I have an Xcode project setup as follows: 3 static libraries 1 framework target, whose Mach-O type is set to Dynamic Library main app target (iOS app) The target dependencies are as follows: In framework's build phase [Link with libraries], I have the 3 libs statically linked. In the main app's build phase [Link with libraries], I have only the framework, which is dynamically linked. As per my understanding: The libs are statically linked to the framework. So, the framework binary would contain code from all the libs. The framework is dynamically linked to the main app (iOS app in this case). So, the main app's binary only has a reference to the framework's binary, which would be loaded in the memory at runtime. Assuming my understanding is correct, I'm stuck with the following problem: All 3 libs build successfully The framework builds successfully The main app target doesn't build. The compilation is successful, but the build fails with linker errors. Please let me know if I am doing something incorrectly, or if a configuration is missing. Below are more details: The linker gives the following error: Undefined symbols for architecture arm64: "StringUtils.GetStr() -> Swift.String", referenced from: dynamic_fw.AppDelegate.application(_: __C.UIApplication, didFinishLaunchingWithOptions: [__C.UIApplicationLaunchOptionsKey : Any]?) -> Swift.Bool in AppDelegate.o "TWUtils.GetNum() -> Swift.Int", referenced from: dynamic_fw.AppDelegate.application(_: __C.UIApplication, didFinishLaunchingWithOptions: [__C.UIApplicationLaunchOptionsKey : Any]?) -> Swift.Bool in AppDelegate.o ld: symbol(s) not found for architecture arm64 clang: error: linker command failed with exit code 1 (use -v to see invocation) And the command shown in the logs for linking phase is: Ld /Users/raunit.shrivastava/Library/Developer/Xcode/DerivedData/dynamic-fw-foqtqhpopkmoapfufzxbfloamnpr/Build/Products/Debug-iphonesimulator/dynamic-fw.app/dynamic-fw normal (in target 'dynamic-fw' from project 'dynamic-fw') cd /Users/raunit.shrivastava/Desktop/dynamic-fw /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/clang -Xlinker -reproducible -target arm64-apple-ios17.5-simulator -isysroot /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneSimulator.platform/Developer/SDKs/iPhoneSimulator17.5.sdk -O0 -L/Users/raunit.shrivastava/Library/Developer/Xcode/DerivedData/dynamic-fw-foqtqhpopkmoapfufzxbfloamnpr/Build/Intermediates.noindex/EagerLinkingTBDs/Debug-iphonesimulator -L/Users/raunit.shrivastava/Library/Developer/Xcode/DerivedData/dynamic-fw-foqtqhpopkmoapfufzxbfloamnpr/Build/Products/Debug-iphonesimulator -L. -L./StringUtils -L./TWFramework -L./TWUtils -L./dynamic-fw -F/Users/raunit.shrivastava/Library/Developer/Xcode/DerivedData/dynamic-fw-foqtqhpopkmoapfufzxbfloamnpr/Build/Intermediates.noindex/EagerLinkingTBDs/Debug-iphonesimulator -F/Users/raunit.shrivastava/Library/Developer/Xcode/DerivedData/dynamic-fw-foqtqhpopkmoapfufzxbfloamnpr/Build/Products/Debug-iphonesimulator -F. -F./StringUtils -F./TWFramework -F./TWUtils -F./dynamic-fw -filelist /Users/raunit.shrivastava/Library/Developer/Xcode/DerivedData/dynamic-fw-foqtqhpopkmoapfufzxbfloamnpr/Build/Intermediates.noindex/dynamic-fw.build/Debug-iphonesimulator/dynamic-fw.build/Objects-normal/arm64/dynamic-fw.LinkFileList -Xlinker -rpath -Xlinker @executable_path/Frameworks -Xlinker -rpath -Xlinker ./\*\* -dead_strip -Xlinker -object_path_lto -Xlinker /Users/raunit.shrivastava/Library/Developer/Xcode/DerivedData/dynamic-fw-foqtqhpopkmoapfufzxbfloamnpr/Build/Intermediates.noindex/dynamic-fw.build/Debug-iphonesimulator/dynamic-fw.build/Objects-normal/arm64/dynamic-fw_lto.o -Xlinker -export_dynamic -Xlinker -no_deduplicate -Xlinker -objc_abi_version -Xlinker 2 -fobjc-link-runtime -L/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/swift/iphonesimulator -L/usr/lib/swift -Xlinker -add_ast_path -Xlinker /Users/raunit.shrivastava/Library/Developer/Xcode/DerivedData/dynamic-fw-foqtqhpopkmoapfufzxbfloamnpr/Build/Intermediates.noindex/dynamic-fw.build/Debug-iphonesimulator/dynamic-fw.build/Objects-normal/arm64/dynamic_fw.swiftmodule -Xlinker -sectcreate -Xlinker __TEXT -Xlinker __entitlements -Xlinker /Users/raunit.shrivastava/Library/Developer/Xcode/DerivedData/dynamic-fw-foqtqhpopkmoapfufzxbfloamnpr/Build/Intermediates.noindex/dynamic-fw.build/Debug-iphonesimulator/dynamic-fw.build/dynamic-fw.app-Simulated.xcent -Xlinker -sectcreate -Xlinker __TEXT -Xlinker __ents_der -Xlinker /Users/raunit.shrivastava/Library/Developer/Xcode/DerivedData/dynamic-fw-foqtqhpopkmoapfufzxbfloamnpr/Build/Intermediates.noindex/dynamic-fw.build/Debug-iphonesimulator/dynamic-fw.build/dynamic-fw.app-Simulated.xcent.der -framework TWFramework -Xlinker -no_adhoc_codesign -Xlinker -dependency_info -Xlinker /Users/raunit.shrivastava/Library/Developer/Xcode/DerivedData/dynamic-fw-foqtqhpopkmoapfufzxbfloamnpr/Build/Intermediates.noindex/dynamic-fw.build/Debug-iphonesimulator/dynamic-fw.build/Objects-normal/arm64/dynamic-fw_dependency_info.dat -o /Users/raunit.shrivastava/Library/Developer/Xcode/DerivedData/dynamic-fw-foqtqhpopkmoapfufzxbfloamnpr/Build/Products/Debug-iphonesimulator/dynamic-fw.app/dynamic-fw

