Hello, we are currently integrating Writing Tools into our macOS application using NSWritingToolsCoordinator with a custom NSView. Overall, the integration is going well and we are generally satisfied with the API. However, text replacement is sometimes not using NSWritingToolsCoordinator callback function. When selecting “Replace” from a preview in a Writing Tools UI popup, the text replacement is performed via the NSTextInputClient callback function (insertText:), which does not seem correct. This is especially problematic in multi-context scenarios, because NSTextInputClient insertText: does not provide the required information about the Writing tools context being used. As a result, it is not possible to determine which context is being modified when managing more than a single context. In our view, Writing Tools should consistently use the callback function of NSWritingToolsCoordinator for text replacement, whatever is the action performed. This is essential for properly handling multi-context use cases. This issue is reproducible with the sample app project provided here https://developer.apple.com/documentation/appkit/enhancing-your-custom-text-engine-with-writing-tools. If you define a breakpoint in function writingToolsCoordinator:replaceRange:inContext:proposedText:reason:animationParameters:completion: of the Writing tools coordinator, the function is not triggered if text replacement is performed from a preview like for "Summary" with "replace" button. NSWritingToolsCoordinator callback function seems to be called only when text replacement is performed directly inline (in the text view) without external preview so. i have opened a issue with feedback assistant: FB22401950. Best regards.

We're developing a Mac App Store application that embeds the V8 JavaScript engine (via Electron). The application has shipped successfully on macOS 15.x with the following entitlements: com.apple.security.app-sandbox = true com.apple.security.cs.allow-jit = true com.apple.security.cs.allow-unsigned-executable-memory = true com.apple.security.cs.disable-library-validation = true On macOS 26 Tahoe, the exact same signed binary crashes deterministically within ~1.5 seconds on Apple Silicon with EXC_BREAKPOINT (SIGTRAP), ESR 0xf2000000. The crash is in V8's background JIT compilation thread when it attempts to manage memory page protections (transitioning pages between Read-Write and Read-Execute states via mprotect). The crash does not occur in these configurations: macOS 26 + App Sandbox + Intel x86_64 — works macOS 26 + Hardened Runtime (no sandbox) + ARM64 — works macOS 15.x + App Sandbox + ARM64 — works This appears to be a regression in how the XNU kernel handles mprotect calls for sandboxed processes on ARM64 under macOS 26, specifically in the context of the allow-jit entitlement. Has the behavior of allow-jit changed in macOS 26 with respect to runtime code generation memory management on ARM64? Is there a new API or entitlement that V8-style JIT engines should use instead of mprotect-based RW↔RX page transitions?

iPhone 14(iOS 26.4) MacBook Air M4 (macOS 26.4) When I mirror with iPhone on Mac, the enter key is always pressed automatically uncontrollably, causing the search bar and other related scenes to fail. And AirPods Pro 2nd generation will switch between Mac and iPhone by mistake, when iPhone and Mac are not playing

I lived with knowledge that one needs to provide his login password to unlock the login keychain. This does not seem to be entirely true after upgrading Tahoe to 26.4. For example, on 26.3: Go to ~/Library/Keychains Copy login.keychain-db to different name, say test.keychain-db. Double-click on test.keychain-db -> this should open Keychain Access with test in Custom keychains section, it will appear locked. Select test keychain and press Cmd+L to unlock it. When prompted, provide your login password. Result: the keychain is unlocked. When I preform above sequence of steps on 26.4 I am not able to unlock the copied keychain (the original login keychain appears implicitly unlocked).

Hi, I’m building a macOS tool that analyzes process behavior to detect autonomous / AI-like activity locally (process trees, file access patterns, and network usage). The system is fully user-space and runs locally in real time. I’m planning to use the Endpoint Security Framework for process and file event monitoring. This is an open-source project (non-enterprise), developed by a solo developer. My question: What are the realistic chances of getting Endpoint Security entitlements approved for this type of project? Are there specific requirements or common reasons for rejection I should be aware of? Thanks, sivan-rnd

