Hi all, I've been trying for over a year to get a review for our app to become a default mail app request. I've sent emails to our devrel contact, the app review contact, and tried to find other places to look. How can we get this processed?

I tried building and running our application with the new Xcode 15.0 beta (15A5160n) The build fails with the following message: Provisioning profile "REDACTED" doesn't support the Access Wi-Fi Information, Hotspot Configuration, and Push Notifications capability. However none of those capabilities are new, they are part of the profile and I was just able to build the project with Xcode 14 before. I already tried reloading the profiles but that does not help. Automatic Signing is disabled for our project.

I have a target that is intended to support both iPad and Mac Catalyst. I have the hardened runtime configuration for camera and photo library enabled in Xcode capabilities and get the following error when attempting to upload the Mac Catalyst build to TestFlight. I have been using it locally for a long time, but mostly sending the iPad version to TestFlight. Documentation on the entitlement indicates it is appropriate for macOS from what I can tell. Invalid Code Signing Entitlements. Your application bundle's signature contains code signing entitlements that are not supported on macOS. Specifically, key 'com.apple.security.personal-information.photo-library' in 'com.technomage.Data-Boards.pkg/Payload/DataBoards.app/Contents/MacOS/DataBoards' is not supported. (ID: 6af5bcd1-ba53-40ca-9185-c409c5647b61

Hi all, We deploy custom iOS/ipadOS apps to our iPads via jamf cloud. The apps are add-hoc releases using our distribution profile that includes all the iPads UUID. We then upload the apps to jamf and from there send it to our iPads. When we deploy new versions of existing apps, we ran into issues where jamf would not update the app. After checking the iPad logs on the console, we found the follow errors that occurs every time jamf tries to push the new app: default 12:47:03.239756-0700 dmd container_acquire_sandbox_extension: success default 12:47:03.239780-0700 dmd container_acquire_sandbox_extension com.myCompany.myApp succeeded for path '/private/var/mobile/Containers/Data/Application/93DBC421-803E-48B5-B704-429908066041' error 12:47:03.240395-0700 cfprefsd rejecting read of { com.myCompany.myApp, mobile, kCFPreferencesCurrentHost, /Library/Managed Preferences/mobile/com.myCompany.myApp.plist, managed: 1 } from process 122 (dmd) because accessing these preferences requires user-preference-read or file-read-data sandbox access fault 12:47:03.240600-0700 dmd Couldn't read values in CFPrefsManagedSource<0xda8a2c9a0> (Domain: com.myCompany.myApp, User: kCFPreferencesCurrentUser, ByHost: Yes, Container: (null), Contents Need Refresh: Yes): accessing these preferences requires user-preference-read or file-read-data sandbox access default 12:47:03.240695-0700 dmd Revoking sandbox extension; key = 43 It seems as if the MDM process cannot update the app because of missing entitlements? Weird enough, this does not happen on all our iPads, only on a subset and we have not found the pattern yet to narrow down what the issue is. We reached out to jamf but they claim the issue is with our app. But we can't really figure out what we would have to do to our app to let the MDM process update it. When searching for this on google we found some related issues for macOS apps but nothing for iOS/ipadOS. Any hints or pointers what the issue with our app could be? Thanks!

I'm working on macOS app that includes command-line helper programs and daemons launched by the GUI app. I used to use the same signing ID (codesign -i) for the GUI and CLI binaries but recently switched to different signing IDs after seeing recommendations against it here on the forums. My question is: Why should each program have a different signing ID? What issues could arise if the GUI and CLI (agent/daemon) have the same signing ID? I was shipping them with the same signing ID for months and didn't notice any issues. So far, my experience is that it's only making things more complicated and hurting UX. For example, I have to request notification permissions twice, once for the GUI and once for the CLI. I'm also worried that users might have to to grant TCC permissions multiple times.