This concerns file provider framework on macOS. Some users of our application (Egnyte.app) report that they have problems downloading dataless files. When a file reaches invalid state, trying to open or download it through Finder results in "Invalid argument" alert (see example-recording.mp4). At the same time our FileProvider extension receives no fetchContents or fetchPartialContents calls. A step-by-step set of instructions to reproduce the problem (if possible) So far we don't have clear reproduction steps. The issue is easily reproducible, for multiple files, for some of our customers. See attached sysdiagnose and recording. What results you expected Our extension receives a request to download the file. File downloads and opens successfully. What results you actually saw No download request made to our File Provider extension. File doesn't open, Finder alert instead. PLEASE NOTE: Before recording and collecting sysdiagnose we installed FileProvider.mobileconfig, slightly modified official profile that we attach. Example reproduction happens 8:33 into full-recording.mp4, around 17:01:18 / 17:01:19 machine’s time. Shared sysdiagnose and recordings come from one of our customers, they permitted us to share the data. In the recording they try to open files with multiple 3rd party applications (Vectorworx, Office PowerPoint) and those opens fail with alerts from those applications. We have similar reports from customers using Adobe apps. More info in FB19462434

This concerns file provider framework on macOS. Some users of our application (Egnyte.app) report that they have problems downloading dataless files. When a file reaches invalid state, trying to open or download it through Finder results in "Invalid argument" alert (see example-recording.mp4). At the same time our FileProvider extension receives no fetchContents or fetchPartialContents calls. A step-by-step set of instructions to reproduce the problem (if possible) So far we don't have clear reproduction steps. The issue is easily reproducible, for multiple files, for some of our customers. See attached sysdiagnose and recording. What results you expected Our extension receives a request to download the file. File downloads and opens successfully. What results you actually saw No download request made to our File Provider extension. File doesn't open, Finder alert instead. PLEASE NOTE: Before recording and collecting sysdiagnose we installed FileProvider.mobileconfig, slightly modified official profile that we attach. Example reproduction happens 8:33 into full-recording.mp4, around 17:01:18 / 17:01:19 machine’s time. Shared sysdiagnose and recordings come from one of our customers, they permitted us to share the data. In the recording they try to open files with multiple 3rd party applications (Vectorworx, Office PowerPoint) and those opens fail with alerts from those applications. We have similar reports from customers using Adobe apps.