We've noticed, that size of our ipa started to vary from time to time. We've found that all the difference was in the LC_CODE_SIGNATURE command under the _LINKEDIT segment of binary. The main reason of that change was the different number of hash slots due to different value of page size: 4096 on macOS SEQUOIA and 16384 on macOS TAHOE. So the size of the final binary was dependent on the machine, it was produced on. I didn't find out any information on why the default page size changed on TAHOE. Apple’s codesign supports a --pagesize argument. For regular builds that setting can be passed via OTHER_CODE_SIGN_FLAGS=--pagesize 16384. But it seems that xcodebuild export ...` completely ignores it: i've tried to pass invalid size (not the power of two), and the export still succeded. I've also managed to get xcodebuild logs via log stream --style compact --predicate 'process == "xcodebuild" OR process == "codesign"' --level trace They have no occurrences of --pagesize: 2026-03-24 13:43:27.236 Df xcodebuild[93993:a08c53] [IDEDistributionPipeline:verbose] invoking codesign: <NSConcreteTask: 0x8a1b21bd0; launchPath='/usr/bin/codesign', arguments='( "-f", "-s", 8C38C4A2CB0388A3DB6BAEFE438F20E044EE6CB2, "--entitlements", "/var/folders/w_/5t00sclx2vlcm4_fvly7wvh00000gn/T/XcodeDistPipeline.~~~T3Dcdf/entitlements~~~c2srXx", "--preserve-metadata=identifier,flags,runtime,launch-constraints,library-constraints", "--generate-entitlement-der", "--strip-disallowed-xattrs", "-vvv", "/var/folders/w_/5t00sclx2vlcm4_fvly7wvh00000gn/T/XcodeDistPipeline.~~~T3Dcdf/Root/Payload/App.app/Frameworks/FLEXWrapper.framework" )'> So here I have some questions: How is the default page size selected? Why the default page size may change between SEQUOIA and TAHOE? How to provide page size to xcodebuild's export or it's a bug that it doesn't look at the value of OTHER_CODE_SIGN_FLAGS?

I just submitted FB22318443. In Mac Catalyst apps running on macOS 26.4, if you choose to limit the app's access to specific photos (as opposed to granting full access), the photos do not appear in the app. 💀 This issue does not occur on iPadOS. It is a macOS 26.4 regression. It occurs even with apps built using a previous version of the SDK such as 26.2. A sample of the console logs: [RM]: 4-1-1 failed to decode for asset: 9290CC20-B85D-47B5-BDBE-D330FE61773D, error code: 3303, description: Error Domain=PHPhotosErrorDomain Code=3303 "(null)" Failed to get sandbox extension for url: file:///Users/Jordan/Pictures/Photos%20Library.photoslibrary/resources/derivatives/masters/9/9290CC20-B85D-47B5-BDBE-D330FE61773D_4_5005_c.jpeg, error: Error Domain=com.apple.photos.error Code=44001 "sandbox extension not in the cache after requesting them for path: /Users/Jordan/Pictures/Photos Library.photoslibrary/resources/derivatives/masters/9/9290CC20-B85D-47B5-BDBE-D330FE61773D_4_5005_c.jpeg" UserInfo={NSDebugDescription=sandbox extension not in the cache after requesting them for path: /Users/Jordan/Pictures/Photos Library.photoslibrary/resources/derivatives/masters/9/9290CC20-B85D-47B5-BDBE-D330FE61773D_4_5005_c.jpeg} [RM]: 1-1-1 Image request failed with error: Error Domain=PHPhotosErrorDomain Code=3303 "(null)"

When using Section(_:isExpanded:) inside a List with .listStyle(.sidebar) in a NavigationSplitView, some rows don't animate with the others during collapse and expand. Specific rows (often in the middle of the section) snap in/out instantly while the rest animate smoothly. I've reproduced this with both static views and ForEach. Minimal reproduction: struct SidebarView: View { @State private var sectionExpanded = true @State private var selection: Int? var body: some View { NavigationSplitView { List(selection: $selection) { Section("Section", isExpanded: $sectionExpanded) { ForEach(1...3, id: \.self) { index in NavigationLink(value: index) { Label("Item \(index)", systemImage: "\(index).circle") } } } } .listStyle(.sidebar) .navigationTitle("Sidebar") } detail: { if let selection { Text("Selected item \(selection)") } else { Text("Select an item") } } } } Environment: macOS 26.3, Xcode 26.3, SwiftUI Steps to reproduce: Run the above code in a macOS app Click the section disclosure chevron to collapse Observe that some rows animate out while others snap instantly Expand again — same inconsistency Expected: All rows animate together uniformly. Actual: Some rows (typically middle items) skip the animation entirely. I also tried using static Label views instead of ForEach, same result. Is there a known workaround?

