Hi all, I'm developing a sandboxed Mac OS app that generates and compiles AppleScript files to automate tasks in Pages (and other iWork apps). The app creates an AppleScript file and writes it to the NSApplicationScriptsDirectory (i.e., ~/Library/Application Scripts/com.example.app), then compiles and executes it via NSUserAppleScriptTask. On Mac OS Ventura, however, I get the following error in the console when trying to write the file: [PagesModifier] Error creating or compiling the script: You are not allowed to save the file "PagesModifier_...applescript" in the folder "com.example.app" Here are my current entitlements: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>com.apple.security.app-sandbox</key> <true/> <key>com.apple.security.application-groups</key> <array/> <key>com.apple.security.automation.apple-events</key> <array> <string>com.apple.iWork.Pages</string> <string>com.apple.iWork.Numbers</string> <string>com.apple.iWork.Keynote</string> </array> <key>com.apple.security.files.user-selected.read-write</key> <true/> <key>com.apple.security.scripting-targets</key> <dict> <key>com.apple.iWork.Keynote</key> <array> <string>com.apple.iWork.Keynote</string> </array> <key>com.apple.iWork.Numbers</key> <array> <string>com.apple.iWork.Numbers</string> </array> <key>com.apple.iWork.Pages</key> <array> <string>com.apple.iWork.Pages</string> </array> </dict> <key>com.apple.security.temporary-exception.apple-events</key> <array> <string>com.apple.iWork.Pages</string> <string>com.apple.iWork.Numbers</string> <string>com.apple.iWork.Keynote</string> </array> <key>com.apple.security.temporary-exception.files.home-relative-path.read-write</key> <array> <string>Library/Application Scripts/com.example.app</string> </array> </dict> </plist> I suspect the issue might be due to sandbox restrictions on dynamically creating or modifying the Application Scripts directory on Ventura. Has anyone experienced something similar or have any suggestions on how to work around this? Thanks in advance for your help!

Issue - Safari application not fetched from system_profile command Use case - We are trying to get list of installed applications in the mac. For this we use System_profiler command to fetch the details list. It is working good, but the thing is , It doesnt fetch Safari app as an installed Application. Command used - **/usr/sbin/system_profiler SPApplicationsDataType** Can anyone suggest any other way to fetch the installed applications list from the mac , which includes all the apps (including safari app) and remains effective ?

Instead of a .sdef file (or older formats) made in advance and stored in an app’s bundle, I wonder if the script dictionary can be set soon after the app opens? I seen related API, with a note that the scripting file reader ultimately calls that API. I grok about 90% of that API, but I’m not sure it’s possible.

I updated my computer to Sonoma, and now my LaunchDaemon will not load. I have the following setup : File in /Library/LaunchDaemons/com.startup.plist like this : <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>com.startup</string> <key>ProgramArguments</key> <array> <string>/usr/local/bin/bash</string> <string>/Library/Scripts/Startup/startup.sh</string> </array> <key>RunAtLoad</key> <true/> <key>StandardErrorPath</key> <string>/tmp/com.startup.stderr</string> <key>StandardOutPath</key> <string>/tmp/com.startup.stdout</string> </dict> </plist> File in File in /Library/Scripts/Startup/startup.sh #!/bin/zsh PATH=/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Users:/Users/root:/Users/root/Scripts:/Library/Scripts:/Library/Scripts/Startup #Load modules for Fuse /Library/Filesystems/macfuse.fs/Contents/Resources/load_macfuse /usr/sbin/sysctl -w vfs.generic.macfuse.tunables.allow_other=1 #Connect to XXXXXX_net /bin/sleep 28 myip=0 while [ $myip = 0 ] do /bin/sleep 3 myip=$(ifconfig -l | xargs -n1 ipconfig getifaddr) done /usr/local/bin/sshfs XXXX@XXXXXX.net: /Volumes/XXXXXX.net -o local,auto_cache,reconnect,ServerAliveInterval=15,ServerAliveCountMax=3,ConnectTimeout=5,daemon_timeout=60,iosize=2097152,volname=XXXXXX.net,allow_other,defer_permissions,async_read,Ciphers=aes128-gcm@openssh.com,Cipher=aes128-gcm@openssh.com,compression=no And then we need some commands to be run as root user during boot : /private/etc/sudoers.d/startup-script-nopasswd username ALL = (root) NOPASSWD: /usr/sbin/sysctl username ALL = (root) NOPASSWD: /usr/local/bin/sshfs As of now, I cant even get the /Library/LaunchDaemons/com.startup.plist to run after i updated the macOS to Sonoma ….

