Is it possible to use the Matter.xcframework without the MatterSupport extension for onboarding a Matter device to our own ecosystem(own OTBR and matter controller) for an official App Store release? Currently, we can achieve this in developer mode by adding the Bluetooth Central Matter Client Developer mode profile (as outlined here https://github.com/project-chip/connectedhomeip/blob/master/docs/guides/darwin.md). For an official release, what entitlements or capabilities do we need to request approval from Apple to replace the Bluetooth Central Matter Client Developer mode profile? Thank you for your assistance.

My iOS app uses the Matter framework to commission devices over Wi-Fi (not Thread). With the Matter Client Developer Profile installed, commissioning works perfectly. However, in TestFlight builds without the profile, commissioning fails, even though the app includes the Matter Allow Setup Payload capability and the following in Info.plist: <key>NSBonjourServices</key> <array> <string>_matter._tcp</string> <string>_matterc._udp</string> <string>_matterd._udp</string> </array> How can I enable Matter device commissioning using the Matter framework in production/TestFlight builds without the Matter Client Developer Profile? Please provide guidance or specific configurations needed for production environments

After updating to macOS 15.6, the system process storeuid (located at /System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storeuid.app/Contents/MacOS/storeuid) is incorrectly being detected as a frontmost window with GUI elements, despite being a background system process without a user interface. Product Information Product: macOS Version: 15.6 Build Number: [Please add your build number - you can find this in Apple Menu > About This Mac] Description of the Issue The storeuid process, which is part of the CommerceKit framework and handles App Store-related functionality, is now being reported by the Core Graphics Window Server as having windows in the normal window layer (layer 0). This is causing issues for: Window management applications that enumerate visible windows Scripts using CGWindowListCopyWindowInfo that filter for on-screen windows Applications that manage window focus and visibility Previously, this process operated entirely in the background without registering as having GUI windows. This change appears to be a regression introduced in macOS 15.6. Steps to Reproduce Update to macOS 15.6 Use Core Graphics APIs to enumerate windows: import Quartz window_list = Quartz.CGWindowListCopyWindowInfo( Quartz.kCGWindowListOptionOnScreenOnly | Quartz.kCGWindowListExcludeDesktopElements, Quartz.kCGNullWindowID ) Filter for windows with kCGWindowLayer == 0 and kCGWindowOwnerName != "Window Server" Observe that storeuid appears in the results despite having no visible interface Expected Behavior The storeuid process should not appear in window enumeration results for visible windows, as it is a background system service without a user interface. Actual Behavior The storeuid process appears as if it has visible windows, causing it to be included in window management operations and potentially interfering with applications that manage window visibility and focus.

After using the iOS 26 for a couple of weeks I’ve seen that the phone’s battery life is reduced and also I’ve seen the phone is lagging more gets heated a lot more often.