Dear Apple Support, I would like to raise a concern regarding the behavior of the “Desktop & Documents Folders” feature in iCloud Drive. From a business and development standpoint, the fact that folders may be automatically moved or created without clear and explicit user awareness is quite concerning. File system behavior is something users generally expect to remain predictable and fully under their control. In particular, when working in development environments, even small and unintended changes to folder structures can lead to issues such as broken file paths, build errors, or inconsistencies in project setups. The possibility that such changes may occur automatically introduces an element of uncertainty that is difficult to manage in professional workflows. Additionally, there are security considerations. For example, if sensitive files such as configuration data or API keys are temporarily stored on the Desktop, the possibility that they could be unintentionally synced to the cloud raises valid concerns. Even if safeguards exist, the lack of clear visibility and explicit confirmation makes it difficult to confidently assess and manage risk. Overall, the current behavior gives the impression that folder operations may occur without sufficient transparency. From a business perspective, this impacts trust, predictability, and operational reliability. I would appreciate consideration of the following improvements: Clear and explicit communication before any folder movement or creation occurs A strictly opt-in model with unambiguous user consent Greater visibility into when and how synchronization affects local files Options to ensure fully local control over specific directories Thank you for your attention to this matter. I hope this feedback will contribute to improving the reliability and transparency of the feature. Sincerely,

We built an open-source macOS menu bar app that turns speech into text and pastes it into the active app — using SpeechAnalyzer for on-device transcription, ScreenCaptureKit + Vision for screen-aware context, and FluidAudio for speaker diarization in meeting mode. Here's what we learned shipping it on macOS 26. GitHub: github.com/Marvinngg/ambient-voice Architecture The app has two modes: hotkey dictation (press to talk, release to inject) and meeting recording (continuous transcription with a floating panel). Dictation Mode Audio capture uses AVCaptureSession (more on why below). The captured audio feeds into SpeechAnalyzer via an AsyncStream: let transcriber = SpeechTranscriber( locale: locale, transcriptionOptions: [], reportingOptions: [.volatileResults, .alternativeTranscriptions], attributeOptions: [.audioTimeRange, .transcriptionConfidence] ) let analyzer = SpeechAnalyzer(modules: [transcriber]) let (inputSequence, inputBuilder) = AsyncStream.makeStream() try await analyzer.start(inputSequence: inputSequence) While recording, we capture a screenshot of the focused window using ScreenCaptureKit, run Vision OCR (VNRecognizeTextRequest), extract keywords, and inject them into SpeechAnalyzer as contextual bias: let context = AnalysisContext() context.contextualStrings[.general] = ocrKeywords try await analyzer.setContext(context) This improves accuracy for technical terms and proper nouns visible on screen. If your screen shows "SpeechAnalyzer", saying it out loud is more likely to be transcribed correctly. After transcription, an optional L2 step sends the text through a local LLM (ollama) for spoken-to-written cleanup, then CGEvent simulates Cmd+V to paste into the active app. Meeting Mode Meeting mode forks the same audio stream to two consumers: SpeechAnalyzer — real-time streaming transcription, displayed in a floating NSPanel