I'm having a problem on macOS 26 that has not happened on previous macOS versions. When I call guard url.startAccessingSecurityScopedResource() else { return } try url.bookmarkData(options: [.withSecurityScope]) with url being "file:///", I get an error Error Domain=NSCocoaErrorDomain Code=256 "File descriptor doesn't match the real path." Given that Google returns 0 results on this error, I suppose this is a macOS 26 novelty. (The bookmark data created before upgrading to 26 resolve well). Does anyone already met this or have an idea on how to get around it? The app is a file manager, so having bookmarked access to "/" is crucial.

How do I get the FileManager in SwiftUI to read information about the apps in the Applications folder. Lots of apps do it, Alfred, Raycast. It's not something that is unheard of, and yet I cannot for the life of me, using every kind of guide on the internet figure out how to achieve this. Please somebody help, this is legitimately affecting my mental health.

Hi, I just released a new version of an app that was transferred from another developer account. The previous version of this app used the App Groups feature to store some important data, and I would like to retrieve that data. In the new version, I’m using the same bundle identifier and the same App Group ID (which has already been deleted from the original developer account). I also added the App Groups entitlement in the project settings and set the same App Group ID. However, I still cannot access the data in the App Group. From the documentation and issues I’ve found, it seems that an app should still have permission to access the same App Group after being transferred. Did I miss something? Thanks!

Title's basically the whole question. I'm writing an SMS/Call Reporting extension (ILClassificationUIExtensionViewController). My goal is to keep everything on device and not use the built-in SMS/network reporting. To that end, I'm trying to write to a file in the App Group container from the classificationResponse handler. I'm getting Error 513: "You don’t have permission to save the file “classification_log.txt” in the [app group container folder]". I haven't been able to find much in the documentation on whether this behavior is enforced in classificationResponse handlers. Apple's barebones page on "SMS and Call Spam Reporting"[1] says "the system always deletes your extension’s container after your extension terminates," but that doesn't answer whether you can write to an App Group container. I haven't been able to find that answer elsewhere. ChatGPT and Gemini are both very sure it can be done. Any thoughts? [1] https://developer.apple.com/documentation/identitylookup/sms-and-call-spam-reporting

Has any one come across file corruption issues with tvOS 26? I am tracking an issue where files in my app's NSCachesDirectory are getting corrupted (not deleted) when my app is in the background. The issue is sporadic and very hard to reproduce, but is definitely a new issue with 26.

When I drag and drop a file with flag "shouldAttemptToOpenInPlace: true", I was able to access the original file name in macOS 15. After upgrading to macOS 26, I can't access the original file name anymore. Instead, I got some useless file name such as ".com.apple.Foundation.NSItemProvider.gKZ91u.tmp". The app no longer works with these tmp filenames because it needs the orignal file name to do the file transfer. (Btw, this is a WinSCP like app on Mac platform) Could you please check and fix this issue? Thank you. FileRepresentation(contentType: .item, shouldAttemptToOpenInPlace: true)

