Building for iOS Simulator, but the linked and embedded framework ‘XX.framework‘ was built for

Hi, I’m a colleague of @alemazz_pa and wanted to add more production data on this issue. Thank you for the explanation regarding error semantics and the iOS 17.0/17.1 known bug. Our main concern is Error 3 (invalidKey): It affects a large population (~70,000 users) in our telemetry. We also observe it on recent devices / OS versions (for example iPhone 17 Pro on iOS 26), so it does not appear limited to devices that were “stuck” before iOS 17.1. For a subset of users, reinstalling the app does not recover. The failure can be persistent for the same app instance. Given this, could you help clarify whether invalidKey in practice can also represent server-side key state mismatches beyond local key corruption? Specifically, documentation mentions that: generateAssertion(_:clientDataHash:completionHandler:) may fail if called with an unattested key. Could there be cases where a key that was previously generated+attested later becomes unusable (for example attestation state no longer reco

It is rather rare to reproduce and explain bugs Some users have remote logs for calls. Log for iOS 26.2.1 & identifier iPhone18,2 To understand: there is no inital providerDidBegin for first CXProvider as logger misses early logs if our logic triggers CXProvider invalidation so Provider to invalidate nil if iOS triggers CXProvider invalidation so Provider to invalidate Optional() func invalidateProvider(..) invalidates provider when either nil or equal to current provider second call providerDidReset happens after invalidateProvider as delagate is not set to nil Pls keep an eye on CXProvider 0x10e0463c0. A very first one 12:45:33_473-730:[CallsProviderDelegate.swift:47 -- providerDidReset(:)] providerDidReset 12:45:33_478-738:[CallsController.swift:307 -- invalidateProvider(:)] Provider to invalidate Optional() 12:45:33_478-739:[CallsController.swift:308 -- invalidateProvider(:)] Current provider 12:45:33_488-742:[CallsProviderDelegate.swift:47 -- providerDidReset(:)] providerDidReset

[quote='875862022, disinghal, /thread/811887?answerId=875862022#875862022, /profile/disinghal'] Packet tunnel provider is caliing some another app which is using URLSession [/quote] Huh? Apps can’t ‘call’ other apps on iOS, and similarly for app extensions. So what do you mean by this? Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

[quote='875854022, faefsd, /thread/815135?answerId=875854022#875854022, /profile/faefsd'] I'm on the same team as the OP. [/quote] Welcome! [quote='875854022, faefsd, /thread/815135?answerId=875854022#875854022, /profile/faefsd'] Do you know how to query the identifiers on the device? [/quote] That’s not how this API works. Rather, the MDM system provisions each credential to your app with a specific identifier. You and the MDM system have to agree up front as to what that identifier will be. For example, if you were building an email app, you might agree that the identifier will be the email address of the account to which this credential applies. There are two ways to approach this: If you’re building an in-house app, you should engage with your MDM vendor to see how they support this provisioning, and then design your ManagedApp configuration around what they support. If you’re building a general-purpose app, you publish a document describing the ManagedApp configuration you’re e

The error here, -25303, or errSecNoSuchAttr, suggests a problem with your attributes. And the only non-required attribute you’re supplying is kSecAttrApplicationTag. Which is, in fact, the cause of your issue. kSecAttrApplicationTag is only supported on keys. I recommend that you have a read of SecItem: Fundamentals [1], and specifically the The Four Freedoms^H^H^H^H^H^H^H^H Functions section, which explains how you can use SQL to model the expected behaviour of the SecItem API. In this case, the SQL table for certificate items has no kSecAttrApplicationTag, and thus this error. It also has links to the doc that explains which keychain item class supports which attributes. [quote='815390021, ellinj, /thread/815390, /profile/ellinj'] Is there an alternative to create SecIdentity without keychain access? [/quote] We finally (finally finally!) have this. See the docs for the SecIdentityCreate function. IMPORTANT This was added in Xcode 26 but backdeploys to much older systems. Or at least that’s the pla

Hi Travis, Thanks for the reply. I actually found the issue. Problem was arising due to the assets file being in Development Assets in Build Settings. So Image was not displaying in devices where I installed the app from TestFlight.

[quote='815354021, JacobHearst, /thread/815354, /profile/JacobHearst'] OSLogStore … it only collects logs for the current process [/quote] Correct, at least on everything except the Mac. I cover this and many other logging topics in Your Friend the System Log. There isn’t truly a happy path here. When it comes to NE debugging, you need to see the full system log and there are no APIs on iOS that’ll let you get that. Oh, one last thing. If you’re goal is to work with Apple to help debug a problem, you can ask your user to file a bug in Feedback Assistant. That’ll attach a sysdiagnose log to the bug report. You won’t be able to see the sysdiagnose log, but if you pass the Apple folks that bug number they should be able to get it. I talk more about this idea in Using a Sysdiagnose Log to Debug a Hard-to-Reproduce Problem. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

You can expect that most uploads will be notarised quickly. Occasionally, some uploads are held for in-depth analysis and may take longer to complete. As you notarise your apps, the system will learn how to recognise them, and you should see fewer delays. For lots of additional info about notarisation, see Notarisation Resources. Specifically, it links to a Q&A with the notary service team that’s quite instructive. [quote='815402021, AbubakrLatif, /thread/815402, /profile/AbubakrLatif'] have created new certificate [/quote] Yikes! That won’t help with this issue and, as these are Developer ID certificates, it can have negative consequences. Developer ID as precious, as I explain in The Care and Feeding of Developer ID. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

If an “agent” can’t: run a build/test for a specified scheme/target/destination, interpret failures, apply the needed project/build-setting changes, iterate until green, then it’s an in-editor assistant, not an agentic workflow.