Has anyone encountered a situation like mine below? I’ve submitted feedback, but it seems like I’ll have to wait for a while. ContactProviderManager Fails with Custom domainIdentifier, Works Only with "defaultDomain" Category: Developer Tools / Frameworks Subcategory: ContactProvider Framework Reproducibility: Always iOS Version: iOS 18.0 (and later) Xcode Version: Xcode 16.0 (or later)  Description: When initializing a ContactProviderManager with a custom ContactProviderDomain using any identifier other than "defaultDomain", the initializer throws a ContactProviderError.domainNotRegistered error. The documentation for ContactProviderDomain (https://developer.apple.com/documentation/contactprovider/contactproviderdomain) does not provide any method to register custom identifiers, making it impossible to use ContactProviderManager with a desired custom identifier. The only successful case is when the identifier is "defaultDomain". print("Error: (error)") // No error, initialization succeeds Steps to Reproduce: Create a Contact Provider Extension in an iOS app targeting iOS 18.0. In host app, Attempt to initialize a ContactProviderManager with a custom ContactProviderDomain identifier: ​import ContactProvider func enableExtensionExample() async {    do {        // The app creates a contact provider manager with custom domain.        let manager =  try ContactProviderManager(domainIdentifier: "com.mycompany.customdomain")               // May prompt the person to enable the custom domain.        try await manager.enable()    } catch {       print("Error: \(error)") // Prints ContactProviderError.domainNotRegistered    } } Try the same with the default identifier: ​import ContactProvider func enableExtensionExample() async {    do {        // The app creates a contact provider manager with a default domain.        let manager =  try ContactProviderManager(domainIdentifier: "defaultDomain")               // May prompt the person to enable the default domain.        try await manager.enable()    } catch {       print("Error: \(error)") // No error, initialization succeeds    } } Build and run the app on a device or simulator running iOS 18.0 or later. Observe that the initializer fails with domainNotRegistered for any identifier other than "defaultDomain". Expected Behavior: The ContactProviderManager should initialize successfully with any valid ContactProviderDomain identifier, provided the domain is properly configured or registered, allowing developers to use custom identifiers for organizing contacts (e.g., for different categories or sources). Actual Behavior: The ContactProviderManager initializer throws ContactProviderError.domainNotRegistered for any ContactProviderDomain identifier other than "defaultDomain". Only the "defaultDomain" identifier succeeds, limiting the ability to use custom domains. Impact: Developers cannot use custom identifiers to categorize or manage contacts in separate domains, restricting the ContactProvider framework’s flexibility. This forces reliance on the "defaultDomain" identifier, which may not suit use cases requiring distinct contact groups (e.g., personal vs. business contacts). Suggested Fix: Provide an API to register custom ContactProviderDomain identifiers, such as a ContactProviderManager.register(domain:) method. Update the ContactProviderDomain and ContactProviderManager documentation to clarify how to use custom identifiers or explicitly state if only "defaultDomain" is supported. If custom identifiers are not intended to be supported, document this limitation clearly to avoid developer confusion. Feedback : FB20104001 (ContactProviderManager Fails with Custom domainIdentifier, Works Only with "defaultDomain")

Description : Our app helps users connect to Wi-Fi hotspots. We are trying to adapt our code to iOS 26 Hotspot Authentication and Hotspot Evaluation application extensions. When filtering hotspots in the filterScanList callback, we need to fetch support information from a remote server to determine which hotspots are supported. However, attempts to use URLSession or NWTCPConnection in the extension always fail. When accessing a URL (e.g., https://www.example.com), the network log shows: Error Domain=NSURLErrorDomain Code=-1003 "A server with the specified hostname could not be found." When accessing a raw IP address, the log shows: [1: Operation not permitted] Interestingly, NWPathMonitor shows the network path as satisfied, indicating that the network is reachable. Question: Are there any missing permissions or misconfigurations on our side, or are we using the wrong approach? Is there an official recommended way to perform network requests from an NEHotspotEvaluationProvider extension?

I'm trying to use DNR to force safe search with Qwant search engine. Under certain circumstances (scenario described below) the search is performed with an API which contains the safe search level in a URL parameter. A typical query URL is https://api.qwant.com/v3/search/web?q=test&count=10&locale=fr_FR&offset=0&device=desktop&tgp=1&safesearch=0&displayed=true&llm=true. I want a DNR rule to force safesearch to be 2 (= strict) (from some javascript code) : { id: 1, priority: 1, action: { type: 'redirect', "redirect": { "transform": { "queryTransform": { "addOrReplaceParams": [{ "key": "safesearch", "value": "2" }] } } } }, condition: { "urlFilter": "api.qwant.com/v3/search", "resourceTypes": ["xmlhttprequest"] }, } When this rule is activated, I end up with a URL with the original safesearch parameter AND the forced one : https://api.qwant.com/v3/search/web?q=test&count=10&locale=fr_FR&offset=0&device=desktop&tgp=1&safesearch=0&displayed=true&llm=true&safesearch=2. To reproduce this request (with the previous DNR rule in place) : navigate to https://www.qwant.com search for some string (test in my case). This displays the list of results ; click the engine button at the top right to display the settings pane ; inspect network request performed by this page ; change the Adult filter in the list -> the results are automatically updated with the new settings. The web request shows URL with the 2 safesearch parameters. I already used addOrReplaceParams in 'standard' contexts (main_frame) and it works just fine. Any hint on what goes on ? Thank you.

