example database/server provided by Apple for Live Caller ID contains a hardcoded database with a tiny number of pre-defined numbers. However, its not expected to be representational of an live real world usage server. But the question is how can that be accomplished if its a requirement that the data be KPIR encrypted? In real world scenarios, the factors that effect whether a number should be blocked or not are continually changing and evolving on a minute-by-minute basis and new information becomes available or existing information changes. If the database supports tens of millions or hundreds of millions of constantly changing phone numbers, in order to meet the requirements of the Live Caller ID being KPIR encrypted, that would imply the database has to re-encrypt its database of millions endlessly for all time. That seems unfeasable and impractical to implement. Therefore how do the Apple designers of this feature envisage/suggest a real-world server supporting millions of changing data should meet the requirement to be KPIR encrypted?

If I run an app with a Message Filter Extension on iOS 18 then it works as expected, however if its installed onto a phone with iOS 17.6.1 then there is the following error: dyld[1042]: Symbol not found: _$sSo40ILMessageFilterCapabilitiesQueryResponseC14IdentityLookupE21promotionalSubActionsSaySo0abI6ActionVGvs Referenced from: <C82A1045-98F4-3751-8080-413FD0B0DEEB> /private/var/containers/Bundle/Application/F295C156-9B20-4927-AEFA-C6983388B193/Myapp.app/PlugIns/MyMessageFilterExtension.appex/CequintTextFilterExtension.debug.dylib Expected in: <29BFFA34-9B52-3D14-A254-A0653545B72E> /System/Library/Frameworks/IdentityLookup.framework/IdentityLookup (App built using XCode 16.2). Here's code causing the issue: import IdentityLookup final class MessageFilterExtension: ILMessageFilterExtension {} extension MessageFilterExtension: ILMessageFilterQueryHandling, ILMessageFilterCapabilitiesQueryHandling { func handle(_ capabilitiesQueryRequest: ILMessageFilterCapabilitiesQueryRequest, context: ILMessageFilterExtensionContext, completion: @escaping (ILMessageFilterCapabilitiesQueryResponse) -> Void) { let response = ILMessageFilterCapabilitiesQueryResponse() response.transactionalSubActions = [.transactionalCarrier, .transactionalHealth, .transactionalPublicServices, .transactionalFinance, .transactionalWeather, .transactionalRewards, .transactionalOrders, .transactionalOthers, .transactionalReminders] response.promotionalSubActions = [.promotionalOffers, .promotionalOthers, .promotionalCoupons] completion(response) } Message filter sub actions were introduced in iOS 16, so why is this error occurring when the code is run on iOS 17, but its fine with iOS 18? This isn't specific to my app, its easily reproducable in two minutes - create an app, add a message filter extension target, change the template code to add a transactional or promotional sub action and then run and it'll occur. (Reported as issue FB16148083)

During development, before things eventually go live, if the associated server for a message filter extension has a self signed SSL then if/how can test iPhones be configured such that the OS will connect to the server when they are performing a message filter query request?

I have a developer certificate but not a distribution certificate (its not my Apple account). Its possible to create an .xcarchive with a developer certificate, but what about a .ipa? After creating an archive, non of the distribution options within XCode will work without a dist cert. Is there another way to make an .ipa with just a dev cert? And if so is that going to be a dev build rather than a prod build (i.e. the .ipa would only install onto provisioned devices and would be no good for uploading to testflight for example)

The documentation (https://developer.apple.com/documentation/BundleResources/Entitlements/com.apple.developer.associated-domains) for a message filter extension says: If you use a private web server, which is unreachable from the public internet, while developing your app, enable the alternate mode feature to bypass the CDN and connect directly to your server. <service>:<fully qualified domain>?mode=<alternate mode> Where alternate mode is one of the following: developer Specifies that only devices in developer mode can access the domain. In this mode, you can use any valid SSL certificate on your web server, including a certificate that the system doesn’t trust. What does it mean "you can use any valid SSL certificate on your web server"? Does the app have to do anything with regards to this?

