Search results for

“missing package product”

52,923 results found

Post

Replies

Boosts

Views

Activity

Reply to HKWorkoutBuilder.finishWorkout() fails silently (nil workout, nil error) when device is locked (iOS 26.4+)
Hi Ziqiao, Thank you for looking into this. My apologies for not making that explicitly clear in the original post. Yes, I can confirm that the workout is definitively not saved, resulting in complete data loss. After the finishWorkout(completion:) handler executes (returning a nil workout and nil error) while the screen is locked, we unlock the device and verify both inside the Apple Health app and via direct HealthKit queries. The workout does not exist. Per your recommendation, I have just updated our Feedback report and our open TSI case to explicitly highlight this confirmation. Please let me know if there are any other details or specific logs we can provide to help the engineering team!
Topic: App & System Services SubTopic: Health & Fitness Tags:
6d
Reply to Best practices for bypassing critical system daemons in NETransparentProxyProvider
So there aren’t hard’n’fast rules here. I can explain some tools that you have available, but you have to make your own judgement calls as to best to use those tools in your product. The most critical item here is the sourceAppAuditToken property. This holds the bytes of an audit_token_t, and from that you can use the code signing machinery to get information about the process and its main executable. I’ve talked about this a bunch of times here on the forums. This post has a snippet you can copy, but it’s probably worth you searching for other similar threads for more advice. IMPORTANT The first part of the snippet, getting the audit token and passing it to the code signing API, is canonical. The second part, getting the bundle ID, is not. Bundle IDs aren’t secure on macOS. Once you’re in ‘code siging space’ you can use code signing requirements to check the code in question. For example, the anchor apple requirement will tell you whether the code is from Apple. TN3127 Inside Code Signing: Requireme
Topic: App & System Services SubTopic: Networking Tags:
6d
Reply to Notarized and stapled PKG installer rejected by Gatekeeper on macOS Sequoia (Team ID: 3888L7DV3P)
[quote='887174022, Tomato, /thread/825798?answerId=887174022#887174022, /profile/Tomato'] I would file a DTS request if I were you. [/quote] Yeah, that might be necessary, but first let’s see if we can do this in public. @skygate-technologies, Are you able to share an example installer package publicly? For example, by posting a link to a site where I can download it? If so, reply here with that link. If not, reply here anyway and I’ll explain the alternative path. Note When you go to post the link, do that in the clear. See tip 14 in Quinn’s Top Ten DevForums Tips. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com
Topic: Code Signing SubTopic: Notarization Tags:
6d
Reply to com.apple.developer.automatic-assessment-configuration entitlement missing from manually downloaded Distribution/InHouse Provisioning Profile
So, the behaviour you’re seeing is expected. This capability is restricted to specific distribution models. To confirm that, follow the instructions in Finding a Capability’s Distribution Restrictions. As to what you should do about that, it kinda depends on how your product is deployed. You wrote: [quote='825833021, apisdk, /thread/825833, /profile/apisdk'] We are implementing an exam mode feature for an educational app used in schools [/quote] In-House (Enterprise) distribution is intended to be used for apps deployed within your enterprise. Presumably these schools are separate organisations, which means you must use some other distribution mechanism to distribute your app to them. What is that mechanism? The App Store? If so, the standard path forward here is to use your Organization team for both development and distribution. I see a lot of folks use In-House (Enterprise) for internal testing, and that’s not something I recommend [1]. Rather: Use Apple Development code signing for day-to-day deb
Topic: Code Signing SubTopic: Entitlements Tags:
6d
Reply to AuditToken and SecCodeCopySigningInformation
Yeah, this is a pain. SecCode acts a bit like a subclass of SecStaticCodeRef, so in most cases you can pass the first when the system expects the second. This is fine in C-based languages but Swift’s strong type checking is much less happy. In most cases the solution is to call SecCodeCopyStaticCode to convert the first to the second. Note I’ve always treated this as Security framework lore but, on looking at it again today, I discovered that it’s actually documented pretty well. However, this falls apart for SecCodeCopySigningInformation where in some cases you must pass in the original SecCode object. And yeah, my workaround for that is an unsafeBitCast(…). Alternatively, if this particular part of your product has easy access to C-based code, you can write a wrapper in C. Finally, I’d appreciate you filing a bug about this. Forcing folks to use unsafeBitCast(…) is… well… suboptimal, and so it’d be nice if we could add an overlay to get around that. If you reply here with your bug number, I’ll add
Topic: App & System Services SubTopic: Core OS Tags:
6d
Reply to HKWorkoutBuilder.finishWorkout() fails silently (nil workout, nil error) when device is locked (iOS 26.4+)
I see you mentioned data loss but just to be very clear: after you did finishWorkout(completion:) (and the completion handler was executed with both a nil workout and a nil error), did you unlock the screen and confirm that the workout was indeed not saved? This information is important, and so please update your feedback report with it as well. Thanks. Best, —— Ziqiao Chen  Worldwide Developer Relations.