import UIKit class KeyboardViewController: UIInputViewController { // MARK: - Properties private var keyboardView: KeyboardView! private var heightConstraint: NSLayoutConstraint! private var hasInitialLayout = false // 存储系统键盘高度和动画参数 private var systemKeyboardHeight: CGFloat = 300 private var keyboardAnimationDuration: Double = 0.25 private var keyboardAnimationCurve: UIView.AnimationOptions = .curveEaseInOut // MARK: - Lifecycle override func viewDidLoad() { super.viewDidLoad() setupKeyboard() } override func viewWillAppear(_ animated: Bool) { super.viewWillAppear(animated) // 在视图显示前更新键盘高度，避免闪动 if !hasInitialLayout { hasInitialLayout = true } } override func viewDidAppear(_ animated: Bool) { super.viewDidAppear(animated) } // MARK: - Setup private func setupKeyboard() { // 创建键盘视图 keyboardView = KeyboardView() keyboardView.translatesAutoresizingMaskIntoConstraints = false view.addSubview(keyboardView) // 设置约束 - 确保键盘贴紧屏幕底部 NSLayoutConstraint.activate([ keyboardView.leftAnchor.constraint(equalTo: view.leftAnchor), keyboardView.rightAnchor.constraint(equalTo: view.rightAnchor), keyboardView.bottomAnchor.constraint(equalTo: view.bottomAnchor) ]) // 设置初始高度约束（使用系统键盘高度或默认值） let initialHeight = systemKeyboardHeight heightConstraint = keyboardView.heightAnchor.constraint(equalToConstant: initialHeight) heightConstraint.isActive = true } // MARK: - Layout Events override func viewDidLayoutSubviews() { super.viewDidLayoutSubviews() } override func viewSafeAreaInsetsDidChange() { super.viewSafeAreaInsetsDidChange() } // MARK: - 键盘高度请求 // 这个方法可以确保键盘扩展报告正确的高度给系统 override func updateViewConstraints() { super.updateViewConstraints() // 确保我们的高度约束是最新的 if heightConstraint == nil { let height = systemKeyboardHeight > 0 ? systemKeyboardHeight : 216 heightConstraint = NSLayoutConstraint( item: self.view!, attribute: .height, relatedBy: .equal, toItem: nil, attribute: .notAnAttribute, multiplier: 0.0, constant: height ) heightConstraint.priority = UILayoutPriority(999) view.addConstraint(heightConstraint) } else { let height = systemKeyboardHeight > 0 ? systemKeyboardHeight : 216 heightConstraint.constant = height } } } // MARK: - Keyboard View Implementation class KeyboardView: UIView { private var keysContainer: UIStackView! override init(frame: CGRect) { super.init(frame: frame) setupView() } required init?(coder: NSCoder) { super.init(coder: coder) setupView() } private func setupView() { backgroundColor = UIColor(red: 0.82, green: 0.84, blue: 0.86, alpha: 1.0) // 创建按键容器 keysContainer = UIStackView() keysContainer.axis = .vertical keysContainer.distribution = .fillEqually keysContainer.spacing = 8 keysContainer.translatesAutoresizingMaskIntoConstraints = false addSubview(keysContainer) // 添加约束 - 确保内容在安全区域内 NSLayoutConstraint.activate([ keysContainer.topAnchor.constraint(equalTo: safeAreaLayoutGuide.topAnchor, constant: 8), keysContainer.leftAnchor.constraint(equalTo: safeAreaLayoutGuide.leftAnchor, constant: 8), keysContainer.rightAnchor.constraint(equalTo: safeAreaLayoutGuide.rightAnchor, constant: -8), keysContainer.bottomAnchor.constraint(equalTo: safeAreaLayoutGuide.bottomAnchor, constant: -8) ]) // 添加键盘行 } }

I created 2 iOS projects in Xcode: Project 1: 4 targets (main app + 3 app extensions) 4 static libraries the main app's target dependencies include - 3 app extensions and the 4 libs. the main app's binary is linked to all 4 libs similarly, each extension is linked to all 4 libs Project 2: 5 targets (main app + 3 app extensions + 1 framework) 4 static libraries the main app's target dependencies include - 3 app extensions and the framework each extension is dependent only on the framework the framework's target dependencies include all the 4 static libs As per my understanding, the app bundle size for Project 2 should be less than that of Project 1, since we eliminate duplicating the static libs for each target by using a framework instead. However, I have found that the bundle size is more for Project 2 as compared to the bundle size of project 1. I do not understand, why?