Hello, appreciate any help here. Objective: perform a scoped write to a removable block device (using low-level system frameworks in C). Issue: launchd-run privileged helper (as root) denied permission to open block device. Manual 'sudo ./helper' call succeeds, however. Importantly: the entire process works flawlessly if the main app is granted Full Disk Access in Privacy & Security. However, this should be completely unnecessary for this objective, as scoped access should be sufficient, and FDA is in fact not required for other apps which perform this task. Architecture and flow: Main GUI process collects ISO path and target removable device path (queried via IOKit). Main GUI process installs a Privileged Helper via SMJobBless. The Privileged Helper is started on demand by launchd as root (UID 0, EUID 0). Main GUI process communicates selected ISO and device paths to Privileged Helper via XPC. Privileged Helper conducts security and sanity checks, unmounts volumes from target device via DiskArbitration. Privileged Helper obtains file handles to ISO and target block device (e.g.: "/dev/disk4"). Privileged Helper performs a byte-by-byte write to the target block device. Problematic area: Simplified example using C syscalls (via Zig): const path = "/dev/disk5"; // Note that even with readonly flag this fails const fd = c.open(path, c.O_RDONLY, @as(c_uint, 0)); defer _ = c.close(fd); if (fd < 0) { const err_num = c.__error().*; const err_str = c.strerror(err_num); log("open() failed with errno {}: {s}", .{ err_num, err_str }); } Output (when run by launchd - UID 0, EUID 0, domain: system): open() failed with errno 1: Operation not permitted Simplified example with Zig open interface: const directory = try std.fs.openDirAbsolute(deviceDir, .{ .no_follow = true }); const device = try directory.openFile("/dev/disk5", .{ .mode = .read_write, .lock = .exclusive }); errdefer device.close(); Output (when run by launchd - UID 0, EUID 0, domain: system): Error: error.AccessDenied Running the same examples by manually launching the binary with a test argument succeeds: sudo ./helper "/dev/disk5" ... Notable points: Both Main GUI process and the Privileged Helper binary are codesigned (via codesign ...). Privileged Helper has both Info.plist and Launchd.plist symbols exported into its binary. Privileged Helper has no codesign flags (e.g.: for hardened runtime or others): CodeDirectory v=20400 size=8130 flags=0x0(none) hashes=248+2 location=embedded Output of sudo launchctl print system/<helper-bundle-id> shows nothing of interest to indicate any security restrictions. Appreciate any advice here!

Hi, My Mac app allows a customer to drag and drop a file package onto a SwiftUI view. I can't seem to find a way to successfully call .startAccessingSecurityScopedResource() with the file/dir that was dropped into the view. I put together a simple test app. Here is the code: struct ContentView: View { @State var isTargetedForDrop: Bool = false var body: some View { VStack { Image(systemName: "globe") .imageScale(.large) .foregroundStyle(.tint) Text("Hello, world!") Rectangle() .stroke(Color.gray) .onDrop(of: [UTType.fileURL], isTargeted: $isTargetedForDrop) { providers in guard let provider = providers.first(where: { $0.hasItemConformingToTypeIdentifier(UTType.fileURL.identifier) }) else { return false } provider.loadItem(forTypeIdentifier: UTType.fileURL.identifier, options: nil) { item, error in if let error = error { print("Drop load error: \(error)") return } if let url = item as? URL { print("Dropped file URL: \(url)") } else if let data = item as? Data, let url = URL(dataRepresentation: data, relativeTo: nil) { print("Dropped file URL (from data): \(url)") let access = url.startAccessingSecurityScopedResource() if access { print("Successfully accessed file at URL: \(url)") } else { print("Failed to access file at URL: \(url)") } url.stopAccessingSecurityScopedResource() } else { print("Unsupported dropped item: \(String(describing: item))") } } return true } } .padding() } } When I drop a file package into this view I see, "Failed to access file at URL: <the_full_file_path>" I'm running Xcode 26 on macOS 26.

What’s the recommended way to recursively walk through a directory tree using File Coordination? From what I understand, coordinating a read of a directory only performs a “shallow” lock; this would mean that I’d need to implement the recursive walk myself rather than use FileManager.enumerator(at:includingPropertiesForKeys:options:errorHandler:) plus a single NSFileCoordinator.coordinate(with:queue:byAccessor:) call. I’m trying to extract information from all files of a particular type, so I think using NSFileCoordinator.ReadingOptions.immediatelyAvailableMetadataOnly on each file before acquiring a full read lock on it (if it’s the right file type) would make sense. Am I on the right track?

Hi, I am trying to load files from the Apple Vision Pro's storage into a Unity App (using Apple visionOS XR Plugin and not PolySpatial package). So far, I've tried using UnitySimpleFileBrowser and UnityStandaloneFileBrowser (both aren't made for the Vision Pro and don't work there), and then implemented my own naive file browser that at least allows me to view directories (that I can see from the App Sandbox). This is of course very limited: Gray folders can't be accessed, the only 3 available ones don't contain anything where a user would put files through the "Files" app. I know that an app can request access to these "Files & Folders": So my question is: Is there a way to request this access for a Unity-built app at the moment? If yes, what do I need to do? I've looked into the generated Xcode project's "Capabilities", but did not find anything related to file access. Any help is appreciated!