I’ve developed an automation and shortcut using the iPhone Shortcuts app in IOS 18, something that hasn’t been done before. With support from Apple’s customer service, I was encouraged to bring this idea to life. The automation’s purpose is to open a specified iOS app, move it to the background, and use a txt database in Folders to ensure uninterrupted data flow and continuous connectivity—especially useful for health apps where wearable devices need consistent, uninterrupted operation and monitoring (e.g., doctor tracking or wearable device connectivity). I would like to share the Automation and the Shortcut with the community.

I would like to create a MailKit extension that will allow me to manage my existing messages. I would like to move them around form folder to folder and reqad and update their headers to store some metadata that will be used by the extension. Looking at the documentation for MailKit suggests that I can only implement 4 types of handlers (content blocker, action handler, compose handler and security handler). I can’t see anything in the docs about being able to get a list of messages in the inbox and manipulate them. Am I missing something? I’d love to hear from someone who knows more about this topic before I get into a dead-end rabbit hole. cheers, -tomek

I want to use the Shortcuts app on macOS Monterey to modify M4A/AAC audio file metadata for files that I have ripped from CD to my local Music app library. How can I use a regular expression on track titles to replace text that matches a certain regex pattern? I have already written the regex, I just need help with the Shortcuts app. I've started my shortcut with a "Find Music" action connected to a "Repeat with Each" loop action. Within the loop, I use a "Get Details of Music" action to get the title, which is passed to a "Replace Text" action using my regex. I just don't know how to write the correct new title into the music file's title/name metadata field. I tried a "Rename File" action with type "iTunes media" to try to set the "Title" field, but the field wasn't updated either in the Music app or in the M4A/AAC file itself. I couldn't find any other actions that seemed like they might be able to modify the field. I'd prefer a solution that goes through the Music app / its APIs, rather than directly modifying the M4A on the file system, because the latter would force me to have the Music app scan for changed files after the files we're modified.

When making a custom System Settings panel, I want the project to automatically move the prefpane file to /Library/PreferencePanes/. With Run Script, the build fails because of denial to perform the operation. Sudo doesn't help, too. PREFPANE_SRC="${BUILT_PRODUCTS_DIR}/App.prefPane" PREFPANE_DST="$HOME/Library/PreferencePanes/" echo "PrefPane source path: $PREFPANE_SRC" echo "PrefPane destination path: $PREFPANE_DST" if [ -d "$PREFPANE_SRC" ]; then echo "Installing preference pane to ${PREFPANE_DST}" cp -R "${PREFPANE_SRC}" "${PREFPANE_DST}" else echo "Preference pane not found: ${PREFPANE_SRC}" exit 1 fi

Hi, My company has an app that is communicating with local servers with self signed certificates, meaning in order to allow the app to have connection in the testing environment I had to add a few domains in NSExceptionDomains in App Transport Security Settings section of the Info.plist. The problem is, our Cyber department is not allowing us to upload the app with these domain in the app fearing a data leak. I had a Build Phase script using PlistBuddy that deleted those settings when archiving in Release but that no longer works as Apple recommended to set ”Generate Info.plist file” to true as a best practice. I tried to read about it and found out that info.plist is now generated after the build phases step so modifying it is impossible because it doesn’t exist yet in the $TARGET_BUILD_DIR when the script is running. Other than deleting it manually before each upload which is highly prone to mistakes, I need something like a script or some other automatic solution. Does Anyone have any suggestions to help me with this? Thanks