We are encountering an issue where the Safari extension we are developing stops working while in use on relatively new iOS versions (confirmed on 17.5.1, 17.6.1, and 18). Upon checking the Safari console, the content script is displayed in the extension script, so the background script or Service Worker must be stopping. The time until it stops is about 1 minute on 17.5.1 and about one day on 17.6.1 or 18. When it stops, we would like to find a way to restart the Service Worker from the extension side, but we have not found a method to do so yet. To restart the extension, the user needs to turn off the corresponding extension in the iPhone settings and then turn it back on. As mentioned in the following thread, it is written that the above bug was fixed in 17.6, but we recognize that it has not been fixed. https://forums.developer.apple.com/forums/thread/758346 On 17.5.1, adding the following process to the background script prevents it from stopping for about the same time as on 17.6 and above. // Will be passed into runtime.onConnect for processes that are listening for the connection event const INTERNAL_STAYALIVE_PORT = "port.connect"; // Try wake up every 9S const INTERVAL_WAKE_UP = 9000; // Alive port var alivePort = null; // Call the function at SW(service worker) start StayAlive(); async function StayAlive() { var wakeup = setInterval(() => { if (alivePort == null) { alivePort = browser.runtime.connect({ name: INTERNAL_STAYALIVE_PORT }); alivePort.onDisconnect.addListener((p) => { alivePort = null; }); } if (alivePort) { alivePort.postMessage({ content: "ping" }); } }, INTERVAL_WAKE_UP); } Additionally, we considered methods to revive the Service Worker when it stops, which are listed below. None of the methods listed below resolved the issue. ① Implemented a process to create a connection again if the return value of sendMessage is null. The determination of whether the Service Worker has stopped is made by sending a message from the content script to the background script and checking whether the message return value is null as follows. sendMessageToBackground.js let infoFromBackground = await browser.runtime.sendMessage(sendParam); if (!infoFromBackground) { // If infoFromBackground is null, Service Worker should have stopped. browser.runtime.connect({name: 'reconnect'}); // ← reconnection process // Sending message again infoFromBackground = await browser.runtime.sendMessage(sendParam); } return infoFromBackground.message; Background script browser.runtime.onConnect.addListener((port) => { if (port.name !== 'reconnect') return; port.onMessage.addListener(async (request, sender, sendResponse) => { sendResponse({ response: "response form background", message: "reconnect.", }); }); ② Verified whether the service worker could be restarted by regenerating Background.js and content.js. sendMessageToBackground.js export async function sendMessageToBackground(sendParam) { let infoFromBackground = await browser.runtime.sendMessage(sendParam); if (!infoFromBackground) { executeContentScript(); // ← executeScript infoFromBackground = await browser.runtime.sendMessage(sendParam); } return infoFromBackground.message; } async function executeContentScript() { browser.webNavigation.onDOMContentLoaded.addListener((details) => { browser.scripting.executeScript({ target: { tabId: details.tabId }, files: ["./content.js"] }); }); } However, browser.webNavigation.onDOMContentLoaded.addListener was not executed due to the following error. @webkit-masked-url://hidden/:2:58295 @webkit-masked-url://hidden/:2:58539 @webkit-masked-url://hidden/:2:58539 ③ Verify that ServiceWorker restarts by updating ContentScripts async function updateContentScripts() { try { const scripts = await browser.scripting.getRegisteredContentScripts(); const scriptIds = scripts.map(script => script.id); await browser.scripting.updateContentScripts(scriptIds);//update content } catch (e) { await errorLogger(e.stack); } } However, scripting.getRegisteredContentScripts was not executed due to the same error as in 2. @webkit-masked-url://hidden/:2:58359 @webkit-masked-url://hidden/:2:58456 @webkit-masked-url://hidden/:2:58456 @webkit-masked-url://hidden/:2:58549 @webkit-masked-url://hidden/:2:58549 These are the methods we have considered. If anyone knows a solution, please let us know.

