Request failed with http status code 503

I am facing an issue while trying to staple a notarization ticket to my signed macOS installer package. Details of my setup: The .pkg file is signed using my Developer ID Installer certificate. The app inside the package is signed using my Developer ID Application certificate. Notarization via xcrun notarytool completes successfully with status: Accepted. However, the stapler command fails with the following error: xcrun stapler staple -v /Users/mac-test/Desktop/IPMPlus_Arm_Installer_signed.pkg Processing: /Users/mac-test/Desktop/IPMPlus_Arm_Installer_signed.pkg Could not validate ticket for /Users/mac-test/Desktop/IPMPlus_Arm_Installer_signed.pkg The staple and validate action failed! Error 65. I verified that all other Apple notarization-related servers (api.apple-cloudkit.com, gs.apple.com, ocsp.apple.com, ocsp2.apple.com, crl.apple.com, developer.apple.com) are reachable. However, the domain cdn-apple-cloudkit.apple.com cannot be resolved from any network, including mobile or pu

The environment: macOS 12.0 ~ 15.6 A NetworkExtension NEFilterDataProvider configured with filterSockets = YES, filterPackets = NO, and it doesn't actually block any network connection. QQMusic (download: https://y.qq.com/n/ryqq/download_detail/mac?ADTAG=YQQ) is constantly playing. Any of the following operations can reproduce the issue: Kill the NetworkExtension process and then restarted by the system. Disable the NEFilterDataProvider, and then enable it. When this problem occurs, there are two different phenomena on the NetworkExtension process: It is zombie, or is in high CPU state (100%). When the NetworkExtension process is zombie, obviously, the new network connections will enter it, and they can't be disposed by the old zombie process, so the network is disconnected. Spindump-qqmusic-ne-zombie When the NetworkExtension process is in high CPU state, its thread DispatchQueue NEFilterExtensionProviderContext queue is blocked in the kernel when calling close. Spindump-qqmusic-ne-cpuhigh In most c

Hi everyone, I am developing a .NET MAUI Mac Catalyst app (sandboxed) that communicates with a custom vendor-specific HID USB device. Within the Catalyst app, I am using a native iOS library (built with Objective-C and IOKit) and calling into it via P/Invoke from C#. The HID communication layer relies on IOHIDManager and IOUSBInterface APIs. The device is correctly detected and opened using IOHIDManager APIs. However, IOHIDDeviceRegisterInputReportCallback never triggers — I don’t receive any input reports. To investigate, I also tried using low-level IOKit USB APIs via P/Invoke from my Catalyst app, calling into a native iOS library. When attempting to open the USB interface using IOUSBInterfaceOpen() or IOUSBInterfaceOpenSeize(), both calls fail with: kIOReturnNotPermitted (0xe00002e2). — indicating an access denied error, even though the device enumerates and opens successfully. Interestingly, when I call IOHIDDeviceSetReport(), it returns status = 0, meaning I can successfully send featu

I'm developing a Share Extension for a macOS Electron application that allows users to share files from Finder to our application using the system Share menu. The extension compiles, signs, and notarizes successfully, but crashes during initialization due to sandbox restrictions blocking hid-control operations required by NSApplication. The Share Extension crashes during initialization with the following sandbox violation: Process: ShareExtension [pid] Identifier: com.xxxxxxxxxxxx.xxxxxxxxx.extension Operation: hid-control I would appreciate guidance on: The proper entitlements for third-party Share Extensions with App Sandbox Alternative approaches if Share Extensions have fundamental limitations for third-party developers Any documentation or sample code demonstrating Share Extensions outside the App Store

Hi, I've tried adding Extensions (using ExtensionFoundation) to one of my iOS apps. They work using Xcode on my devices, but when I upload them to the AppStore, I get the following error: ITMS-90349: Invalid Info.plist value - The value of the EXExtensionPointIdentifier key, AsheKube.app.a-Shell.localWebServer, in the Info.plist of “a-Shell.app/Extensions/localWebServer.appex” is invalid. Please refer to the App Extension Programming Guide at https://developer.apple.com/library/content/documentation/General/Conceptual/ExtensibilityPG/Action.html#/apple_ref/doc/uid/TP40014214-CH13-SW1. I could not find relevant information on the web page pointed. I've tried different values for the EXExtensionPointIdentifier, but none of them work. This value was generated by Xcode, since I did set the user-defined build setting EX_ENABLE_EXTENSION_POINT_GENERATION = YES, as explained in the instructions. At this point, I have no idea how to fix this issue.

Is there sample code on how to use VTFrameProcessorOpticalFlow?

Hi team, We need to identify the domains used by macOS Software Update so they can be bypassed by our NETransparentProxy. The Apple support article below lists Software Update and several other Apple service domains. At the moment we’re unsure whether we should only bypass the Software Update and Beta Software domains, or whether we also need to bypass domains used for certificate validation, device management (Apple Business Manager / Apple School Manager / Apple Business Essentials), network provider updates, Apple Diagnostics, etc. We also need the specific IP ranges used exclusively by Software Update. The document shows Apple’s entire IP range; for IPv4 you can allow outbound connections to 17.0.0.0/8. https://support.apple.com/en-in/101555