eskimo

It’s better to reply as a reply, rather than in the comments; see Quinn’s Top Ten DevForums Tips for this and other titbits. I can’t move the Developer folder to an external SSD, right? I don’t think you can move the whole thing, but you can move bits via Xcode > Settings > Locations. Oh, one last thing. If you do put Xcode, or any Mac app, an an external drive, it’s a good idea to use a native volume format, so APFS or HFS Plus. While other volume formats, like FAT32, should work, I’ve definitely seen folks bump into problems doing that. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

I’m not in a position to comment on the details of your proposal. When you get this to the point where you’re happy with it, use Feedback Assistant to file the request officially. See Bug Reporting: How and Why? for lots of background on that process. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

I think you have your answer here, but I wanted to stress that file system access control is really rather complicated on macOS these days, and I have a general explanation of the subsystems involved in On File System Permissions. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

Yes. See Requesting the Family Controls entitlement. ps I found a link to this in Family Controls Resources, which is something you should keep handy. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

Let’s focus on your other post. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

Paris and I chatted about your issue and we realised that it has a bit more subtlety than we first thought. First up, it’s not clear whether the app that hits this issue is one of your apps, or whether you’re hitting it an app created by a different third-party developer. We can help you in the first case, but in the second case you should talk to that app’s developer. Assuming that you are the one creating this app, the alert you’re seeing is the result of a feature known as app group container protection. There’s a link to the WWDC video that introduced this feature in Trusted Execution Resources. I also have a bunch of info about app groups in general in my App Groups: macOS vs iOS: Working Towards Harmony post. As explained in that last post, you don’t see this alert if all the apps accessing the app group are from the same team. However, there’s no way to avoid it if you’re trying to access an app group associated with some other team. The example you posted suggests you’re accessing a Microsoft Office a

[quote='812846021, davealden, /thread/812846, /profile/davealden'] needs to continuously inform a server whether the user's paired Apple Watch is currently reachable for interactive messaging. [/quote] I discussed this thread with some of my DTS colleagues and, sadly, we don’t see a good way to achieve this goal. The only option that we see as feasible is this: [quote='812846021, davealden, /thread/812846, /profile/davealden'] 3. WKExtendedRuntimeSession on watchOS [/quote] and, as you’ve noticed, that runs counter to clause 2.5.4 in the App Review Guidelines. Note I don’t work for App Review, and thus can’t make definitive statements about their policy, but this one seems pretty clear to me. My general advice in situations like this is to file an enhancement request for the specific features you need. Also, you’re using of NEAppPushProvider, which suggests you’re working in a managed environment. If so, make that clear in your bug report. Apple has a history of supporting features in managed environments tha

The feedback number is FB21643623. Thanks Quinn the Eskimo.

[quote='872694022, Kopyl, /thread/775029?answerId=872694022#872694022, /profile/Kopyl'] my app has nothing to do with iOS and their app groups. [/quote] OK. But my post, App Groups: macOS vs iOS: Working Towards Harmony, is still relevant regardless. The good news is that the situation has both stabilised and improved since you started this thread, and thus I don’t see any impediments to you solving this nicely. To offer specific advice I need to know more about your specific setup. What is your Team ID? What is the Apple ID of your app? And what app group ID are you trying to use? If you’re not comfortable sharing this info publicly, feel free to redact it. For example, for Apple Configurator that info would be: Team ID 4WXS7A4F54 -> 4________4 Apple ID 1037126344 -> 1________4 App group ID K36BKF7T3D.group.com.apple.configurator -> K________D.g___p.c__.a___e.c__________r IMPORTANT I’m looking for the Apple ID of the app, not your Apple ID (now known as an Apple Account). To see this in App Store Co

Thanks for the update. I’m gonna focus on your first set of steps, “Issues with Local Network after reboot”, because that’s the one I really want to nail down. Unfortunately, I fell at the first hurdle )-: To run this test I need a copy of your test app, and the download link you posted above no longer works. Can you post an updated link? Ideally that’d include both a built app that you reproduced the problem with and the project that you used to built the app, but either should be sufficient for me to run your test here. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

Oh, wow, you’re testing with NameAndPassword. That’s not good. Please open a DTS code-level support request so that I can send you something privately. IMPORTANT In the submission form, where it asks who sent you down this path, reference this forums post. Anyway, coming back to the main issue, your logs make it clear that your mechanism is running in SecurityAgentHelper-arm64 in both cases. That’s what I expected, which leaves me struggling to find a path forward )-: The steps that you described earlier make it clear that you restarted, and that you have FileVault enabled. These are both complexities that I’d like to bypass, at least for the moment. Try this: Boot the machine and log in normally. Install your authorisation plug-in. Attach your smart card and verify that it’s working in general. You can do that from a small test app, or using your mechanism attached to the authenticate rule. Install your authorisation mechanism for system.login.console. Choose Apple menu > Log Out. Log in. Look at your log

[quote='872696022, joel2001k, /thread/812624?answerId=872696022#872696022, /profile/joel2001k'] As reading about Certificate types, I think this certificate is missing: [/quote] No. As I mentioned above, that platform specific distribution certificate type is no longer relevant. It’s been subsumed by Apple Distribution, which works for all platforms. [quote='872712022, joel2001k, /thread/812624?answerId=872712022#872712022, /profile/joel2001k'] What is with these 2 files? [/quote] You’re asking me?!? Seriously though, Apple’s standard processes don’t use openssl. If you go down that path, you won’t find any help from Apple sources. And I think that speaks to the main issue you’re having here: Apple’s code-signing infrastructure relies on digital identities in the keychain. A digital identity is the combination of a certificate and the private key that matches the public key in that certificate. Both of these have to be in the keychain. The openssl sequence you posted above doesn’t add the private key to the k

[quote='872597022, davertay-j, /thread/812770?answerId=872597022#872597022, /profile/davertay-j'] there is mention of the first certificate is the one that matters - why? [/quote] The context here really matters: In a provisioning profile, the certificates act as an allowlist. So the profile holds a list of leaf certificates that it authorises. In a code signature, the certificates act as a chain of trust [1]. The first certificate is the leaf, the next is the one that issued the leaf, and so on until you get to a root. So when the trusted execution system evaluates code for execution, it checks whether the first certificate in the code signature is in the list of certificates in the profile. Regarding your original issue, when you check certificates it’s critical that you look at the serial number. That’s what matters when it comes to matching. If you double check that and the certificate that signed the code is in the profile then the next thing to check is whether this is the right type of profile. The eas

Well, that’s… I’d say unexpected, but I was starting to think that might be the case given the results of our previous diagnostic tests |-: Try this: On the Developer website, navigate to the TEAM_ID.com.ORGANIZATION.APP App ID. Remove the Cloud capability and save that change. Create a new test provisioning profile for that App ID and download that. Go back to the App ID, re-enable the Cloud capability, and save that change. Create another new test provisioning profile and download that. Dump the entitlement allowlist in both profiles. The profile from step 3 should have no com.apple.developer.ubiquity-kvstore-identifier entry, and I’m curious what you see in the profile from step 5. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

Before we get too far down the screen time rabbit hole, I wanted to ask you whether you’ve read this titbit from the Developer > Swift Student Challenge > Eligibility and requirements page: Create an interactive scene in an app playground that can be experienced within three minutes. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com