FluidAudio buffer — accumulates 16kHz Float32 mono samples for batch speaker diarization after recording stops When the user ends the meeting, FluidAudio's performCompleteDiarization() runs on the accumulated audio. We align transcription segments with speaker segments using audioTimeRange overlap matching — each transcription segment gets assigned the speaker ID with the most time overlap. Results export to Markdown. Pitfalls We Hit on macOS 26 1. AVAudioEngine installTap doesn't fire with Bluetooth devices We started with AVAudioEngine.inputNode.installTap() for audio capture. It worked fine with built-in mics but the tap callback never fired with Bluetooth devices (tested with vivo TWS 4 Hi-Fi). Fix: switched to AVCaptureSession. The delegate callback captureOutput(_:didOutput:from:) fires reliably regardless of audio device. The tradeoff is you get CMSampleBuffer instead of AVAudioPCMBuffer, so you need a conversion step. 2. NSEvent addGlobalMonitorForEvents crashes Our global hotkey listener used NSEvent.addGlobalMonitorForEvents. On macOS 26, this crashes with a Bus error inside GlobalObserverHandler — appears to be a Swift actor runtime issue. Fix: switched to CGEventTap. Works reliably, but the callback runs on a CFRunLoop context, which Swift doesn't recognize as MainActor. 3. CGEventTap callbacks aren't on MainActor If your CGEventTap callback touches any @MainActor state, you'll get concurrency violations. The callback runs on whatever thread owns the CFRunLoop. Fix: bridge with DispatchQueue.main.async {} inside the tap callback before touching any MainActor state. 4. CGPreflightScreenCaptureAccess doesn't request permission We used CGPreflightScreenCaptureAccess() as a guard before calling ScreenCaptureKit. If it returned false, we'd bail out. The problem: this function only checks — it never triggers macOS to add your app to the Screen Recording permission list. Chicken-and-egg: you can't get permission because you never ask for it. Fix: call CGRequestScreenCaptureAccess() at app startup. This adds your app to System Settings → Screen Recording. Then let ScreenCaptureKit calls proceed without the preflight guard — SCShareableContent will also trigger the permission prompt on first use. 5. Ad-hoc signing breaks TCC permissions on every rebuild During development, codesign --sign - (ad-hoc) generates a different code directory hash on every build. macOS TCC tracks permissions by this hash, so every rebuild = new app identity = all permissions reset. Fix: sign with a stable certificate. If you have an Apple Development certificate, use that. The TeamIdentifier stays constant across rebuilds, so TCC permissions persist. We also discovered that launching via open WE.app (LaunchServices) instead of directly executing the binary is required — otherwise macOS attributes TCC permissions to Terminal, not your app. Benchmarks We ran end-to-end benchmarks on public datasets (Mac Mini M4 16GB, macOS 26): Transcription (SpeechAnalyzer, AliMeeting Chinese): • Near-field CER 34% (excluding outliers ~25%) • Far-field CER 40% (single channel, no beamforming, >30% overlap) • Processing speed 74-89x real-time Speaker diarization (FluidAudio offline): • AMI English 16 meetings: avg DER 23.2% (collar=0.25s, ignoreOverlap=True) • AliMeeting Chinese 8 meetings: DER 48.5% (including overlap regions) • Memory: RSS ~500MB, peak 730-930MB Full evaluation methodology, scripts, and raw results are in the repo. Open Source The project is MIT licensed: github.com/Marvinngg/ambient-voice It includes the macOS client (Swift 6.2, SPM), server-side distillation/training scripts (Python), and a complete evaluation framework with reproducible benchmarks. Feedback and contributions welcome.

