Hi, I am tying to build the app with increased-memory-limit for vision OS, but I got error while asset validation Invalid Code Signing Entitlements. Your application bundle's signature contains code signing entitlements that are not supported on visionOS. Specifically, key 'com.apple.developer.kernel.increased-memory-limit' in '[AppName]' is not supported. (ID: 34399486-5b8c-4737-a446-6722fa1f6d98) how should I fix this error Thanks, Max

**Why does using CameraPicker require user authorization through a pop-up? ** Why don't ImagePicker or PhotoPicker require additional pop-up authorizations for accessing the photo library? All of these are implemented using UIImagePickerController, so why does one require a pop-up and the others do not? Additionally, I thought that by configuring the picker, I would theoretically not need any permissions. If permissions are still required, wouldn’t it make more sense to directly request camera permissions and utilize the native camera functionality? What then are the advantages of using the picker?

Hi All, I submitted a Family Controls Request Form but haven't heard back. I didn't get any case id when I submitted the request, so how do you track it and know when It is approved? I'm currently developing an app that requires the main target and also the app extension to both use Family Controls. Does this mean I need to request forms for both app bundles separately or just the main app? This is really worrying for us as our project is almost ready and we are unable to launch it :( . Would appreciate any responses. Thanks,

I've heard family controls request forms can take up to weeks and even months... I'm currently developing an app that requires the main target and also the app extension to both use Family Controls. Does this mean I need to request forms for both app bundles separately or just the main app? If I have to wait weeks or even months for both then that's a bit painful tbh. Is there a way to distribute to testflight without getting approved for the family controls entitlement? Thanks

I've requested for family control via: https://developer.apple.com/contact/request/family-controls-distribution & got approved. I've now created new provision files with family control being checked in the identifiers & uploaded manually. Yet, still get: Provisioning profile "redoAppStore" doesn't support the Family Controls capability. Provisioning profile "redoAppStore" doesn't include the com.apple.developer.family-controls entitlement. The family control capability is added to my main target (IOS app) as well. What should I do to get it uploaded?

After updating to Xcode 15.3 and Sonoma, I started getting an error when packaging my app: Provisioning profile failed qualification Profile doesn't include the com.apple.developer.mail-client entitlement. There is no indication in the documentation that this has anything to do with the provisioning profile, and there is no capacility that needs to be added. I was given the "com.apple.developer.mail-client" entitlement from Apple over a year ago as documented in: https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_developer_mail-client, and it worked fine until now.

We have a huge project. Until today we didn't use an .app but now we must in order to use Endpoint security and other stuff. Until today our binary sat in /opt/XYZ/binary.bin Now because of the .app, looks like it will have to be /opt/XYZ/Cool.app/Content/MacOs/binary.bin This change really breaks our code and will cause a massive code change. If I extract the binary from the app and place it in /opt/XYZ/binary.bin and run it, the process is killed. Is there a way to extract it from the app and run it from /opt/XYZ ? any tool, command, resource, etc' will be great.

Hello Fellow Developers, I'm reaching out for insights or solutions to a challenge we're encountering with our sync client application, particularly related to maintaining user folder access permissions across app sessions and system restarts. In our application, we leverage the openFileDialog to enable users to select a folder for file downloads and synchronization. To ensure smooth access on subsequent app launches, we save a security bookmark of the chosen folder. This is crucial for our app to function without repeatedly asking for user permissions, thereby enhancing the user experience. However, we've hit a snag where the security bookmark expires after a few days or upon a system restart, leading to a less than ideal scenario where users are prompted for reauthorization through a FileDialog. This repetitive process is not the seamless experience we aim to provide. To address permissions and security, we are currently using two entitlements: com.apple.security.files.bookmarks.document-scope com.apple.security.files.bookmarks.app-scope Despite these, we still face the bookmark expiration issue. We're seeking advice on whether there are other entitlements or methods we should consider to maintain persistent access to the selected folder without the security bookmark expiring. Our goal is to reduce or eliminate the need for users to repeatedly grant access, ensuring a seamless and efficient user experience. Has anyone faced a similar challenge or can offer guidance on additional entitlements or strategies to achieve persistent folder access? Any suggestions, alternative approaches, or insights would be greatly appreciated. We're keen on exploring all possible solutions to enhance our application's functionality and user satisfaction. Thank you for your time and assistance. I look forward to any advice or discussions this community can offer.

