“eskimo”

[quote='876494022, ellinj, /thread/815390?answerId=876494022#876494022, /profile/ellinj'] Is there any Keychain support for non-X.509 certificate formats? [/quote] No. Or, more specifically, the keychain only supports X.509 for kSecClassCertificate items. That doesn’t stop you storing the raw data as kSecClassGenericPassword. As to what you should do, that depends on how you’re using the word “certificate”: Apple uses [1] certificate to refer to the signed wrapper around the public key. We then use digital identity to refer to the combination of a certificate and the private key that matches the public key in that certificate. See TN3161 Inside Code Signing: Certificates for more on this. However, it’s common for folks to use a single term, certificate, to refer to both the certificate and digital identity, with ‘hilarious’ confusion being the result. So, if you’re using certificate ‘correctly’ then the certificate contains just the public key and you can store it wherever you want [2]. OTOH, if your certific

[quote='876460022, jamie_sq, /thread/805609?answerId=876460022#876460022, /profile/jamie_sq'] If it's possible to provide positive confirmation [/quote] Yep. My reading of FB20884404 is that we identified the underlying issue and rolled that fix into Xcode 26.4b1. You should’ve also been notified of the fix in Feedback Assistant. [quote='876460022, jamie_sq, /thread/805609?answerId=876460022#876460022, /profile/jamie_sq'] thanks to whoever worked on this! [/quote] I’ll pass that along. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

[quote='876405022, Pushpak-Ambadkar123, /thread/815498?answerId=876405022#876405022, /profile/Pushpak-Ambadkar123'] can we show any kind of custom error or alert when user tries to open blocked URL in case of URL Filter network ? [/quote] In the URL filter architecture your code isn’t the one making the actual decisions. Rather, your code sets up the filter’s state and the system applies that filter. So your code doesn’t run on the per-URL path and thus can’t do anything on that path. WWDC 2025 Session 234 Filter and tunnel network traffic with NetworkExtension talks more about this and I encourage you to watch it. So, your question is actually “Can we configure the filter to show a custom error?” And AFAICT the answer to that is “No.” However, I think it’d be reasonable for you to file an enhancement request for such a configuration option. If you do file an ER, post your bug number, just for the record. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo

Hmmm, that’s not good. While I don’t want to engage in ‘blame the victim’ here, there is something you can do to reduce the risk of problems like this occurring in the future, namely, testing with beta seeds as they’re released. The beta seed programme exists to help us find and fixing regressions like this. Anyway, let’s see if we can find you a workaround. If you add this to your app’s entitlement, does it prevent the failure: A key of com.apple.security.temporary-exception.mach-lookup.global-name With the value being an array With a single string element Whose value is com.apple.storagekitd If that works, we can then talk about the App Review implications |-: Note Temporary exception entitlements have an interesting history. I have a couple of links in App Sandbox Resources that explain more about them. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

Thanks for checking this. And I’m glad to hear that things are improving. [quote='876543022, TChrist, /thread/813973?answerId=876543022#876543022, /profile/TChrist'] We will provide a leaks report … from the 26.4 device in the Feedback. [/quote] Thanks. Although I think you might be better off creating a new bug for that. The current bugs were used to track the fix for the major memory issue that landed in 26.4 beta. The remaining minor leak is likely to have a different cause and thus it’s better to have a different bug. If you do file a new bug, please post its bug number here, just for the record. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

You can find your answer on the submission form. You select your runtime environment using a popup, and below that popup is this text: Xcode app playgrounds are run in Simulator. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

First up, I want to be clear about terminology. You don’t sign code with a certificate, you sign it with a digital identity, that is, the combination of a certificate and its associated private key. There’s no need to protect the certificate; it’s the private key that matters. I talk more about this in TN3161 Inside Code Signing: Certificates. Second, the Secure Enclave (SE) doesn’t store private keys. Rather, you protect a private key with the SE. The SE generates the private key and returns it wrapped in a way so that only that SE can use it. You then send key operations, like ‘sign this blob with this wrapped key’, to the SE, it internally unwraps the key, does the operation, and returns you the result. So the unwrapped key material never leaves the SE, but it’s not stored in the SE. Note This is how the SE works but it’s not true for other hardware-based keys. Notably, with a smart card the private key is actually stored on the smart card itself. Folks using the smart card don’t work with a wrapped key, t