We built an open-source macOS menu bar app that turns speech into text and pastes it into the active app — using SpeechAnalyzer for on-device transcription, ScreenCaptureKit + Vision for screen-aware context, and FluidAudio for speaker diarization in meeting mode. Here's what we learned shipping it on macOS 26. GitHub: github.com/Marvinngg/ambient-voice Architecture The app has two modes: hotkey dictation (press to talk, release to inject) and meeting recording (continuous transcription with a floating panel). Dictation Mode Audio capture uses AVCaptureSession (more on why below). The captured audio feeds into SpeechAnalyzer via an AsyncStream: let transcriber = SpeechTranscriber( locale: locale, transcriptionOptions: [], reportingOptions: [.volatileResults, .alternativeTranscriptions], attributeOptions: [.audioTimeRange, .transcriptionConfidence] ) let analyzer = SpeechAnalyzer(modules: [transcriber]) let (inputSequence, inputBuilder) = AsyncStream.makeStream() try await analyzer.start(inputSequence: inputSequence) While recording, we capture a screenshot of the focused window using ScreenCaptureKit, run Vision OCR (VNRecognizeTextRequest), extract keywords, and inject them into SpeechAnalyzer as contextual bias: let context = AnalysisContext() context.contextualStrings[.general] = ocrKeywords try await analyzer.setContext(context) This improves accuracy for technical terms and proper nouns visible on screen. If your screen shows "SpeechAnalyzer", saying it out loud is more likely to be transcribed correctly. After transcription, an optional L2 step sends the text through a local LLM (ollama) for spoken-to-written cleanup, then CGEvent simulates Cmd+V to paste into the active app. Meeting Mode Meeting mode forks the same audio stream to two consumers: SpeechAnalyzer — real-time streaming transcription, displayed in a floating NSPanel FluidAudio buffer — accumulates 16kHz Float32 mono samples for batch speaker diarization after recording stops When the user ends the meeting, FluidAudio's performCompleteDiarization() runs on the accumulated audio. We align transcription segments with speaker segments using audioTimeRange overlap matching — each transcription segment gets assigned the speaker ID with the most time overlap. Results export to Markdown. Pitfalls We Hit on macOS 26 1. AVAudioEngine installTap doesn't fire with Bluetooth devices We started with AVAudioEngine.inputNode.installTap() for audio capture. It worked fine with built-in mics but the tap callback never fired with Bluetooth devices (tested with vivo TWS 4 Hi-Fi). Fix: switched to AVCaptureSession. The delegate callback captureOutput(_:didOutput:from:) fires reliably regardless of audio device. The tradeoff is you get CMSampleBuffer instead of AVAudioPCMBuffer, so you need a conversion step. 2. NSEvent addGlobalMonitorForEvents crashes Our global hotkey listener used NSEvent.addGlobalMonitorForEvents. On macOS 26, this crashes with a Bus error inside GlobalObserverHandler — appears to be a Swift actor runtime issue. Fix: switched to CGEventTap. Works reliably, but the callback runs on a CFRunLoop context, which Swift doesn't recognize as MainActor. 3. CGEventTap callbacks aren't on MainActor If your CGEventTap callback touches any @MainActor state, you'll get concurrency violations. The callback runs on whatever thread owns the CFRunLoop. Fix: bridge with DispatchQueue.main.async {} inside the tap callback before touching any MainActor state. 4. CGPreflightScreenCaptureAccess doesn't request permission We used CGPreflightScreenCaptureAccess() as a guard before calling ScreenCaptureKit. If it returned false, we'd bail out. The problem: this function only checks — it never triggers macOS to add your app to the Screen Recording permission list. Chicken-and-egg: you can't get permission because you never ask for it. Fix: call CGRequestScreenCaptureAccess() at app startup. This adds your app to System Settings → Screen Recording. Then let ScreenCaptureKit calls proceed without the preflight guard — SCShareableContent will also trigger the permission prompt on first use. 5. Ad-hoc signing breaks TCC permissions on every rebuild During development, codesign --sign - (ad-hoc) generates a different code directory hash on every build. macOS TCC tracks permissions by this hash, so every rebuild = new app identity = all permissions reset. Fix: sign with a stable certificate. If you have an Apple Development certificate, use that. The TeamIdentifier stays constant across rebuilds, so TCC permissions persist. We also discovered that launching via open WE.app (LaunchServices) instead of directly executing the binary is required — otherwise macOS attributes TCC permissions to Terminal, not your app. Benchmarks We ran end-to-end benchmarks on public datasets (Mac Mini M4 16GB, macOS 26): Transcription (SpeechAnalyzer, AliMeeting Chinese): • Near-field CER 34% (excluding outliers ~25%) • Far-field CER 40% (single channel, no beamforming, >30% overlap) • Processing speed 74-89x real-time Speaker diarization (FluidAudio offline): • AMI English 16 meetings: avg DER 23.2% (collar=0.25s, ignoreOverlap=True) • AliMeeting Chinese 8 meetings: DER 48.5% (including overlap regions) • Memory: RSS ~500MB, peak 730-930MB Full evaluation methodology, scripts, and raw results are in the repo. Open Source The project is MIT licensed: github.com/Marvinngg/ambient-voice It includes the macOS client (Swift 6.2, SPM), server-side distillation/training scripts (Python), and a complete evaluation framework with reproducible benchmarks. Feedback and contributions welcome.