I've gotten to the point where I can use the mount(8) command line tool and the -t option to mount a file system using my FSKit file system extension, in which case I can see a process for my extension launch, probe, and perform the other necessary actions. However, when plugging in my USB flash drive or trying to mount with diskutil mount, the file system does not mount: $ diskutil mount disk20s3 Volume on disk20s3 failed to mount If you think the volume is supported but damaged, try the "readOnly" option $ diskutil mount readOnly disk20s3 Volume on disk20s3 failed to mount If you think the volume is supported but damaged, try the "readOnly" option Initially I thought it would be enough to just implement probeExtension(resource:replyHandler:) and the system would handle the rest, but this doesn't seem to be the case. Even a trivial implementation that always returns .usable doesn't cause the system to use my FSModule, even though I've enabled my extension in System Settings > General > Login Items & Extensions > File System Extensions. From looking at some of the open source msdos and Disk Arb code, it seems like my app extension needs to list FSMediaTypes to probe. I eventually tried putting this in my Info.plist of the app extension: <key>FSMediaTypes</key> <dict> <key>EBD0A0A2-B9E5-4433-87C0-68B6B72699C7</key> <dict> <key>FSMediaProperties</key> <dict> <key>Content Hint</key> <string>EBD0A0A2-B9E5-4433-87C0-68B6B72699C7</string> <key>Leaf</key> <true/> </dict> </dict> <key>0FC63DAF-8483-4772-8E79-3D69D8477DE4</key> <dict> <key>FSMediaProperties</key> <dict> <key>Content Hint</key> <string>0FC63DAF-8483-4772-8E79-3D69D8477DE4</string> <key>Leaf</key> <true/> </dict> </dict> <key>Whole</key> <dict> <key>FSMediaProperties</key> <dict> <key>Leaf</key> <true/> <key>Whole</key> <true/> </dict> </dict> <key>ext4</key> <dict> <key>FSMediaProperties</key> <dict> <key>Content Hint</key> <string>ext4</string> <key>Leaf</key> <true/> </dict> </dict> </dict> </plist> (For reference, the partition represented by disk20s3 has a Content Hint of 0FC63DAF-8483-4772-8E79-3D69D8477DE4 and Leaf is True which I verified using IORegistryExplorer.app from the Xcode additional tools.) Looking in Console it does appear now that the system is trying to use my module (ExtendFS_fskit) to probe when I plug in my USB drive, but I never see a process for my extension actually launch when trying to attach to it from Xcode by name (unlike when I use mount(8), where I can do this). However I do see a Can't find the extension for <private> error which I'm not sure is related but does sound like the system can't find the extension for some reason. The below messages are when filtering for "FSKit": default 19:14:53.455826-0400 diskarbitrationd probed disk, id = /dev/disk20s3, with ExtendFS_fskit, ongoing. default 19:14:53.456038-0400 fskitd Incomming connection, entitled 1 default 19:14:53.456064-0400 fskitd [0x7d4172e40] activating connection: mach=false listener=false peer=true name=com.apple.filesystems.fskitd.peer[350].0x7d4172e40 default 19:14:53.456123-0400 fskitd Hello FSClient! entitlement yes default 19:14:53.455902-0400 diskarbitrationd [0x7461d8dc0] activating connection: mach=true listener=false peer=false name=com.apple.filesystems.fskitd default 19:14:53.456151-0400 diskarbitrationd Setting remote protocol to all XPC default 19:14:53.456398-0400 fskitd About to get current agent for 501 default 19:14:53.457185-0400 diskarbitrationd probed disk, id = /dev/disk20s3, with ExtendFS_fskit, failure. error 19:14:53.456963-0400 fskitd -[fskitdXPCServer applyResource:targetBundle:instanceID:initiatorAuditToken:authorizingAuditToken:isProbe:usingBlock:]: Can't find the extension for <private> (I only see these messages after plugging my USB drive in. When running diskutil mount, I see no messages in the console when filtering by FSKit, diskarbitrationd, or ExtendFS afterward. It just fails.) Is there a step I'm missing to get this to work, or would this be an FSKit bug/current limitation?