[Different DTS engineer here; I’m picking up this thread because it’s directly aligned with my area of expertise.] [quote='876554022, Tenjikato, /thread/815899?answerId=876554022#876554022, /profile/Tenjikato'] it does not appear in Xcode Organizer. [/quote] Right. The issue here is that you have a third-party crash reporter installed and it’s failing to preserve the Apple crash report. Let’s look at the backtrace in your first post: Crashed: com.apple.main-thread 0 KSCrash … ksmemory_notifyUnhandledFatalSignal + 12 1 KSCrash … handleSignal + 100 2 libsystem_platform.dylib … _sigtramp + 56 3 libsystem_kernel.dylib … mach_msg2_internal + 76 4 libsystem_kernel.dylib … mach_msg_overwrite + 428 5 libsystem_kernel.dylib … mach_msg + 24 6 CoreFoundation … __CFRunLoopServiceMachPort + 160 7 CoreFoundation … __CFRunLoopRun + 1188 8 CoreFoundation … _CFRunLoopRunSpecificWithOptions + 532 9 GraphicsServices … GSEventRunModal + 120 10 UIKitCore … -[UIApplication _run] + 792 Frames 10 through 3 are all standard UIKit stu

We just posted a TN3179 update with info about the AllowedEthernetLocalNetworkAddresses and AllowedWiFiLocalNetworkAddresses user defaults. I think this might be useful in your situation, where you have limited control over the software involved but deep control over the Mac on which it runs. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

Can you re-test on the just-seeded 26.4b1 release? There’s a similar issue (FB21376045) called out in the macOS Tahoe 26.4 Beta Release Notes notes. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

I asked about this internally and the answer is that the machinery used by Platform SSO isn’t something available to third-party developers (other than via Platform SSO itself, of course). Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

Sorry I didn’t reply sooner; I’m not sure how I missed the updates on this thread )-: [quote='848282022, Gumdum, /thread/792261?answerId=848282022#848282022, /profile/Gumdum'] sure enough, it's that odd Team Id and not my current one. [/quote] To be clear, Z82SJZ64R6 is not a Team ID. Since I was last on this thread I wrote up a detailed explanation of the various places you might see things that look like a Team ID but are not. See Code Signing Identifiers Explained. In this case, that’s a Team Member ID. [quote='854654022, Boog-7, /thread/792261?answerId=854654022#854654022, /profile/Boog-7'] my old personal team ID, which I used prior to paying for DevProg, is associated with my Apple ID instead of my new DevProg team ID. [/quote] It’s hard to say what’s going on here without more details. However, AFAICT you’re only a member of a single team, Team ID G________4. If you’re still having this problem, I recommend that you run the ‘create a new project’ test that I outlined in my first response. That should t

Try this: In Terminal, collect the log for the last 5 minutes: % sudo log collect --last 5m Archive successfully written to /Users/quinn/system_logs.logarchive In the Finder, double click the resulting system_logs.logarchive. In Console, you see a divider (pink arrow) and the Showing popup (purple allow). Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

[quote='876321022, druidsareus, /thread/814383?answerId=876321022#876321022, /profile/druidsareus'] Does this mean … [/quote] I pretty much meant what I wrote: In my assessment, the right people have seen this bug. There is nothing more I can say about its status. There are strict limits as to how much I can talk about Apple’s internal processes, and this issue has definitely bumped into those limits. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com

[quote='876388022, mohalibou, /thread/812607?answerId=876388022#876388022, /profile/mohalibou'] It is possible to import a Swift package locally [/quote] Right. And that’s a great option for day-to-day development. My concern in this case is that the instructions say: Your submission must be an app playground (.swiftpm) in a ZIP file. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com