I am constantly running out of storage on my iPhone 16 Pro. I keep having to move my photos and videos to my laptop and delete them from my phone, and I’m constantly needing to offload apps and manually clear caches in some apps to free up storage. I finally got sick of having this cycle every two weeks so looked into it more closely. I’m finding that iOS consumes 32 GB, and then another system reserve category is consuming an additional 23 GB. Meaning the system reserved files are consuming half of the storage on this phone and effectively making it a 64 GB model. I understand the system will need to consume some capacity for itself and that iOS is getting larger, but nearly 50% of the capacity of the phone is insane. Looking closer into the categories, I’m seeing that iOS has taken it upon itself to also permanently provision 10% of the storage capacity for reserve update space. Already another instance of “why am I having to lose so much of my functional capacity to an occasional process?” but I can understand the utility of this — if I didn’t still have to offload basically all my apps every single time I run a software update, because I’m still some not-insignificant amount short. I seem to recall it being between 6-20 GB across the different updates I’ve had to do since iOS 26 rolled around. I’d also like to be clear that preprovisioning the storage space for updates isn’t a bad idea, just give us an off switch if we’d rather be able to take a few hundred more photos, have another few apps, etc. than have the space sit mostly unused. The biggest culprit is this “system data” category which is somehow consuming as much space as the entire operating system and its extensions. There’s no clear way to request iOS to clear this down if some of it is temporary data, which we should have a button for even if Apple thinks it should “just work.” Windows usually trims down on its temp files, but on the occasion you go look and see 67 GB of temporary files, being able to manually run the disk cleanup tool is very helpful. I’m hesitant to try any third party app because I shouldn’t need to, and knowing Apple, it wouldn’t have access to anything it would actually have to touch anyway. Which is neither here nor there, but give us a button to clear cache or maybe run the cleanup when the phone reboots? I am running the developer beta right now so maybe that’s part of it. However I’m not sure… I had switched to mainline release for a while when it released, and it didn’t seem any different with storage consumption and battery drain. I jumped back to beta to see some of the new features and am waiting for another mainline release to switch back to as the recent betas have been much more unstable/buggy than the entire prerelease beta period. Just wondering if anyone has any kind of input on this storage issue in particular as it’s not really been talked about as much as the battery drain issue from what I can see.

I am having a rare crash when calling FileHandle(forWritingTo:) initializer with a file that does not exist. In the documentation, I see that the expected behaviour is to return nil, but in my app, in rare cases I have a Crash. My code that causes the crash is if let handle = try? FileHandle(forWritingTo: logFile) { Is it a known behaviour ? should I test if the file exist before calling FileHandle(forWritingTo:) ? Shareable_2025-09-01_05-32-28.3051.crash

I’m building an app that edits files in iCloud and uses an NSFilePresenter to monitor changes. When a conflict occurs, the system calls presentedItemDidGain(_:). In that method, I merge the versions by reading the current (canonical) version using NSFileVersion.currentVersionOfItem(at:) and the conflicting ones using NSFileVersion.unresolvedConflictVersionsOfItem(at:). This generally works, but sometimes, if two devices edit the same file at the same time, each device sees its own local version as the current one. For example: Device A writes fileVerA (slightly later in real time) Device B writes fileVerB On Device A all works fine, currentVersionOfItem returns fileVerA, as expected, and unresolvedConflictVersionsOfItem returns [fileVerB]. But on Device B, currentVersionOfItem returns fileVerB!? And unresolvedConflictVersionsOfItem returns the same, local file [fileVerB], without any hint of the other conflicting version, fileVerA. Later, the newer version from the Device A arrives on Device B as a normal, non-conflicting update via presentedItemDidChange(_:). This seems to contradict Apple’s documentation: “The currentVersionOfItemAtURL: method returns an NSFileVersion object representing what’s referred to as the current file; the current file is chosen by iCloud on some basis as the current “conflict winner” and is the same across all devices.” Is this expected behavior, or a bug in how iCloud reports file versions?