Do I need this permission to test out development on my local phone? I believe I do since I cannot get the monitor extension to embed AND sign, making it so i cannot test this feature. As in the class will not instantiate and trigger after specific time has happened

Our UI-less share extension (com.apple.services) appears in Safari and Chrome. We raise a popup "Open in (app)..." via the Action.js script document.location.href = urlScheme://... in Safari. However, in Chrome, while our extension executes, parses the URL item attachment from Chrome, it never triggers that popup or opens our app. How can a UI-less share extension open our app from Chrome? Is the accepted practice, despite guidelines, turning the com.apple.ui-services view controller invisible and auto-openURLing? Several apps on the store appear to do this, immediately popping their app without any confirmation dialog or UI in both Safari and Chrome. https://stackoverflow.com/a/79369242

Both view and modifier versions of the FamilyActivityPicker crash randomly when selecting some items (usually the other option) throwing these in the console: [com.apple.FamilyControls.ActivityPickerExtension(1150.1)] Connection to plugin invalidated while in use AX Lookup problem - errorCode:1100 error:Permission denied portName:'com.apple.iphone.axserver' PID:22091 ( 0 AXRuntime 0x00000001c603b0fc _AXGetPortFromCache + 800 1 AXRuntime 0x00000001c603cce0 AXUIElementPerformFencedActionWithValue + 700 2 UIKit 0x0000000230de3ec8 DDE6E0C5-2AC3-3C73-8CFE-BC88DE35BB5F + 1453768 3 libdispatch.dylib 0x0000000103ef0b98 _dispatch_call_block_and_release + 32 4 libdispatch.dylib 0x0000000103ef27bc _dispatch_client_callout + 20 5 libdispatch.dylib 0x0000000103efa66c _dispatch_lane_serial_drain + 832 6 libdispatch.dylib 0x0000000103efb408 _dispatch_lane_invoke + 408 7 libdispatch.dylib 0x0000000103f08404 _dispatch_root_queue_drain_deferred_wlh + 328 8 libdispatch.dylib 0x0000000103f07a38 _dispatch_workloop_worker_thread + 444 9 libsystem_pthread.dylib 0x00000001f0824f20 _pthread_wqthread + 288 10 libsystem_pthread.dylib 0x00000001f0824fc0 start_wqthread + 8 ) This also happens in production apps like the Opal. The questions are: At least how to detect it to be able to manually reload the sheet (like what Opal does and shows an alert when this happens) How to prevent it in the first place? I really appreciate any help you can provide.

Apple is encouraging VPN apps on macOS to transition to Network Extension APIs, if they haven't done so yet, see: TN3165: Packet Filter is not API WWDC25: Filter and tunnel network traffic with NetworkExtension Using Network Extension is fine for VPN apps that are distributed via the Mac App Store. Users get one pop-up requesting permission to add VPN configurations and that's it. However, VPN apps that are distributed outside of the App Store (using Developer ID) cannot use Network Extension in the same way, such apps need to install a System Extension first (see TN3134: Network Extension provider deployment). Installing a System Extension is a very poor user experience. There is a pop-up informing about a system extension, which the user has to manually enable. The main button is "OK", which only dismisses the pop-up and in such case there is little chance that the user will be able to find the correct place to enable the extension. The other button in that pop-up navigates to the correct screen in System Settings, where the user has to enable a toggle. Then there is a password prompt. Then the user has to close the System Settings and return to the app. This whole dance is not necessary for VPN apps on the Mac App Store, because they work with "app extensions" rather than "system extensions". As a developer of a VPN app that is distributed outside of the App Store, my options are: Implement VPN functionality in an alternative way, without Network Extension. This is discouraged by Apple. Use a System Extension with Network Extension. This is going to discourage my users. I have submitted feedback to Apple: FB19631390. But I wonder, why did Apple create this difference in the first place? Is there a chance that they will either improve the System Extension installation process or even allow "app extensions" outside of the Mac App Store?

During the development of our 3D game project, we encountered high memory usage requirements. To address this, we enabled Apple’s Extended Virtual Addressing (EVA) and Increased Memory Limit services. We have confirmed that both services were enabled in the developer backend as well as in Xcode, and we also used updated development and distribution certificates when building the app. However, in our validation process, it seems that EVA and Increased Memory Limit are not taking effect — the game still experiences memory overflow and crashes. Could you please advise: The correct steps to properly use Extended Virtual Addressing and Increased Memory Limit; How we can confirm whether these services are functioning as expected?

We use as content filter in our app to monitor flows, we gather data about the flow and block flows deemed suspicious. Our content filter is activated/deactivated by a UI app but the flows are reported via XPC to a separate daemon process for analysis. As of macOS 15, we are seeing cases where flows are missing or flows are not received at all by the content filter. The behaviour is not consistent, some devices seem to receive flows normally but others don't. It appears Intel devices are much less prone to showing the problem, whereas Arm devices routinely exhibit missing flows. On macOS 14 or earlier, there is no sign of missing flows. Testing on earlier beta versions of macOS 15 did not appear to show the problem, however I can't rule out if issue was present but it wasn't spotted. Experimenting with simple examples of using a content filter (e.g. QNE2FilterMac) does not appear to reproduce the issue. Questions, What has changed between macOS 14 and 15 that could be the cause of the lack of flows? Is our approach to using an app activated content filter reporting to a daemon connected via XPC unsupported?