我创建了一个macos 应用，应用开启了沙盒功能，我有一个shll脚本和一个嵌入的可执行命令行工具位于/Users/Library/Containers/com.***/Data/Library/Application Support/***/下面，用于拷贝工作，我发现我并不能执行成功，总是被拒绝，有人知道原因吗，

I just updated to Sonoma on a Mac Mini that runs all my ad-hoc DIY home automations, and I have a bunch of custom self-made tools for triggering automations based in part on the state of reminders in the Reminders app. All of that stopped working immediately after the update. It took me a day to update my code for the new location of the sqlite reminders files and I made the changes to get my scripts working again, however one remaining problem is that I run an fswatch from node-red to monitor the database for changes to trigger my automations. Eventually, with help from stack and perlmonks, I found out that even though the permissions on the full path (via my home directory/Library) to the files is r*x to me and the node-red executable is running as me, I get an Operation not permitted error when I just try lsing the directories leading to the sqlite files. I read elsewhere that this sort of problem can be solved by granting full disk access to the executables(/processes) that are getting the Operation not permitted errors. However, I tried this, yet I still get the same error. Do I need to reboot? Is there some sort of documentation for casual users like myself that just code for themselves that can answer questions like this? The more aggressive Apple gets with security, the safer users are, but the more headaches and bewilderment it causes people like me.

Some of the errors like ".framework contains disallowed nested bundles" we find out at later stage when uploading builds to TestFlight. It will be great if we can have similar script that apple uses or some custom script to verify it during the build time. So before I reinvent the wheel is there any script I can use at build time to detect this issue?

I haven’t figured out a way to have my phone automatically restart between the hours of midnight and 6am when the battery reaches 100%. Is there a way to do this?

HI! I am developing an application that should utilize ScriptingBridge.framework to interact with another process. Firstly, I created a separate test application for which I have added Apple Events entitlements via "Signing & Capabilities" section in Xcode and updated its Info.plist to have "Privacy - AppleEvents Sending Usage Description". While the test app works fine (I see an automation request popup and the process executes as expected) the main application where I want to integrate this functionality gets closed immediately after reaching the code interacting with Scripting Bridge. On its launch, I see the following error message from tccd in Console: Prompting policy for hardened runtime; service: kTCCServiceAppleEvents requires entitlement com.apple.security.automation.apple-events but it is missing for accessing={TCCDProcess: identifier=<app bundleID>, ..., binary_path=<path to the app's binary>} I had no such issues with the test app. Moreover, I should mention that the bundle I want to have with such functionality is stored in another bundle, both main and inner bundles aren't sandboxed, and the target app has Application is agent (UIElement) key set in Info.plist. Can you suggest any ideas as to why processes behave so differently despite having pretty much the same build configurations?

Hello iOS Developer Community, I hope this message finds you healthy and happy. I am reaching out to seek your expertise and assistance with a particular challenge I’ve encountered while using the Speak Screen and Speak Selection features on iOS. As you may know, these features are incredibly useful for reading text aloud, but they sometimes struggle with the correct pronunciation of homographs—words that are spelled the same but have different meanings and pronunciations. An example of this is the word “live,” which can be pronounced differently based on the context of the sentence. To enhance my user experience, I am looking to input corrections for the pronunciation of “live” in its “happening now” context, such as in “live broadcast” or “live event.” However, the current process requires manual entry for each phrase, which is quite labor-intensive. I am wondering if there is a way to automate or streamline this process, perhaps through a shortcut or script that allows for bulk input of these corrections. Additionally, if anyone has already compiled a list of common phrases with homographs and their correct pronunciations, I would greatly appreciate it if you could share it or guide me on where to find such resources. Your insights and guidance on this matter would be invaluable, and I believe any solutions could benefit not just myself but many other users facing similar issues. Thank you for your time and consideration. I look forward to any suggestions or advice you may have. Best regards, Alec