Hi, I’m trying to open a GPX file (route.gpx) from the Files app on my iPhone using my app (e.g., Aqua Map). Since the latest iOS update (iOS 26), when I long-press the file and tap “Open with…”, my app does not appear in the list anymore. I’ve checked that my app has the correct permissions for Files and Folders. I’m wondering: Is this a user-side issue (Settings on iPhone)? Or does it require developer-side changes in the app (Info.plist / UTI declarations) to make .gpx files appear in “Open with…” or “Share” menus? What is the proper way to make my app appear as an option to open GPX files in Files.app on iOS 26? Thanks in advance!

I’m building a macOS document based app using SwiftUI’s DocumentGroup API. By default, when a document based app launches, macOS automatically shows a file open panel or creates a new untitled document window. However, I want to suppress this default behavior and instead show a custom welcome window when the app starts — something similar to how Xcode or Final Cut Pro shows a “Welcome” or “Start Project” screen first. So basically, when the user opens the app normally, it should not open the document selector or create a document automatically. Instead, it should show my custom SwiftUI or AppKit window. Here is my Code :- //MyApp.swift import SwiftUI import AppKit @main struct PhiaApp: App { @NSApplicationDelegateAdaptor(AppDelegate.self) var appDelegate var body: some Scene { DocumentGroup(newDocument: MyDocumentModel()) { file in EditorView(document: file.document, filePath: file.fileURL) } Settings { EmptyView() } } } Current I have this code setup for my MainApp.swift, where I am using the AppDelegate to create a custom recording window using appkit and also defining the DocumentGroup to handle the custom .myapp file opens. However, when I launch the app, its showing my appkit window as well as the macOs native file Selector to select the file I want to open. I want when the user opens the app normally, it should not open the document selector or create a document automatically. Instead, it should show my custom SwiftUI or AppKit window. However, the app should still fully support opening .myapp documents by double clicking from Finder, using the standard File → Open and File → New menu options, also having multiple document windows open at once. This is my AppDelegate.swift file :- import AppKit import SwiftUI class AppDelegate: NSObject, NSApplicationDelegate { var panel: Panel? private var statusItem: NSStatusItem? func applicationDidFinishLaunching(_ notification: Notification) { showWindow() } // MARK: - Window control func showWindow() { if panel == nil { let root = RecordingViewMain() let newPanel = Panel(rootView: root) if let screen = NSScreen.main { let size = NSSize(width: 360, height: 240) let origin = NSPoint( x: screen.visibleFrame.midX - size.width / 2, y: screen.visibleFrame.midY - size.height / 2 ) newPanel.setFrame(NSRect(origin: origin, size: size), display: true) } panel = newPanel } panel?.makeKeyAndOrderFront(nil) } func hideWindow() { panel?.orderOut(nil) } @objc private func showPanelAction() { showWindow() } @objc private func quitAction() { NSApp.terminate(nil) } }

Our app is unable to write to its own sandbox container on macOS when run via “My Mac (Designed for iPad)”. This is not an issue when the app runs on iPhone or on iPad. This seems to affect all attempts to write to the file system including: UserDefaults Core Data (SQLite) Firebase (Analytics, Crashlytics, Sessions) File creation (PDFs, temp files, etc.) We're seeing the following errors in the console: Operation not permitted / NSCocoaErrorDomain Code=513: Permissions error when writing to disk. CFPrefsPlistSource: Path not accessible: Failure to write to UserDefaults. Cannot synchronize user defaults to disk: UserDefaults write blocked. CoreData: No permissions to create file: Core Data SQLite store can't be created. Firebase: Failed to open database: Firebase can't initialize local storage. CGDataConsumerCreateWithFilename: failed to open ... for writing: PDF generation fails due to temp directory access issues. Created a test project to try and reproduce the issue but unable to do so in the test project, even when setting all the build settings the same as the project having issues.

I'm downloading a fine-tuned model from HuggingFace which is then cached on my Mac when the app first starts. However, I wanted to test adding a progress bar to show the download progress. To test this I need to delete the cached model. From what I've seen online this is cached at /Users/userName/.cache/huggingface/hub However, if I delete the files from here, using Terminal, the app still seems to be able to access the model. Is the model cached somewhere else? On my iPhone it seems deleting the app also deletes the cached model (app data) so that is useful.