When uploading to Testflight the following questions get posted. How to answer this question gets asked in many forums, however none of the answers are satisfactory and it seems every body misreads option two. What type of encryption algorithms does your app implement? Encryption algorithms that are proprietary or not accepted as standard by international standard bodies (IEEE, IETF, ITU, etc.) Standard encryption algorithms instead of, or in addition to, using or accessing the encryption within Apple's operating system Both algorithms mentioned above None of the algorithms mentioned above In the case where an application is using standard encryption provided by the OS itself and isn't doing anything proprietary, what should the answer be? Many people on the internet say the answer should be 2). 2) Does mention standard encryption algorithms, but everybody seems to gloss over this phrase "instead of, or in addition to, using or accessing the encryption within Apple's operating system" Two is not saying the app uses standard encryption algorithms from the OS, two is saying using standard encryption algorithms instead of or in addition to, those provided by the OS. In the above options, there is none to select for the situation where the app only uses standard algorithms from the OS. If that is what 2 is meant to be, then the grammar and English usage doesn't not actually mean that. The phrase "instead of or in addition to" changes that. So what option to choose? Is there a bug in 2 and its English grammar is incorrect and doesn't convey the actual intended meaning?

I asked this question of AI and it said that yes it was possible, and gave some sample code override class func filterConfiguration() -> ILMessageFilterExtensionConfiguration { let config = ILMessageFilterExtensionConfiguration() // You can specify multiple network URLs config.networkURLs = [ URL(string: "https://api1.example.com/filter")!, URL(string: "https://api2.example.com/filter")! ] return config } And said the OS will try the first, and if there's no response within the first few seconds it'll move onto the second. However, there is no such class as ILMessageFilterExtensionConfiguration AFAICT, if there is then how to access/use it, if there isn't, then I wonder how the AI counjured it up? If multiple urls can be specified, then can the extension also specify a particular API to use and switch between them at some point? When does the OS call filterConfiguration()?

In order to create a Message Filter Extension it is necessary to set up Shared Web Credentials. I'd like to form an understanding of what role SWC plays when the OS is making request to the associated network service (when the extension has called deferQueryRequestToNetwork()) and how this differs from when an app directly uses Shared Web Credentials itself. When an app is making direct use of SWC, it makes a request to obtain the user's credentials from the web site. However in the case of a Message Filter Extension, there aren't any individual user credentials, so what is happening behind the scenes when the OS makes a server request on behalf of a Message Filtering Extension? A more general question - the documentation for Shared Web Credentials says "Associated domains establish a secure association between domains and your app.". Thank you

If an app has a text filtering extension and associated server that the iPhone OS communicates with, then how can that communication be authenticated? In other words, how can the server verify that the request is valid and coming from the iPhone and not from some spoofer? If somebody reverse engineers the associated domain urls our of the app's info.plist or entitlement files and calls the server url directly, then how can the server detect this has occurred and the request is not coming from the iPhone OS of a handset on which the app is installed?

Hello, if an associated domain is specified for an app (for example, the url of a server services an app extension text spam filtering) then what is there in place to stop somebody with malicious intentions from obtaining that url from the .plist/.entitlements file of the app and doing something with that url, such as denial of service attack or whatever?

If I have an XCode project that generates a framework when built, then I've noticed that its possible to add new additional targets to the project of type app extension. However if I add some source code to an app extension and regenerate the framework, then that source code is not accessable from the resulting framework (i.e. if the framework is included into an app, then the app code doesn't have visibility of the code that was added to the extension in the framework). Is this something which is possible to achieve? Ideally I would like to package the main source code that constitutes the framework content, along with the source code for a few extensions into a single framework, so that the app(s) that use the framework can include the framework into their main app target and also include it in the app extension target. I noticed that if the scheme of the framework is changed to the extension before building, then the result is not a .framework file but a .appex file. For client apps of the framework, can they directly include/use that .appex file? If so how can that be achieved? Does