Here's the problem I'm trying to solve: Create an iOS app which can scan the Downloads folder (where airdropped audio files arrive), identify audio media files, and play them, retaining some of its own metadata about them (basically, create textual notes mapped to timestamps and store that information in the apps own storage). I am not able to access that folder. I am able to get a path from NSSearchPathForDirectoriesInDomains(FileManager.SearchPathDirectory.downloadsDirectory, FileManager.SearchPathDomainMask(arrayLiteral: FileManager.SearchPathDomainMask.userDomainMask), true) or a URL from NSSearchPathForDirectoriesInDomains(FileManager.SearchPathDirectory.downloadsDirectory, FileManager.SearchPathDomainMask(arrayLiteral: FileManager.SearchPathDomainMask.userDomainMask), true) but let fileUrls = try fileManager.contentsOfDirectory(at:downloads, includingPropertiesForKeys: []) fails with an error that the folder does not actually exist, with or without a call to downloadsUrl.startAccessingSecurityScopedResource(). Determining whether this is a permissions issue, or if I'm getting a URL to an application-container local folder that has nothing to do with the one I am looking for is compounded by the fact that if I set the build setting Enable App Sandbox, then deployment to my phone fails with Failed to verify code signature. I have spent hours trying every possible combination of certificates and deployment profiles, and ensured that every possibly relevant certificate is trusted on my phone. Disable app-sandbox and it deploys fine, either with automatic signing or an explicit cert and profile. I have an entitlements file with the following - though, without the ability to enable app sandbox and run it on a phone with actual contents in the downloads folder, it is probably not affecting anything: &lt;key&gt;com.apple.security.files.downloads.read-only&lt;/key&gt; &lt;true/&gt; &lt;key&gt;com.apple.security.files.user-selected.read-only&lt;/key&gt; &lt;true/&gt; &lt;key&gt;com.apple.security.app-sandbox&lt;/key&gt; &lt;true/&gt; So, questions: Should the URL returned by the above call be the Downloads/ folder airdropped to in the first place? Or is it a URL to some app-local folder that does not exist? Does the entitlement com.apple.security.files.downloads.read-only even allow an app to list all files in the downloads directory (presumably asking the user's permission the first time), or does the permission only get requested when using a picker dialog? (the point here is to find any new audio files without making the user jump through hoops) If I could get it deployed with app-sandbox enabled, would the above code work? Backstory: I'm a software engineer, audio plugin author, Logic Pro user and musician. My workflow (and probably many other Logic user's) for work-in-progress music is to airdrop a mix to my phone, listen to it in a variety of places, make notes about what to change, edit - rinse and repeat. For years I used VLC for iOS to keep and play these in-progress mixes - you could airdrop and select VLC as the destination (yes, Logic can add to your Apple Music library, but trust me, you do not want 20 revisions of the same song cluttering your music library and sync'd to all your devices). Last year, the behavior of Airdrop changed so that the target app for audio is always Files, period, wrecking that workflow. While I eventually discovered that, with an elaborate and non-obvious dance of steps, it is possible to copy files into VLC's folders, and make them available that way, it is inconvenient, to say the least - and VLC is less than fabulous anyway - it would be nice to have an app that could associate to-do notes with specific timestamps in a tune, A/B compare sections between old and new versions and things like that. So, figuring sooner or later I was going to get into a car accident futzing with the Files app to listen to mixes while driving, perhaps I should write that app. But the ability to do that at all relies on the ability of an app to list and access the Downloads folder airdropped audio files land in (assuming the user has given permission to access it, but that should be needed once).

Hello, We are using NearbyInteraction to get the distance between an iPhone and Apple Watch. Overall it works pretty well, but we are noticing that it sometimes produces duplicate (or near duplicate) timestamps. Here is an example of the data produced (time is in seconds since scan start): 0: 1.882862 1: 1.88296 2: 1.981459 3: 1.981495 4: 2.080235 5: 2.080397 As you can see there's a pattern where two updates have very similar timestamps. This seems to only happen when using 2 U2 chips together. Is this an expected behavior? If so, why? The timestamps are calculated using: let bootTimeInterval = bootTime() func bootTime() -> TimeInterval { let uptime = ProcessInfo.processInfo.systemUptime let nowTimeIntervalSince1970 = Date().timeIntervalSince1970 return nowTimeIntervalSince1970 - uptime } // Then later on each NISession update... let timestamp = bootTimeInterval + ProcessInfo.processInfo.systemUptime The app produces unix timestamps but I have converted them to be relative to the start of the scan to be easier to read. Note that bootTimeInterval is calculated once at the start of the app, so all timestamps produced on a UWB update should be using the same clock. Things I've confirmed: The NISession is only able to connect to one device, so it is not coming from a different device. Any feedback is appreciated, thank you.

I am writing a file provider extension for Finder. I have things working to some extent and I want to add context menu which will 1/ Open an HTTP URL based on the item selected. However, this is not allowed in the code as there is no context for it to open the URL 2/ Documentation (sparse) online talks about the FileProvider UI Extension but that does not seem to be a target 3/ If I use the FinderSyncExtension, it seems it is not fully reliable with the NSReplicatedFileProviderExtenion, as that extension takes precedence and the FinderSyncExtension is not enabled. My question, what is the best way for the FileProviderExtension to do some UI work? like open a URL, show alert messages etc?

I have FileProvider based MacOS application, where user is trying to copy the folder having mix of small and large files. Large files are having size ~ 1.5 GB from FileProvider based drive to locally on Desktop. Since the folder was on cloud and not downloaded the copy action triggered the download. Small files were downloaded successfully however during large file download the URLSession timed out. We are using default timeout for URLSession which is 1 min. I tried to capture logs Console.app where i found FileProvider daemon errors. PFA Solutions tried so far: Increased timeout for URLSession from 5 to 10 mins - configuration.timeoutIntervalForRequest Set timeout for resource - configuration.timeoutIntervalForResource It happens when we have low network bandwidth. Network connectivity is there but the bandwidth is low. Any clue by looking at these errors?