Topic: App & System Services SubTopic: Health & Fitness Tags:
6d
How to get IAP/Subscription off "Waiting for Review"
I'm trying to get an app with a subscription through apple review and it keeps failing because the IAP/Subscription component is active, so the payflow never completes for the reviewer (i think?). How do I get the review team to approve the subscription first, then test the app payflow? Have tried to explain it in the latest App Review reply thread. Am i missing something? This is my first time building an app and trying to get it on the app store. Thank you!
Topic: App Store Distribution & Marketing SubTopic: App Review Tags:
2
0
165
6d
Reply to MapKit JS quota limits
Hi @DTS Engineer! Is the rate limit increase guaranteed? I need to make an architectural decision early on. I am willing to pay if I exceed the limits, but I can't seem to find a way. I cannot use MapKit JS in production if it will stop working once my user count exceeds some threshold. I'd love some clarification on this.
Topic: App & System Services SubTopic: Maps & Location Tags:
6d
Free sports prediction app with prizes being classified as gambling under Guideline 5.3.4
I’m looking for guidance regarding App Review classifying my app as gambling / real-money gaming under Guideline 5.3.4. My app is a free football prediction competition app where users predict match scores and compete in rankings based on prediction accuracy. Top-ranked users may occasionally receive promotional physical prizes such as headphones, consoles, or other products. Important details: participation is completely free there are no entry fees users cannot deposit money users cannot withdraw money there is no wagering or betting system there are no sportsbooks, odds, or casino mechanics users never risk money to participate prizes are funded directly by the platform as promotional rewards Apple rejected the app under: Guideline 2.3.6 – Accurate Metadata Guideline 5.3.4 – Gaming, Gambling, and Lotteries App Review is stating that the app includes “real money gambling, real money betting, or real money skill-based gaming” and is requesting gambling licenses and geo-restrictions. My understanding
Topic: App Store Distribution & Marketing SubTopic: App Review Tags:
2
0
72
1w
HKWorkoutBuilder.finishWorkout() fails silently (nil workout, nil error) when device is locked (iOS 26.4+)
Hello everyone, We are encountering a critical regression introduced in iOS 26.4 that results in permanent workout data loss for users. When invoking HKWorkoutBuilder.finishWorkout(completion:) while the iOS device is locked, the save operation fails completely. However, it fails silently: the completion handler executes but returns both a nil workout and a nil error. Expected Behavior: Before iOS 26.4 finishWorkout resulted in a workout id, and correctly stored the workout data in HealthKit. According to HealthKit data protection documentation, saving data when the device is locked should either succeed (writing to a temporary journal file to be merged upon unlock) or explicitly throw an error such as HKError.Code.errorDatabaseInaccessible. Actual Behavior: Because the framework returns nil for both the object and the error, the application has no way to detect that the save failed. We cannot implement a retry mechanism or queue the save, resulting in silent data loss. Steps to Reproduce: W
Topic: App & System Services SubTopic: Health & Fitness Tags:
2
0
150
1w
com.apple.developer.automatic-assessment-configuration entitlement missing from manually downloaded Distribution/InHouse Provisioning Profile
We are implementing an exam mode feature for an educational app used in schools, which restricts device usage during assessments. We requested the Automatic Assessment Configuration capability, received approval from Apple, and confirmed that the capability is listed as Assigned under our App ID in the Apple Developer portal. What works: When using a Development Provisioning Profile (downloaded from the portal), the entitlement key com.apple.developer.automatic-assessment-configuration is included in the profile, and our exam lock feature works correctly in development testing. The problem: When we manually download a Distribution (InHouse/Enterprise) Provisioning Profile from the portal — even after creating a new one — the entitlement key com.apple.developer.automatic-assessment-configuration is not present in the profile. verified this by running: security cms -D -i YourProfile.mobileprovision The key appears in the Development PP but is absent in the manually downloaded Distribution PP, despite the App ID
Topic: Code Signing SubTopic: Entitlements Tags:
3
0
315
1w
Best practices for bypassing critical system daemons in NETransparentProxyProvider