I requested the com.apple.developer.device-information.user-assigned-device-name entitlement on Feb 11 and received an email reply stating "We’ll contact you within a few weeks with your request status." However, it's been more than a month without any updates. Can anyone chime in with their experience RE: how long it took for Apple to review their request for this entitlement? https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_developer_device-information_user-assigned-device-name

I have a macOS app which contains a dext. I'd like to distribute it to external testers using TestFlight, so it has to pass Mac App Store review. It failed, because the App Sandbox entitlement was missing. I checked the app, it has the entitlement, but the dext does not. However, the .entitlements file used by the dext does contain App Sandbox set to true. I tried adding a "fake-entitlement" value to the .entitlements file, and that made it into the dext's code signature, but the App Sandbox entitlement appears to be stripped out by the build process? For a dext target, it isn't possible to add the App Sandbox capability in Xcode's Signing and Capability section. I have to add the entitlement manually in the .entitlement file (or it was put there by the Xcode driver template, I don't remember). I've tried clean building several times, I've tried Xcode 15.0.1, 15.2 and 15.3, but the result is always the same. I'm inspecting the entitlements using codesign -dvvv --entitlements - Does anyone know what I can do to put the App Sandbox entitlement into my dext's signature? Is this happening to anyone else?

I encounter a warning: "Cannot be used with TestFlight because the signature for the bundle at “Lattics.app” is missing an application identifier but has an application identifier in the provisioning profile for the bundle. Bundles with application identifiers in the provisioning profile are expected to have the same identifier signed into the bundle in order to be eligible for TestFlight." (90886). I don't need the TestFlight. And I add "com.apple.application-identifier" to the entitlements, but it crash on opening. I got an error: Code Signing Crashes

Hello everyone! Since iOS 17.4, it's now easier to set up an eSIM from a browser/email or with a link. We can now longpress the QR code to get the option to add an eSIM. Is it still required to have that private entitlement to enable the same functionality in-app but not in a browser? Seems odd. I can store QR codes on Imgur to install eSIM but can't do the same with my native app by CTCellularPlanProvisioning.addPlan method. Redirecting users to the browser seems like a workaround, but it creates a noticeable discrepancy in usability. I might have overlooked some SDK updates or new methods. Are there any new approaches to enable in-app eSIM setup with the latest update? Secondly, in the "Other eSIM activation methods" section of this page, a special link is mentioned, but I couldn't find any examples or resources for that. Thanks

The company that works on our app was required to have their clients create dev accounts that our app could be moved to. We did the app transfer from our previous developer and everything seemed fine. However when they try to update the app they get errors and have told us to remove certain data from the old dev account. We have tried this 3 different times and still no success. Here are the things we are being told to remove. Perhaps someone can give me more info on where to find these on our previous developer's account. Here's the identifier for you: 'group.com.subsplashstudio145.First-Bible-Church-of-Decatur' According to our team you will need to have the app group, NotificationContent and NotificationService removed from that other account. Any help appreciated! Thanks!

The documentation for CarPlay (https://developer.apple.com/documentation/carplay/requesting_carplay_entitlements) tells you to disable automatic signing in the section titled "Import the CarPlay Provisioning Profile": Click All in the scope bar, and then deselect “Automatically manage signing”. There have also been other posts in the past about the inability to use automatic signing with CarPlay: https://developer.apple.com/forums/thread/63468 However in a recent post of mine (https://developer.apple.com/forums/thread/717429?login=true&page=1#732392022) I was instructed how to set it up so that I could use automatic signing for the new user-assigned-device-name entitlement and it worked so I thought "Can I do the same thing for CarPlay?" and it seems to be working so far. Is automatic signing with CarPlay now possible? We have been able to use automatic signing to archive successfully and run to real devices and verify that CarPlay is working. I'm crossing my fingers that we'll be able to submit and get the build approved and never have to touch manual signing again. Hopefully it works and the documentation is just out of date.

I am using Godot 4.2.1 and C# (.NET 8.0.1) to create an app. In Godot the app is exported to an XCode project so it can then be built to run on IOS devices. Access WiFi is checked in the Godot presets I have the multicast entitlement from Apple. Communication over UDP using Unicast to send and receive packets works correctly on iOS, macOS and Android devices. To set the multicast entitlement, the project name is selected in XCode, to open a big dialog box with multiple tabs. Click on the tab Signing and Capabilities. To add the multicast to the project "+ Capability" is clicked, search for "multi" which brings up multicast networking. Click on multicast networking to add it to the project. Then in the same dialog box, click the tab build settings and under "Signing" code signing identity is changed to iOS developer for all Debug and release items. The project is then built and run on the iOS device. The symptom is that no multicast packets are received. The multicast receiving code below works on macOS and Android devices so there must be something going on with the iOS devices that I'm missing. The UDP server is configured in C# code as a _listener: private const string MULTICAST_ADDRESS = "239.255.1.1"; private const int BCON_PORT = 49707; _listener = new UdpClient(); _listener.ExclusiveAddressUse = false; _listener.JoinMulticastGroup(IPAddress.Parse(MULTICAST_ADDRESS)); _listener.Client.Bind(new IPEndPoint(IPAddress.Any, BCON_PORT));

Hello! Firstly, I am submitting an entitlement request to access the E-sim configuration for the iOS application. While filling out the form, I encountered an issue with providing carrier information. The form is designed for a single carrier, but I have five carriers. Should I list all of them? Secondly, I have come across numerous discussions online regarding the time it takes to process such requests. Could you please provide me with an estimated timeframe for completion? Our customer is interested in completing the feature within a month. Thanks