I used the following commands to create two sparsebundles, with the only difference being that one is 100GB and the other is 200GB. hdiutil create -size 100g -fs APFS -volname test1 -type SPARSEBUNDLE -encryption test1.sparsebundle hdiutil create -size 200g -fs APFS -volname test2 -type SPARSEBUNDLE -encryption test2.sparsebundle Then, I created a 5GB random file in each of their mounted volumes: dd if=/dev/urandom of=/Volumes/test1/random_5gb_file bs=1m count=5120 dd if=/dev/urandom of=/Volumes/test2/random_5gb_file bs=1m count=5120 Afterward, I deleted them: rm /Volumes/test1/random_5gb_file rm /Volumes/test2/random_5gb_file Then, after waiting a while, I unmounted and remounted them. I noticed that the 100GB test1.sparsebundle automatically reclaimed the space, while the 200GB test2.sparsebundle still retained 5.4GB of usage. Later, I used: hdiutil compact test2.sparsebundle But no space was reclaimed. Now, I want to know what the difference is between the 100GB and 200GB sparsebundles, and how I can reclaim the space in the 200GB test2.sparsebundle.

I recently upgraded a line of code in my Endpoint-Security client, to remove a deprecation warning: for (NSString *mutePath in ignoredBinaryPaths) { //(old) res = es_mute_path_literal(self.esClient, [mutePath UTF8String]); res = es_mute_path(self.esClient, [mutePath UTF8String], ES_MUTE_PATH_TYPE_TARGET_LITERAL); if (res!=ES_RETURN_SUCCESS) os_log_error(setupLog, "Failed to white-list binary:%{public}@ error:%{errno}d", mutePath, errno); } However, after this change, I started receiving tons of ES event messages, for AUTH_OPEN and AUTH_CREATE and many others, from processes/executables I explicitly and successfully muted! Since ES is so performance sensitive - I got worried. Inspecting better the new API I found incoherent documentation and even misleading and contradicting definitions. But the ES headers say differently!!! /** * @brief Suppress all events matching a path. * * @param client The es_client_t for which the path will be muted. * @param path The path to mute. * @param type Describes the type of the `path` parameter. * * @return es_return_t A value indicating whether or not the path was successfully muted. * * @note Path-based muting applies to the real and potentially firmlinked path * of a file as seen by VFS, and as available from fcntl(2) F_GETPATH. * No special provisions are made for files with multiple ("hard") links, * or for symbolic links. * In particular, when using inverted target path muting to monitor a * particular path for writing, you will need to check if the file(s) of * interest are also reachable via additional hard links outside of the * paths you are observing. * * @see es_mute_path_events * @discussion When using the path types ES_MUTE_PATH_TYPE_TARGET_PREFIX and ES_MUTE_PATH_TYPE_TARGET_LITERAL Not all events are * supported. Furthermore the interpretation of target path is contextual. For events with more than one target path (such as * exchangedata) the behavior depends on the mute inversion state Under normal muting the event is suppressed only if ALL paths * are muted When target path muting is inverted the event is selected if ANY target path is muted For example a rename will be * suppressed if and only if both the source path and destination path are muted. Supported events are listed below. For each * event the target path is defined as: * * EXEC: The file being executed * OPEN: The file being opened * MMAP: The file being memory mapped * RENAME: Both the source and destination path. * SIGNAL: The path of the process being signalled * UNLINK: The file being unlinked * CLOSE: The file being closed * CREATE: The path to the file that will be created or replaced * GET_TASK: The path of the process for which the task port is being retrieved * LINK: Both the source and destination path * SETATTRLIST: The file for which the attributes are being set * SETEXTATTR: The file for which the extended attributes are being set * SETFLAGS: The file for which flags are being set * SETMODE: The file for which the mode is being set * SETOWNER: The file for which the owner is being set * WRITE: The file being written to * READLINK: The symbolic link being resolved * TRUNCATE: The file being truncated * CHDIR: The new working directory * GETATTRLIST: The file for which the attribute list is being retrieved * STAT: The file for which the stat is being retrieved * ACCESS: The file for which access is being tested * CHROOT: The file which will become the new root * UTIMES: The file for which times are being set * CLONE: Both the source file and target path * FCNTL: The file under file control * GETEXTATTR The file for which extended attributes are being retrieved * LISTEXTATTR The file for which extended attributes are being listed * READDIR The directory for whose contents will be read * DELETEEXTATTR The file for which extended attribues will be deleted * DUP: The file being duplicated * UIPC_BIND: The path to the unix socket that will be created * UIPC_CONNECT: The file that the unix socket being connected is bound to * EXCHANGEDATA: The path of both file1 and file2 * SETACL: The file for which ACLs are being set * PROC_CHECK: The path of the process against which access is being checked * SEARCHFS: The path of the volume which will be searched * PROC_SUSPEND_RESUME: The path of the process being suspended or resumed * GET_TASK_NAME: The path of the process for which the task name port will be retrieved * TRACE: The path of the process that will be attached to * REMOTE_THREAD_CREATE: The path of the process in which the new thread is created * GET_TASK_READ: The path of the process for which the task read port will be retrieved * GET_TASK_INSPECT: The path of the process for which the task inspect port will be retrieved * COPYFILE: The path to the source file and the path to either the new file to be created or the existing file to be overwritten */ So the behavior completely changed, you can no longer specify executables (via their binary path) from which you do NOT want any events Muting effectively became reactive, not proactive. Why this change is not documented with the deprecation? Why no alternative is suggested? why find this only because it broke my software tool behavior and performance? And last: For how long can I rely on the old, deprecated APIs, should I choose to revert my change instead of devising a whole new mechanism for muting un-interesting