Hello, I am working on a network security and DLP (Data Loss Prevention) solution. A core requirement of our architecture is the ability to modify network traffic payloads in-flight (e.g., stripping sensitive data or altering packets). So, the only way to implement this is via the NETransparentProxyProvider which allows us to handle, evaluate, and modify network flows (NEAppProxyFlow). However, because this is such a powerful mechanism, my primary goal is to ensure the absolute stability of the operating system. I want to minimize the risk of interfering with core Apple services. When evaluating a flow, I have access to NEFlowMetaData, specifically properties like sourceAppUniqueIdentifier and sourceAppAuditToken. Could you please assist me with the following questions: Is there a recommended list of Apple system Application IDs (Bundle IDs) or executable names that should be strictly bypassed (ignored) by the Network Extension to maintain system integrity? Since system daemons can change between OS
Topic: App & System Services SubTopic: Networking Tags:
2
0
137
1w
Reply to SwiftData in-memory ModelContainer causes DefaultStore validation errors on consecutive xcodebuild test runs
Hi Ziqiao, Yes — I spent a full day isolating this into a standalone Swift package: https://github.com/mesqueeb/SwiftDataContainerPollutionInTests git clone https://github.com/mesqueeb/SwiftDataContainerPollutionInTests.git cd SwiftDataContainerPollutionInTests ./test.sh 20 The script runs xcodebuild test in a loop (also reproduces with swift test). It was tricky to minimize — the bug triggers roughly 1 in 15–20 runs with these simplified schemas, but in my real project with more complex Codable types and more schema versions it triggers ~5 out of 6 runs. The more I stripped away to isolate the reproduction, the lower the trigger rate got, but the core issue is the same. Regarding erase(): I tried it in my real project and it didn't help. Each in-memory container already uses a unique ModelConfiguration name (UUID().uuidString), so they shouldn't be sharing any state — the pollution seems to come from the process-global schema registry rather than from any individual container's store.
Topic: UI Frameworks SubTopic: General Tags:
1w
Reply to HKWorkoutBuilder.finishWorkout() fails silently (nil workout, nil error) when device is locked (iOS 26.4+)
Hi Ziqiao, Thank you for looking into this. My apologies for not making that explicitly clear in the original post. Yes, I can confirm that the workout is definitively not saved, resulting in complete data loss. After the finishWorkout(completion:) handler executes (returning a nil workout and nil error) while the screen is locked, we unlock the device and verify both inside the Apple Health app and via direct HealthKit queries. The workout does not exist. Per your recommendation, I have just updated our Feedback report and our open TSI case to explicitly highlight this confirmation. Please let me know if there are any other details or specific logs we can provide to help the engineering team!
Topic: App & System Services SubTopic: Health & Fitness Tags:
Replies
Boosts
Views
Activity
6d
Reply to CloudKit container in a broken state
Thank you. Deploying the updated CloudKit schema to production resolved the issue.
Topic: App & System Services SubTopic: iCloud & Data Tags:
Replies
Boosts
Views
Activity
6d
Reply to Best practices for bypassing critical system daemons in NETransparentProxyProvider
So there aren’t hard’n’fast rules here. I can explain some tools that you have available, but you have to make your own judgement calls as to best to use those tools in your product. The most critical item here is the sourceAppAuditToken property. This holds the bytes of an audit_token_t, and from that you can use the code signing machinery to get information about the process and its main executable. I’ve talked about this a bunch of times here on the forums. This post has a snippet you can copy, but it’s probably worth you searching for other similar threads for more advice. IMPORTANT The first part of the snippet, getting the audit token and passing it to the code signing API, is canonical. The second part, getting the bundle ID, is not. Bundle IDs aren’t secure on macOS. Once you’re in ‘code siging space’ you can use code signing requirements to check the code in question. For example, the anchor apple requirement will tell you whether the code is from Apple. TN3127 Inside Code Signing: Requireme
Topic: App & System Services SubTopic: Networking Tags:
Replies
Boosts
Views
Activity
6d
Reply to Notarized and stapled PKG installer rejected by Gatekeeper on macOS Sequoia (Team ID: 3888L7DV3P)