I'm having some trouble getting my widget to display how I want when the user has a tint applied to their home screen. The issue I'm having is with a Text() element, as well as a LinearGradient I am displaying on top of my image. The text should always be white, and the gradient is always black with varying levels of opacity. I've managed to fix this issue with images displayed in my widget by leveraging widgetAccentedRenderingMode(.fullColor) however, there does not seem to be an equivalent of this for non-Image components. I'm aware of .widgetAccentable(false) but as I understand it, elements are already considered not accentable by default and you need to explicitly declare widgetAccentable(true) to add them to the accent group. I've tried specifying this to be false up and down my view hierarchy just to see if something will stick but no luck. Are there any other levers I can pull to preserve the declared colors for my text and gradient components? The images I am displaying is album artwork where preserving the original image is integral, but the tinted text color and overlaid gradient often clash or just looks bad in general. Is there a solution for colored primitive elements?

Hi Apple team, I'm experiencing a persistent issue with writing to UserDefaults from a widget extension on iOS. Here's the situation: I've set up an App Group: group.test.blah The main app has the correct entitlement and can read/write from UserDefaults(suiteName:) using this group successfully. I can read the value written by the app from the widget (e.g., "testFromApp": "hiFromApp"). The widget extension has the same App Group enabled under Signing &amp; Capabilities. The provisioning profile reflects the App Group and the build installs successfully on a real device. The suite name is correct and matches across both targets. I’ve confirmed via FileManager.default.containerURL(...) that the app group container resolves properly. When I try to write from the widget extension like this let sharedDefaults = UserDefaults(suiteName: "group.test.blah") sharedDefaults?.set("hiFromWidget", forKey: "testFromWidget") ...I get this error in the console: Couldn't write values for keys ( testFromWidget ) in CFPrefsPlistSource&lt;0x1140d2880&gt; (Domain: group.test.blah, User: kCFPreferencesCurrentUser, ByHost: No, Container: (null), Contents Need Refresh: No): setting preferences outside an application's container requires user-preference-write or file-write-data sandbox access Questions: What could still cause the widget extension to lack write access to the app group container, even though it reads just fine? Are there any internal sandboxing nuances or timing-related issues specific to Live Activity widgets that could explain this? Is this a known limitation or platform issue?

I already waited 4 weeks to get family control entitlement for my bundle ID : com.company.my-cool-app While trying to distribute the app, Its forcing me to have provisioning profile for com.company.my-cool-app.ReportExtension and when I create the provisioning profile it says : doesn't include the com.apple.developer.family-controls entitlement.

We have developed Apple Wallet Extension for our App. The in-app provisioning for the card is working. However when we try to add the card from Wallet extension it gives error saying "Your issuer does not yet offer support for this card". From the apple documentation we can see the issues is same as mentioned in Scenario 2 at following link https://applepaydemo.apple.com/in-app-provisioning#8.4 We are getting eligibilityStatus as 0 Below is the response from Wallet captured using SysDiagnosis https://crt-pod1-smp-device.apple.com:443/broker/v4/devices/0434320BCB1A90022306073796318273728D0A367FA927F4/cards 200 Time profile: 1.77856 seconds { x-conversation-id = ...... Content-Type = "application/json" x-pod = "crt-pod1" x-xss-protection = "1; mode=block" Server = "Apple" x-pod-region = "paymentpass.com.apple" regionbrokerurl = "https://crt-pod1-smp-device.apple.com:443/broker" Date = "Wed, 06 Aug 2025 11:39:30 GMT" Content-Length = "488" x-envoy-upstream-service-time = "1400" Strict-Transport-Security = "max-age=31536000; includeSubdomains" cross-origin-opener-policy = "same-origin" x-keystone-correlationid = ...... x-content-type-options = "nosniff" Vary = "accept-language" x-frame-options = "SAMEORIGIN" } { applicationIdentifier = ......; auxiliaryCapabilities = { }; cardType = 4; deviceProvisioningDataExpected = 1; eligibilityStatus = 0; identifier = ......; learnMoreURL = "https://www.apple.com/ae/apple-pay/banks/ae/en-ae.html"; nonce = ......; paymentApplications = ( { appletTypeIdentifier = Argon; paymentType = Credit; } ); region = "paymentpass.com.apple"; sanitizedPrimaryAccountNumber = 7008; sanitizedPrimaryAccountPrefix = ""; }