Hello everyone, I am new to swift development and I am currently facing a "bug". I am building, an app on my Mac mini. It's working fine on my machine but when exporting the executable on a MacBook Air, one of my feature does not work anymore. I should be able to drag and drop a PDF which should be copy to my App document folder. But for some reason it won't work. I should add that : The app is sandboxed I tried to build the app on the MacBook Air and it does not work either. I gave all the permission to the app in the MacBook Air parameter menu. I have another drag and drop functionality with read a csv file, and it works. With Xcode, the error message was about : file not found (after being read and recognized on my log) I hope someone would have some ideas Thank you in advance PS: I'm French, sorry for my English

Hello, As part of developing a DLP system, the microphone and speakers should be blocked. My solution involves muting devices by changing the property kAudioDevicePropertyMute. However, this solution allows the user to unmute the device, and the app must implement a property listener to mute the device again. The problem is that muting takes some time and the device is temporarily unmuted. Admittedly, it takes less than a second, but nevertheless, it appears insecure. Is there an Apple-recommended approach to implement such blocking more securely? Maybe some solution which is based on IOKit. Thank you in advance, Pavel

My iOS application has both the “Default Host Card Emulation (HCE) App” and “Host Card Emulation (HCE)” entitlements. I was previously able to choose my app as the default contactless app in Settings, but after upgrading to iOS 18.6, my app no longer appears - Apple Wallet is now the only option. I’m located in the European Economic Area, and both my Apple ID and developer team are registered in the EU. Here is my entitlements file: &lt;?xml version="1.0" encoding="UTF-8"?&gt; &lt;!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"&gt; &lt;plist version="1.0"&gt; &lt;dict&gt; &lt;key&gt;com.apple.developer.nfc.hce&lt;/key&gt; &lt;true/&gt; &lt;key&gt;com.apple.developer.nfc.hce.default-contactless-app&lt;/key&gt; &lt;true/&gt; &lt;key&gt;com.apple.developer.nfc.hce.iso7816.select-identifier-prefixes&lt;/key&gt; &lt;array&gt; &lt;string&gt;A000000004&lt;/string&gt; &lt;string&gt;325041592E5359532E4444463031&lt;/string&gt; &lt;string&gt;A000000003&lt;/string&gt; &lt;/array&gt; &lt;/dict&gt; &lt;/plist&gt;

Hello, I have a device like a gas meter or an electricity meter and it has: an optical interface IEC 62056-21 (IEC-1107) with support for speeds up to 115,200 Bd. On Windows and Android, we use a cable that has an optical interface and on the other end we connect USB A to the PC and to the Android via an OTG to USB adapter. The cable contains a chip from FTDI FT230XQ. I have an application in MAUI where I want to connect this cable to the 10th generation iPad and communicate similarly to, for example, via the COM5 port on the PC. When the port opens, I send a query and get a response. Is it possible, what should I do for this? What about Apple certification of cables? Is it possible to send a packet from MAUI via the USB C port via the cable and then receive and process the packet again? What about MFi? I found this: https://redpark.com/usb-c-serial-cable/ Please can you give me some idea or expert to this topic? Thanks, Roman