Hi, a short question really, which boils down to... How do I make sure I have removed all usage of app groups in my Mac app store app, such that the Mac app store agrees I have! Fundamentally, what I'm trying to do is transfer my app to another developer. In previous releases of this app on the App Store, I used a shared app group container to communicate between the main app and it's (embedded) XPC service, but this blocks App Store transfer of the app to another developer. So I came up with another approach for the App and XPC service to communicate (using a URL bookmark for security scoped files to be passed to the XPC service). And then tried various things to get the app store to accept that I'm no longer using app groups. So far with no luck... removed the app groups entitlements by hand from the entitlements files used to sign the main app and the XPC service, respectively. when that didn't work, go into the Developer Portal, find the app ids for the main app and the XPC service, make sure those app ids had the app groups entitlement removed too, created a new provisioning profile for the app, based on this updated app id, downloaded it, rebuilt an app archive using this updated provisioning profile and used it to create another new release on the app store when that didn't work, found and deleted all app app groups in my developer account in the developer portal itself None of the above worked. When I try to transfer the app in App Store Connect, I still see the same message, "You can't transfer this app because of the following reasons: Sandboxed Group Container You can only transfer sandboxed apps that are not sharing a group container." I'm now pretty far from using a shared group container, so I'm puzzled why it still thinks I am? There is one last thing I can try... I noticed over the weekend that even though the entitlement is gone, there's one place in code that may or may not be run on rare occasions (hard to tell) that attempts to open the app group shared container with the code... let container = FileManager.default.containerURL(forSecurityApplicationGroupIdentifier: ...which I think is just returning nil and doing nothing. Potentially the App Store sees that attempted API access for shared group containers and assumes I'm still using app groups (even though there's no entitlement so that call will always be failing)? I can do yet another App Store update and just remove that code. But I want to get to the bottom of why it has been failing all this time. What is App Store Connect / the Mac App Store looking at that makes it think I'm still using app groups? I've tried so many things and don't want to mess users around with another App Store update unless this code above is the actual cause! Cheers p.s. It's a teamID based app group of the form... MY_TEAM_ID.s4a e.g. SWDC5K54B7.s4a

I use the code below to rename a file, it works ok, but then the system calls accommodatePresentedItemDeletion(completionHandler:) on a NSFilePresenter that presents the file, immediately after the call to presentedItemDidMove(to:) What am I doing wrong? NSFileCoordinator().coordinate(writingItemAt: oldURL, options: .forMoving, writingItemAt: newURL, options: [], error: &error) { (actualURL1, actualURL2) in do { coordinator.item(at: actualURL1, willMoveTo: actualURL2) try FileManager().moveItem(at: actualURL1, to: actualURL2) coordinator.item(at: actualURL1, didMoveTo: actualURL2) } catch {...} }

My process running with root privilege, but got below error with API SecStaticCodeCreateWithPath(::_:) to create static code object for Cortex XDR Agent app, it working fine for other app like Safari on same device. 2025-07-22 02:02:05.857719(-0600)[23221:520725] DBG Found /Library/Application Support/PaloAltoNetworks/Traps/bin/Cortex XDR Agent.app,/Library/Application Support/PaloAltoNetworks/Traps/bin/Cortex XDR Agent.app running. Will verify the process now 2025-07-22 02:02:05.859209(-0600)[23221:520725] ERR Failed to create static code for path /Library/Application Support/PaloAltoNetworks/Traps/bin/Cortex XDR Agent.app/Contents/MacOS/Cortex XDR Agent. Error: Optional(UNIX[Operation not permitted]) Code Snippet let fileURL = URL(fileURLWithPath: processPath) var code: SecStaticCode? let rc = SecStaticCodeCreateWithPath(fileURL as CFURL, [], &code) if rc == errSecSuccess, let code = code { staticCode = code } else { ZSLoggerError("Failed to create static code for path \(processPath). Error: \(String(describing: SecCopyErrorMessageString(rc, nil)))") return nil }