[quote='887174022, Tomato, /thread/825798?answerId=887174022#887174022, /profile/Tomato'] I would file a DTS request if I were you. [/quote] Yeah, that might be necessary, but first let’s see if we can do this in public. @skygate-technologies, Are you able to share an example installer package publicly? For example, by posting a link to a site where I can download it? If so, reply here with that link. If not, reply here anyway and I’ll explain the alternative path. Note When you go to post the link, do that in the clear. See tip 14 in Quinn’s Top Ten DevForums Tips. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com
Topic: Code Signing SubTopic: Notarization Tags:
Replies
Boosts
Views
Activity
6d
Reply to com.apple.developer.automatic-assessment-configuration entitlement missing from manually downloaded Distribution/InHouse Provisioning Profile
So, the behaviour you’re seeing is expected. This capability is restricted to specific distribution models. To confirm that, follow the instructions in Finding a Capability’s Distribution Restrictions. As to what you should do about that, it kinda depends on how your product is deployed. You wrote: [quote='825833021, apisdk, /thread/825833, /profile/apisdk'] We are implementing an exam mode feature for an educational app used in schools [/quote] In-House (Enterprise) distribution is intended to be used for apps deployed within your enterprise. Presumably these schools are separate organisations, which means you must use some other distribution mechanism to distribute your app to them. What is that mechanism? The App Store? If so, the standard path forward here is to use your Organization team for both development and distribution. I see a lot of folks use In-House (Enterprise) for internal testing, and that’s not something I recommend [1]. Rather: Use Apple Development code signing for day-to-day deb
Topic: Code Signing SubTopic: Entitlements Tags:
Replies
Boosts
Views
Activity
6d
Reply to AuditToken and SecCodeCopySigningInformation
Yeah, this is a pain. SecCode acts a bit like a subclass of SecStaticCodeRef, so in most cases you can pass the first when the system expects the second. This is fine in C-based languages but Swift’s strong type checking is much less happy. In most cases the solution is to call SecCodeCopyStaticCode to convert the first to the second. Note I’ve always treated this as Security framework lore but, on looking at it again today, I discovered that it’s actually documented pretty well. However, this falls apart for SecCodeCopySigningInformation where in some cases you must pass in the original SecCode object. And yeah, my workaround for that is an unsafeBitCast(…). Alternatively, if this particular part of your product has easy access to C-based code, you can write a wrapper in C. Finally, I’d appreciate you filing a bug about this. Forcing folks to use unsafeBitCast(…) is… well… suboptimal, and so it’d be nice if we could add an overlay to get around that. If you reply here with your bug number, I’ll add
Topic: App & System Services SubTopic: Core OS Tags:
Replies
Boosts
Views
Activity
6d
Reply to HKWorkoutBuilder.finishWorkout() fails silently (nil workout, nil error) when device is locked (iOS 26.4+)
I see you mentioned data loss but just to be very clear: after you did finishWorkout(completion:) (and the completion handler was executed with both a nil workout and a nil error), did you unlock the screen and confirm that the workout was indeed not saved? This information is important, and so please update your feedback report with it as well. Thanks. Best, —— Ziqiao Chen  Worldwide Developer Relations.
Topic: App & System Services SubTopic: Health & Fitness Tags:
Replies
Boosts
Views
Activity
6d
How to get IAP/Subscription off "Waiting for Review"
I'm trying to get an app with a subscription through apple review and it keeps failing because the IAP/Subscription component is active, so the payflow never completes for the reviewer (i think?). How do I get the review team to approve the subscription first, then test the app payflow? Have tried to explain it in the latest App Review reply thread. Am i missing something? This is my first time building an app and trying to get it on the app store. Thank you!
Topic: App Store Distribution & Marketing SubTopic: App Review Tags:
Replies
2
Boosts
0
Views
165
Activity
6d
Reply to MapKit JS quota limits
Hi @DTS Engineer! Is the rate limit increase guaranteed? I need to make an architectural decision early on. I am willing to pay if I exceed the limits, but I can't seem to find a way. I cannot use MapKit JS in production if it will stop working once my user count exceeds some threshold. I'd love some clarification on this.