Hello everyone, I'm developing a macOS application that programmatically sets custom icons for folders, and I've hit a wall trying to get Finder to display the icon changes consistently. The Goal: To change a folder's icon using NSWorkspace.shared.setIcon and have Finder immediately show the new icon. What I've Tried (The Refresh Mechanism): After setting the icon, I attempt to force a Finder refresh using several sandbox-friendly techniques: Updating the Modification Date (the "touch" method): try FileManager.default.setAttributes([.modificationDate: Date()], ofItemAtPath: pathToUse) Notifying NSWorkspace: NSWorkspace.shared.noteFileSystemChanged(pathToUse) Posting Distributed Notifications: DistributedNotificationCenter.default().post(name: Notification.Name("com.apple.Finder.FolderChanged"), object: pathToUse) The Problem: This combination of methods works perfectly, but only under specific conditions: When setting a custom icon on a folder for the first time. When changing the icon of an alias. For any subsequent icon change on a regular folder, Finder stubbornly displays the old, cached icon. I've confirmed that the user can see the new icon by manually closing and reopening the folder window, but this is obviously not a user-friendly solution. Investigating a Reset with AppleScript: I've noticed that the AppleScript update command seems to force the kind of complete refresh I need: tell application "Finder" update POSIX file "/path/to/your/folder" end tell Running this seems to reset the folder's state in Finder, effectively recreating the "first-time set" scenario where my other methods work. However, the major roadblock is that I can't figure out how to reliably execute this from a sandboxed environment. I understand it likely requires specific scripting entitlements, but it's unclear which ones would be needed for this update command on a user-chosen folder, or if it's even permissible for the App Store. My Questions: Is there a reliable, sandbox-safe way to make the standard Cocoa methods (noteFileSystemChanged, updating the modification date, etc.) work for subsequent icon updates on regular folders? Am I missing a step? If not, what is the correct way to configure a sandboxed app's entitlements to safely run the tell application "Finder" to update command for a folder the user has granted access to? Any insight or alternative approaches would be greatly appreciated. Thank you

I'm using the #Playground macro in Xcode 26.0, running on macOS 26.0. I can get the basics working, but I don't understand how it hooks into the rest of the app, like the App Delete or the Core Data stack. Do we have to create a new Core Data stack, like for SwiftUI Previews, or can it hook into the stack from the main app (if so, how)?

Note: This failure occurs even when running on the same machine that performed the build, signing, and notarization steps. We are developing a command-line Endpoint Security (ES) client for macOS, distributed to customers as part of an enterprise security suite. We have a valid Apple Developer Team ID (redacted for privacy) and have requested and received the Endpoint Security entitlement for our account. What We’ve Done Built a universal (x86_64/arm64) CLI ES client using Xcode on macOS Sonoma. Signed with a Developer ID Application certificate (matching our Team ID). Applied the entitlement: com.apple.developer.endpoint-security.client. Notarized the binary via notarytool after receiving Apple’s confirmation that the entitlement was “assigned to our account.” Distributed and unzipped the notarized ZIP (with com.apple.quarantine xattr intact). What Happens: When we run the binary (as root, via sudo) on any test Mac—including the original build/notarization machine—the process is killed immediately at launch. Kernel log (log stream --predicate 'eventMessage CONTAINS "AMFI"' --info) shows: AMFI: code signature validation failed. AMFI: bailing out because of restricted entitlements. AMFI: When validating /path/to/fidelisevents: Code has restricted entitlements, but the validation of its code signature failed. Unsatisfied Entitlements: What We’ve Verified: codesign -dvvv --entitlements :- ./fidelisevents shows the correct entitlement, team identifier, and certificate. xattr ./fidelisevents shows both com.apple.provenance and com.apple.quarantine. spctl -a -vv ./fidelisevents returns: rejected (the code is valid but does not seem to be an app) origin=Developer ID Application: [REDACTED] The process is killed even if run on the same Mac where build/sign/notarization occurred. Other Details The entitlement approval email from Apple simply says it is “assigned to your account” and does not mention “production” or “distribution.” We have rebuilt, re-signed, and re-notarized after receiving the email. This occurs on both Apple Silicon and Intel Macs, with recent macOS versions (Sonoma, Ventura). Question Is it possible that Apple only assigned the development Endpoint Security entitlement, and not the production entitlement required for distributing/running notarized ES clients outside of development? Is there any way to verify the level of entitlement (dev vs. production) associated with our Team ID? What additional steps, if any, are needed to enable the production entitlement so that our binaries can run on customer endpoints without being killed by AMFI? Any advice, experience, or official documentation about production ES entitlement rollout, approval, or troubleshooting would be greatly appreciated! Thanks in advance!