This is a generic, non-developer related macOS issue, but reporting here as well so it has more visibility since. It is an embarrassing bug that has not been fixed since the earliest versions of macOS Tahoe. Issue description: When Dock Magnification is enabled, the Dock Folder abruptly jumps approx. 10-15pixels down as the user moves the cursor after a brief pause). Video about the issue (see the last second of the small video and observe the entire grid popup jump abruptly): https://forums.macrumors.com/threads/macos-tahoe-26-4-release-candidate-now-available.2479503/post-34494643 Related FB: FB20761846 (opened in October, 2025) The issue is easily reproducible and confirmed by many. The lack of this issue being fixed for so long is indicative in the eyes of many of the lack of attention to details in macOS Tahoe's Glass interface.

On macOS 26, how do you support the Preferred Text Size value as defined in the Accessibility Settings? Historically, "Dynamic Type" has not been available on macOS. However, the user has some control over text size through the Accessibility Settings. On macOS 26, a small subset of applications are honouring changes to that value include Finder, Mail, and sidebars in many applications. Dynamic sizing in table views has been available on macOS for awhile. But Mail.app, in particular, is also adjusting the font sizes used in the message's body pane while the Finder is adjusting font sizes used for Desktop icons. I can't find an NSNotification that is fired when the user adjusts the Accessibility Text Size slider, nor can I find an API to read the current value. NSFont.preferredFont(forTextStyle:options:) looks promising but the fonts returned do not appear to take the user's Accessibility setting into account. (Nor do they update dynamically.) SwiftUI's Text("Apple").font(.body) performs similarly to NSFont in that it does respect the style, but it does not honour dynamic sizing. NSFontDescriptor has a bunch of interesting methods, but none that seem to apply to Accessibility Text Size. Given an AppKit label: let label = NSTextField(labelWithString: "AppKit") label.font = NSFont.preferredFont(forTextStyle: .body) Or a SwiftUI label: Text("SwiftUI").font(.body) How do I make either of them responsive to the user's Text Size setting under Accessibility? Note this is on macOS 26 / Xcode 26. I realize there have been some previous forum posts related to this issue but hoping that things might have improved since then.

I have an app for iOS already on the AppStore and I'm trying to add a macOS version of it. The AppID prefix for this app is different than my Team ID. This mismatch was always fine for submitting my iOS app. However for some reason, the macOS version gets rejected when I upload it. It tells me the AppID prefix must match my Team ID. I do not control my TeamID and I do not control my AppID prefix, they are both given to me by Apple. Yet the error message tells me they must match. How do I get past this? Here is the error message: Validation failed Invalid code signing entitlements. Your application bundle's signature contains code signing entitlements that aren't supported on macOS. Specifically, the "APPID_PREFIX.MY_BUNDLE_ID" value for the com.apple.application-identifier key in "MY_PACKAGE" isn't supported. This value should be a string that starts with your Team ID, followed by a dot ('"), followed by the bundle ID. (ID: 930b77ae-099f-4798-a14a-2803f2a9be9e) Thanks in advance for any pointer.

Device Details: MBP M2 Pro AND MBP M3 Pro macOS 26.3 (25D125) Xcode Version 26.3, 26.2, 26.1 (I reinstalled all 3 of these after the macOS update) BUG: Xcode hangs indefinitely when performing Source Control operations (Pull or Push) on a Git repository that uses SSH authentication. The same repository works correctly when performing the equivalent Git operations from the Terminal using the Git CLI. The issue appears to be specific to Xcode’s internal Source Control integration. When the operation is triggered from Xcode, the UI shows a spinning progress indicator and never completes. Terminal Git commands (git fetch, git pull, git push) complete normally using the same SSH key and repository. A hang sample taken during the issue shows the Xcode main thread blocked in Source Control authentication and fingerprint handling code paths, including: IDESourceControlUIHandler IDESourceControlFingerprintManager handleAuthenticationFailure showFingerprintAlertOnWindow This suggests Xcode may be waiting on a Source Control authentication or host fingerprint UI flow that never resolves. SSH connectivity itself is functioning correctly: ssh -T git@bitbucket.org and ssh -T git@github.com both authenticate successfully. git ls-remote, git fetch, git pull, and git push all work correctly from Terminal. No Source Control accounts are configured in Xcode Preferences. Authentication relies entirely on SSH keys. Steps to Reproduce Configure an SSH key for Git access (e.g., Bitbucket or GitHub) and confirm it works via Terminal. Clone or open an existing Git repository that uses SSH (git@host:repo.git). Open the project/workspace in Xcode. In Xcode, attempt a Source Control operation such as: Source Control → Pull Source Control → Push Observe that Xcode displays a spinning progress indicator and does not complete the operation. Logs available on this Feedback Assist ID: FB22146913

I am developing a macOS system service (standalone binary running as a LaunchDaemon) that requires the ability to sign data using a private key which will be deployed via MDM. The Setup: Deployment: A .mobileconfig pushes a PKCS12 identity to the System Keychain. Security Requirement: For compliance and security reasons, we cannot set AllowAllAppsAccess to <true/>. The key must remain restricted. The Goal: I need to use the private key from the identity to be able to sign the data The Problem: The Certificate Payload does not support a TrustedApplications or AccessControl array to pre-authorize binary paths. As a result, when the process tries to use the private key for signing (SecKeyCreateSignature), it prompts the user to allow this operation which creates a disruption and is not desired. What i've tried so far: Manually adding my process to the key's ACL in keychain access obviously works and prevents any prompts but this is not an "automatable" solution. Using security tool in a script to attempt to modify the ACL in an automated way, but that also asks user for password and is not seamless. The Question: Is there a documented, MDM-compatible way to inject a specific binary path into the ACL of a private key? If not, is there a better way to achieve the end goal?