Topic: App & System Services SubTopic: Maps & Location Tags:
Replies
Boosts
Views
Activity
6d
Free sports prediction app with prizes being classified as gambling under Guideline 5.3.4
I’m looking for guidance regarding App Review classifying my app as gambling / real-money gaming under Guideline 5.3.4. My app is a free football prediction competition app where users predict match scores and compete in rankings based on prediction accuracy. Top-ranked users may occasionally receive promotional physical prizes such as headphones, consoles, or other products. Important details: participation is completely free there are no entry fees users cannot deposit money users cannot withdraw money there is no wagering or betting system there are no sportsbooks, odds, or casino mechanics users never risk money to participate prizes are funded directly by the platform as promotional rewards Apple rejected the app under: Guideline 2.3.6 – Accurate Metadata Guideline 5.3.4 – Gaming, Gambling, and Lotteries App Review is stating that the app includes “real money gambling, real money betting, or real money skill-based gaming” and is requesting gambling licenses and geo-restrictions. My understanding
Topic: App Store Distribution & Marketing SubTopic: App Review Tags:
Replies
2
Boosts
0
Views
72
Activity
1w
HKWorkoutBuilder.finishWorkout() fails silently (nil workout, nil error) when device is locked (iOS 26.4+)
Hello everyone, We are encountering a critical regression introduced in iOS 26.4 that results in permanent workout data loss for users. When invoking HKWorkoutBuilder.finishWorkout(completion:) while the iOS device is locked, the save operation fails completely. However, it fails silently: the completion handler executes but returns both a nil workout and a nil error. Expected Behavior: Before iOS 26.4 finishWorkout resulted in a workout id, and correctly stored the workout data in HealthKit. According to HealthKit data protection documentation, saving data when the device is locked should either succeed (writing to a temporary journal file to be merged upon unlock) or explicitly throw an error such as HKError.Code.errorDatabaseInaccessible. Actual Behavior: Because the framework returns nil for both the object and the error, the application has no way to detect that the save failed. We cannot implement a retry mechanism or queue the save, resulting in silent data loss. Steps to Reproduce: W
Topic: App & System Services SubTopic: Health & Fitness Tags:
Replies
2
Boosts
0
Views
150
Activity
1w
Reply to App Store Connect Analytics API (ONGOING): duplicate instances causing permanent data gaps
The issue still persist with May Out of the first 7 days, 3 reports are missing
Topic: App Store Distribution & Marketing SubTopic: App Store Connect API Tags:
Replies
Boosts
Views
Activity
1w
com.apple.developer.automatic-assessment-configuration entitlement missing from manually downloaded Distribution/InHouse Provisioning Profile
We are implementing an exam mode feature for an educational app used in schools, which restricts device usage during assessments. We requested the Automatic Assessment Configuration capability, received approval from Apple, and confirmed that the capability is listed as Assigned under our App ID in the Apple Developer portal. What works: When using a Development Provisioning Profile (downloaded from the portal), the entitlement key com.apple.developer.automatic-assessment-configuration is included in the profile, and our exam lock feature works correctly in development testing. The problem: When we manually download a Distribution (InHouse/Enterprise) Provisioning Profile from the portal — even after creating a new one — the entitlement key com.apple.developer.automatic-assessment-configuration is not present in the profile. verified this by running: security cms -D -i YourProfile.mobileprovision The key appears in the Development PP but is absent in the manually downloaded Distribution PP, despite the App ID
Topic: Code Signing SubTopic: Entitlements Tags:
Replies
3
Boosts
0
Views
315
Activity
1w
Best practices for bypassing critical system daemons in NETransparentProxyProvider
Hello, I am working on a network security and DLP (Data Loss Prevention) solution. A core requirement of our architecture is the ability to modify network traffic payloads in-flight (e.g., stripping sensitive data or altering packets). So, the only way to implement this is via the NETransparentProxyProvider which allows us to handle, evaluate, and modify network flows (NEAppProxyFlow). However, because this is such a powerful mechanism, my primary goal is to ensure the absolute stability of the operating system. I want to minimize the risk of interfering with core Apple services. When evaluating a flow, I have access to NEFlowMetaData, specifically properties like sourceAppUniqueIdentifier and sourceAppAuditToken. Could you please assist me with the following questions: Is there a recommended list of Apple system Application IDs (Bundle IDs) or executable names that should be strictly bypassed (ignored) by the Network Extension to maintain system integrity? Since system daemons can change between OS
Topic: App & System Services SubTopic: Networking Tags:
Replies
2
Boosts
0
Views
137
Activity
1w
Reply to SwiftData in-memory ModelContainer causes DefaultStore validation errors on consecutive xcodebuild test runs
Hi Ziqiao, Yes — I spent a full day isolating this into a standalone Swift package: https://github.com/mesqueeb/SwiftDataContainerPollutionInTests git clone https://github.com/mesqueeb/SwiftDataContainerPollutionInTests.git cd SwiftDataContainerPollutionInTests ./test.sh 20 The script runs xcodebuild test in a loop (also reproduces with swift test). It was tricky to minimize — the bug triggers roughly 1 in 15–20 runs with these simplified schemas, but in my real project with more complex Codable types and more schema versions it triggers ~5 out of 6 runs. The more I stripped away to isolate the reproduction, the lower the trigger rate got, but the core issue is the same. Regarding erase(): I tried it in my real project and it didn't help. Each in-memory container already uses a unique ModelConfiguration name (UUID().uuidString), so they shouldn't be sharing any state — the pollution seems to come from the process-global schema registry rather than from any individual container's store.
Topic: UI Frameworks SubTopic: General Tags:
Replies
Boosts
Views
Activity
1w