Hi there, I am using Core NFC and I established the connection with the card, (it means that the info.plist is correct and the entitlement should be correct as well). The app detects the card, but after sending the command 'tag.sendCommand()' I receive this message: [CoreNFC] -[NFCTagReaderSession transceive:tagUpdate:error:]:879 Error Domain=NFCError Code=2 "Missing required entitlement" UserInfo={NSLocalizedDescription=Missing required entitlement} So, what is missing or what am I doing wrong? Here is the code: func tagReaderSession(_ session: NFCTagReaderSession, didDetect tags: [NFCTag]) { guard !tags.isEmpty else { return } let hexString = //... if case let .iso7816(tag) = tags[0] { session.connect(to: tags[0]) { error in if let error = error { print("Error: \(error.localizedDescription)") return } let apdu = hexString.convertToAPDU() tag.sendCommand(apdu: apdu) { (response: Data, sw1: UInt8, sw2: UInt8, error: Error?) in // -> here is when the error appears, in the completion print([UInt8](response)) // print -> [] } } } }

The latest version of the Apple Developer Program License Agreement (late June 23) contains new language in section 3.1.d: Authorized Student Developers may not access any entitlement profiles provided to You by Apple, unless otherwise approved in writing by Apple; I help manage the institutional developer account for a university, and I'm not really sure how to interpret this. In practical terms, what limits does this place on student developers that contribute to our apps? Does this mean that student developers can no longer have a Developer role with "Access to Certificates, Identifiers & Profiles" enabled? This would mean student developers can no longer upload their build to directly to App Store Connect.

Hello! We are relaunching our app on an aggressive timeline and we really need these entitlements enabled on the backend. I have the ticket created already and I keep reaching out but I have not heard back yet. Does anyone know how we can expedite this request or someone I could reach out to? Thanks!

Dear Apple, We are in the process of enhancing our DP+ to support Apple devices and we would like to integrate with Apple Lookup server. Could you please guide us as we are struggling to find data on the developer site ? Many thanks.

Hello. (hold for a moment, I'll get to the point) I'm developing addon for Blender and I'm trying to make it work on MacOS m1 too. I'm using hppfcl library for the addon and whenever I'm trying to import it from python I get the error below. Error: Python: Traceback (most recent call last): File "<string>", line 1, in <module> File "/Users/m1/Library/Application Support/Blender/3.6/scripts/addons/blenderbim/libs/site/packages/hppfcl/__init__.py", line 34, in <module> from .hppfcl import * ImportError: dlopen(/Users/m1/Library/Application Support/Blender/3.6/scripts/addons/blenderbim/libs/site/packages/hppfcl/hppfcl.cpython-310-darwin.so, 0x0002): Symbol not found: __ZN5boost6python15instance_holder8allocateEP7_objectmm Referenced from: /Users/m1/Library/Application Support/Blender/3.6/scripts/addons/blenderbim/libs/site/packages/hppfcl/hppfcl.cpython-310-darwin.so Expected in: /Applications/Blender.app/Contents/Resources/lib/libboost_python310.dylib The error is caused by the fact that /Applications/Blender.app/Contents/Resources/lib/libboost_python310.dylib is incompatible with hppfcl. I have compatible version in /Users/m1/Library/Application Support/Blender/3.6/scripts/addons/blenderbim/libs/libboost_python310.dylib. ❓Mine question is how to make scripts/addons/blenderbim/libs/libboost_python310.dylib either main library to be loaded for hppfcl or for the entire Blender (this will work too)? What I've tried and researched: If I check hppfcl library with otool -l hppfcl.cpython-310-darwin.so it's referring to the correct library that should be compatible given that /scripts/addons/blenderbim/libs/site/packages/hppfcl/../../../libboost_python310.dylib => /scripts/addons/blenderbim/libs/libboost_python310.dylib. Load command 20 cmd LC_RPATH cmdsize 40 path @loader_path/../../../ (offset 12) If i run otool -l /Applications/Blender.app/Contents/MacOS/Blender I see why error is referring to /Resources/lib/libboost_python310.dylib. So it seems that hppfcl @loader_path is overriden by Blender's @loader_path. Load command 65 cmd LC_RPATH cmdsize 48 path @loader_path/../Resources/lib (offset 12) I tried to use export DYLD_LIBRARY_PATH="/Users/m1/Library/Application Support/Blender/3.6/scripts/addons/blenderbim/libs/:$DYLD_LIBRARY_PATH" (and same thing with DYLD_FALLBACK_LIBRARY_PATH) before starting Blender which lead to no success - DYLD_LIBRARY_PATH is purged when I start Blender (deduced it by checking os.environ from python). I guess it's because Blender is protected process and the only way around it so either rebuild with different build settings or to disable system integrity protection (both are very bad options for the addon).

