A Summary of the WWDC25 Group Lab

The issue is reproduced with a provisioning profile embedded that has the com.apple.security.application-groups set { AppIDName => Cyberduck ApplicationIdentifierPrefix => [ 0 => G69SCX94XU ] CreationDate => 2025-09-23 07:54:54 +0000 DER-Encoded-Profile => {length = 3604, bytes = 0x30820e10 06092a86 4886f70d 010702a0 ... 7013d550 78b027d9 } DeveloperCertificates => [ 0 => {length = 1448, bytes = 0x308205a4 3082048c a0030201 02020854 ... bd543e5c c872b843 } ] Entitlements => { com.apple.application-identifier => G69SCX94XU.ch.sudo.cyberduck com.apple.developer.icloud-container-identifiers => [ ] com.apple.developer.icloud-services => * com.apple.developer.team-identifier => G69SCX94XU com.apple.developer.ubiquity-container-identifiers => [ ] com.apple.developer.ubiquity-kvstore-identifier => G69SCX94XU.* com.apple.security.application-groups => [ 0 => G69SCX94XU.* ] keychain-access-groups => [ 0 => G69SCX94XU.* ] } ExpirationDate

The issue is reproduced with a provisioning profile embedded. The output of security cms -D -i is { AppIDName => Cyberduck ApplicationIdentifierPrefix => [ 0 => G69SCX94XU ] CreationDate => 2025-02-03 20:45:33 +0000 DER-Encoded-Profile => {length = 3546, bytes = 0x30820dd6 06092a86 4886f70d 010702a0 ... 8f791dc8 806888ea } DeveloperCertificates => [ 0 => {length = 1448, bytes = 0x308205a4 3082048c a0030201 02020854 ... bd543e5c c872b843 } ] Entitlements => { com.apple.application-identifier => G69SCX94XU.ch.sudo.cyberduck com.apple.developer.icloud-container-identifiers => [ ] com.apple.developer.icloud-services => * com.apple.developer.team-identifier => G69SCX94XU com.apple.developer.ubiquity-container-identifiers => [ ] com.apple.developer.ubiquity-kvstore-identifier => G69SCX94XU.* keychain-access-groups => [ 0 => G69SCX94XU.* ] } ExpirationDate => 2043-01-30 20:45:33 +0000 IsXcodeManaged => 0 Name => Cyberduck Distribution Provisioning Pro

Thanks. Your code doesn't do step 2, and that's why your changes are lost. But again, even without doing that, the document is regularly saved, so the fact that the very last changes are not saved is, from my point of view, unexpected behaviour. I came across NSDocument.updateChangeCount(_:) some time ago, but concluded that I shouldn't interfere with automatic saving done by the text view. For instance, when using your latest code, if I type anything in an empty document, then undo all the changes and try to close the now empty document, it presents a save panel. This doesn't happen when I just let the text view track the changes (which is also what I would expect). The documentation for that method reads: If you are implementing undo and redo in an app, you should increment the change count every time you create an undo group and decrement the change count when an undo or redo operation is performed. Note that if you are using the NSDocument default undo/redo features, setting the document’s edited

Looks like Kevin and I are gonna be tagging teaming this one (-: [quote='859320022, reidly, /thread/800689?answerId=859320022#859320022, /profile/reidly'] do you mean making sure the logging doesn’t somehow cause a “rearrangement” of the internal details of the code? [/quote] Kinda. When dealing with problems like this, any change to the code could perturb things so that the problem goes away, comes back, or whatever. For example, if the issue is timing related, the act of adding a single log point can change the timing to mask the issue. So there’s a balance to be struck here. You want to add logging, but not at the expense of reproducibility. [quote='859320022, reidly, /thread/800689?answerId=859320022#859320022, /profile/reidly'] I am still trying to understand how a particular arrangement of our code can cause NULL to be “run”. [/quote] When you write code in a high-level language, that code is defined to execute in terms of a virtual machine. For example, the C virtual machine for this code code: int a;

What does this report: % security cms -D -i Cyberduck Nightly.app/Contents/embedded.provisionprofile | plutil -p - I would expect to see the profile authorise your claim to com.apple.security.application-groups > G69SCX94XU.duck. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

Sorry I didn’t respond sooner. Forums had a bug where it was dropping notifications, and it looks like that’s what happened here )-: Fortunately we’ve just rolled out a fix for that bug (-: [quote='847936022, Deej620, /thread/725152?answerId=847936022#847936022, /profile/Deej620'] When attempting to call SecItemCopyMatching, I'm getting a -34018 missing entitlement error. [/quote] The answer here varies based on whether you’re targeting macOS or iOS. Let me summarise, starting with iOS: Every provisioning profile authorises access to com.apple.token. But you must claim that access by listing com.apple.token in your keychain-access-groups list. WARNING Adding items to keychain-access-groups can change your default keychain access group, and doing that unexpectedly is a common source of confusion. Read Sharing access to keychain items among a collection of apps for more on this. For macOS: It’s not possible to create a provisioning profile that authorises access to com.apple.token. Bu

It's quite common for app bundles to be distributed in .zip files, and to be stored on-disk as filesystem-compressed files. However, having them both appears to be an edge case that's broken for at least two major releases! (FB19048357, FB19329524) Let me start with a more basic question, namely, what are you actually trying to do here? The filesystems support for compressed files is a fairly obscure implementation detail that we never formally documented and never intended for widespread use. Note, for example, that its implementation is incompatible with custom icons*. Similarly, support for them in the broader ecosystem is inconsistent, and copying them incorrectly will result in a non-functional file. That isn't an issue for the role the system intended them for**, but it is a problem in broader usage. *Compressed files repurposed the resource forks, while custom file icons use essentially the same resource fork-based architecture that they used on macOS Classic. **Basically, further reducing the size of

I personally find that placing precisely objects is a critical limit (or constraint) with SwiftUI. What I do (sometimes with mixed results) is to group objects in separate Views (red-bordered in the image). It makes it easier to position objects (with HStack / VStack) in each view and then position the views. Hope that helps.

Let me reiterate that, if you want me to see your reply, it’s important that you reply as a reply rather than in the comments. unchecked the Enable Register App Groups for now. I think that’s a reasonable option while you focus on other stuff. However, you do have to be careful here. Specifically, check that your app’s provisioning profile authorises your use of this app group ID. When you set Enable Register App Groups, Xcode does that for you. If you disable Enable Register App Groups, it becomes your responsibility to do it. That’s generally not hard — just enable the App Group capability on your App ID — but it’s important to double that this flows through to final app’s provisioning profile, both in for development and distribution signing. Without that, macOS may end up presenting annoying app group authorisation alerts. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com