Hi, We have a macOS application that contains a helper daemon that was registered with launchd using the SMAppService API and for the most part its been working okay until we tried to release an update that added an XPC service to the daemon. When users try to upgrade the software, the new service now fails to launch due to a launch constraint violation. The Console log shows the following error after the upgrade: AMFI: Launch Constraint Violation (enforcing), error info: c[5]p[1]m[1]e[0], (Constraint not matched) launching proc[vc: 6 pid: 1422]: /Applications/Mozilla VPN.app/Contents/Library/LaunchServices/org.mozilla.macos.FirefoxVPN.daemon, launch type 0, failure proc [vc: 6 pid: 1422]: /Applications/Mozilla VPN.app/Contents/Library/LaunchServices/org.mozilla.macos.FirefoxVPN.daemon The service plist before the upgrade looked like this: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>AssociatedBundleIdentifiers</key> <string>org.mozilla.macos.FirefoxVPN</string> <key>Label</key> <string>org.mozilla.macos.FirefoxVPN.service</string> <key>BundleProgram</key> <string>Contents/MacOS/Mozilla VPN</string> <key>ProgramArguments</key> <array> <string>Mozilla VPN</string> <string>macosdaemon</string> </array> <key>UserName</key> <string>root</string> <key>RunAtLoad</key> <true/> <key>KeepAlive</key> <true/> <key>SoftResourceLimits</key> <dict> <key>NumberOfFiles</key> <integer>1024</integer> </dict> <key>StandardErrorPath</key> <string>/var/log/mozillavpn/stderr.log</string> </dict> </plist> The updated plist changes the BundleProgram, removes ProgramArguments and adds MachServices, which results in the following plist: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>AssociatedBundleIdentifiers</key> <string>org.mozilla.macos.FirefoxVPN</string> <key>Label</key> <string>org.mozilla.macos.FirefoxVPN.service</string> <key>BundleProgram</key> <string>Contents/Library/LaunchServices/org.mozilla.macos.FirefoxVPN.daemon</string> <key>MachServices</key> <dict> <key>org.mozilla.macos.FirefoxVPN.service</key> <true/> </dict> <key>UserName</key> <string>root</string> <key>RunAtLoad</key> <true/> <key>KeepAlive</key> <true/> <key>SoftResourceLimits</key> <dict> <key>NumberOfFiles</key> <integer>1024</integer> </dict> <key>StandardErrorPath</key> <string>/var/log/mozillavpn/stderr.log</string> </dict> </plist> On a fresh machine/VM, this works just fine, we only encounter the Launch Constraint Violation when upgrading from one version to the next. We were hoping that the service could have been upgraded by calling unregisterWithCompletionHandler first, but this seems have no effect on the bug. So, I guess my questions are: Is there a way to diagnose what the launch constraints are for a service, and which why the constraints are being violated? How does one go about changing the plist for a daemon installed via SMAppService? Thanks, Naomi

Hi, I am curious about if hyperthreading is enabled/disabled on my macbook pro M1 or M4. Howto figure out? I am using macOS 15.5. Further, I develop a multi-threaded audio sequencer that creates threads per instrument. I use vector operations to increase performance. I recognized lowering synchronization rate from 250 Hz to 60 Hz gives additional performance advantages. Howto programmatically check if Hyperthreading is enabled/disabled and howto enable/disable it programmatically? After some research I found sysctl() and nvram SMTDisable=%01. https://support.apple.com/en-us/101870 Can anyone provide me an Objective C example? regards, Joël

Hi everyone, I’m running a dual-homed IPv6-mostly LAN where two on-link routers advertise distinct global Provider-Assigned prefixes (one per ISP). On Linux, the host stack appears to follow RFC 8028. It keeps one default route per prefix, and packets appear to leave through a router that recognises their source address and pass ISP BCP 38 (https://datatracker.ietf.org/doc/bcp38/) checks. On macOS Sequoia, I'm only seeing a single un-scoped default route. As a result, traffic sourced from prefix B often exits via router A and is dropped upstream. Questions: Is the single-default-per-interface model in macOS an intentional design choice or simply legacy behaviour that has not yet been updated to RFC 8028? Does the kernel perform any hidden next-hop selection that isn’t reflected in netstat -rn output? Are there any road-map items for fully adopting RFC 8028 in macOS? As a bonus, I'd be very interested in any info you might be able to provide on the status of implementation/support for https://datatracker.ietf.org/doc/html/rfc8978 (Reaction of IPv6 Stateless Address Autoconfiguration (SLAAC) to Flash-Renumbering Events).