By creating a provisioning profile on the dashboard or let Xcode (14.3.1) do an automatic signing to obtain that profile, the Network Extensions contains now additional "relay" item, which is not available, when capabilities are added in the Xcode (tried on Xcode Beta 15.2 as well) The relay is visible though in the web inspector, when provisioning profile is created via developer dashboard That said, the provisioning profile file (.mobileprovision) has this: and in the raw XML: if I would try to manually modify XML entitlements in the Xcode by adding relay, the Signing and Capabilities page of the Xcode project does not reflect this change and eventually removes this additional code line, if I try to select a proper item, for instance DNS Proxy Is it a new Bug introduced recently? Is it that just Xcode "forgot" to get this update (in Beta as well). The problem is that old profiles stopped working as they do not contain relay

Hi, I am running into a strange issue where my universal links work fine on devices when using USB, simulators and TestFlight, it works with no problem on all test environments But once I submit it for App Review, they don't work. And I have no way to replicate it. At some point they get it working somehow but every resubmission the process repeats where I go back and forth for days until they finally get it working. Anyone run into this strange issue or has a clue what might be going on?

We got enabled the option for enabling the entitlement com.apple.developer.device-information.user-assigned-device-name after submitting the request, now when we try to enable this option it shows below message. Will it affect any existing live enterprise apps and it stopped working? Please advise.

I am using Xcode 14 and multiplatform app project. I have received the CarPlay entitlements from Apple and everything works on iOS. However I do have to share the same entitlements.plist file with macOS (multiplatform project uses the same file) and the CarPlay entitlement crashes the Mac app. If I remove those lines from it everything works fine: <key>com.apple.developer.carplay-audio</key> <true/> How to handle this? I have tried to add iphoneos on the end of the key but it keeps crashing even then.

Guys I'm the account holder of my company and we are working on a new EPP solution. Approx two months go I requested an Endoint Security entitlement so we can develop our product and then requested it again about a month ago. Is there a way to see what is the status of the request and whether this time frame is indeed the one we should expect? Thanks a lot!

Hi guys, I am trying to get webcredentials for associated domains to work on a standalone watchOS-app that I am working on. The AASA-file is hosted correctly, and the keychain autofill works fine on the iOS-app within the same workspace using the same associated domain. The setup on the watchOS-app is close to identical to the iOS-app. The textContentType-modifiers are correctly added onto the textfields. Within the watchOS-app, the textfields allow me to browse my keychain but it doesn't filter the credentials linked to my associated domain. The developer docs say: For watchOS apps, you must add the Associated Domains capability to the WatchKit Extension target. I assume that this doesn't apply to standalone watchOS-apps that do not have the WatchKit Extension. Has anyone encountered this issue? Appreciate any ideas.

On June 25, 2023, I received approval letter "User Assigned Device Name entitlement confirmation". I then tried to enable this entitlement on the developer portal with the following steps. Login to https://developer.apple.com/ with my login. Note I am the account holder and admin Then go to Account Click "Identifiers" on Certificates, IDs &amp;amp; Profiles Select my app identifier Click "Additional Capabilities" I only found two previously approved entitlements. I don't see the new “User Assigned Device Name”. I then logged out and logged in with various web browsers and devices and had the same result. Entitlement "User Assigned Device Name” is missing. I since worked with Apple Developer Support (https://developer.apple.com/contact/) for over 2 weeks. They confirmed that this entitlement was added to my account (with correct team id). They asked for screenshots, screen capture videos, and browser versions repeatedly but offered no real help. I also sent email to email address that sent out the original entitlement approval letter but I did not receive any response. Any support avenue that I can use for resolve this issue?