Given that we can't use isEligibleForAgeFeatures property on macOS, the documentation states that In macOS, isEligibleForAgeFeatures returns false because the system doesn’t require Age Assurance for the person or device. However, you can still call requestAgeRange in macOS to get the declared age range. But in unsuitable region the requestAgeRange request always returns DeclaredAgeRange.AgeRangeService.Error.notAvailable which is vague, as it might stand for API being unavailable just as well as "You receive this error when the system prompts a person and they decide not to share their age range with your app. ", as per documentation. Unfortunately, this error fires immediately instead of showing any kind of prompt for user, so the description is definitely wrong (or incomplete) in here. Possible solutions: expand Error cases to separate not available API and not available response expand isEligibleForAgeFeatures to properly support macOS Moreover, unlike iOS, there is still no usable tool or algorithm to test given feature for macOS (mock region, mock age, mock source of approval, revoke declared range, etc). Now I get a review with rejection, stating that I don't have age verification mechanisms present in my app. Also I found out that after filling the App Information regarding Age Ratings it spreads to all fresh releases, so even though my newest macOS release doesn't contain age verification mechanisms yet, it should, as iOS release has got this functionality up and running already and I had to check this when filling Age Ratings questionnaire. Now I'm stuck between removing this capability from App Information, so the macOS release can pass and stalling macOS releases until there is a proper usable API to implement Declared Age Range verification properly (at least the same way as on iOS). How should I properly develop and test this feature for macOS before releasing it publicly?

In the attached screenshot, we have an NSSplitViewController with three split view items. The first two are viewController split view items, while the third is an inspector split view item. The NSWindow is configured for full screen content so that the inspector split view items is full height itself. However, when we enable full height content view, AppKit is automatically adding a tracking separator into the toolbar when we don't want one. (Neither of the two split views are sidebars.) This tracking separator is out of place, cannot be dragged itself, and is drawn under the center aligned segmented control. We've tried a multitude of permutations to configure the NSWindow, NSToolbar and NSSplitViewItem but to no avail. Surely we're just missing the magic combo but a lot of the properties appear to be no-ops in macOS 26. How do we use an NSSplitViewController, in a full screen content window, such that we get a full height inspector but we don't get tracking separators for the main split view divider?

We have a macOS system extension with NETransparentProxyProvider which is able to intercept traffic and handle it. We also wanted to setup few search domains from our network extension. However, unlike PacketTunnelProvider, NEDNSSettings are completely ignored with NETransparentProxyProvider. So whats the best way to setup few DNS search domains when using NETransparentProxyProvider.

Hi, I'm posting a boot crash here. Environment Hardware: Macbook M5 Pro OS Version: macOS 26.3.1 (25D2128) and matching version of KDK from official apple download page Kernel Version: Darwin Kernel Version 25.3.0 Reproducibility: Consistent Here is my panic log --- I truncated one field "SOCDNandContainer" as the original log is too long to post, hitting the size limit. I followed a blog post to boot the development kernel as the ReadMe file from KDK only contains instructions for Intel Macs. https://jaitechwriteups.blogspot.com/2025/10/boot-custom-macos-kernel-on-macos-apple.html I've tried a few 26.2 KDKs before 26.3.1 public launch, and they all showed same errors (26.1 and 26.0 KDKs don't have any development kernel for T8142 chip). Also, I own two fresh M5 Pro, and it is consistent across the machines. The highlight is panic(cpu 8 caller 0xfffffe0050e18010): [Exclaves] $JgOSLogServerComponent.RedactedLogServer.init(logServerNotific:OSLogServerComponent\/OSLogServerComponent_Swift.swift:815: Fatal error: invalid rawValue for TightbeamComponents.RedactedLogSer at PC ... Is this a genuine bug or am I following a wrong guide to boot the development kernel? I don't think the blog is wrong because I'm able to boot the "release" kernel included in the KDK on the same M5 Pro, and the "development" kernel on M4 Mac Mini, using the same routine. Just to be clear, I'm not compiling XNU myself, but am using the ones included in the kit.