Hi, We have a macOS application that contains a helper daemon that was registered with launchd using the SMAppService API and for the most part its been working okay until we tried to release an update that added an XPC service to the daemon. When users try to upgrade the software, the new service now fails to launch due to a launch constraint violation. The Console log shows the following error after the upgrade: AMFI: Launch Constraint Violation (enforcing), error info: c[5]p[1]m[1]e[0], (Constraint not matched) launching proc[vc: 6 pid: 1422]: /Applications/Mozilla VPN.app/Contents/Library/LaunchServices/org.mozilla.macos.FirefoxVPN.daemon, launch type 0, failure proc [vc: 6 pid: 1422]: /Applications/Mozilla VPN.app/Contents/Library/LaunchServices/org.mozilla.macos.FirefoxVPN.daemon The service plist before the upgrade looked like this: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>AssociatedBundleIdentifiers</key> <string>org.mozilla.macos.FirefoxVPN</string> <key>Label</key> <string>org.mozilla.macos.FirefoxVPN.service</string> <key>BundleProgram</key> <string>Contents/MacOS/Mozilla VPN</string> <key>ProgramArguments</key> <array> <string>Mozilla VPN</string> <string>macosdaemon</string> </array> <key>UserName</key> <string>root</string> <key>RunAtLoad</key> <true/> <key>KeepAlive</key> <true/> <key>SoftResourceLimits</key> <dict> <key>NumberOfFiles</key> <integer>1024</integer> </dict> <key>StandardErrorPath</key> <string>/var/log/mozillavpn/stderr.log</string> </dict> </plist> The updated plist changes the BundleProgram, removes ProgramArguments and adds MachServices, which results in the following plist: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>AssociatedBundleIdentifiers</key> <string>org.mozilla.macos.FirefoxVPN</string> <key>Label</key> <string>org.mozilla.macos.FirefoxVPN.service</string> <key>BundleProgram</key> <string>Contents/Library/LaunchServices/org.mozilla.macos.FirefoxVPN.daemon</string> <key>MachServices</key> <dict> <key>org.mozilla.macos.FirefoxVPN.service</key> <true/> </dict> <key>UserName</key> <string>root</string> <key>RunAtLoad</key> <true/> <key>KeepAlive</key> <true/> <key>SoftResourceLimits</key> <dict> <key>NumberOfFiles</key> <integer>1024</integer> </dict> <key>StandardErrorPath</key> <string>/var/log/mozillavpn/stderr.log</string> </dict> </plist> On a fresh machine/VM, this works just fine, we only encounter the Launch Constraint Violation when upgrading from one version to the next. We were hoping that the service could have been upgraded by calling unregisterWithCompletionHandler first, but this seems have no effect on the bug. So, I guess my questions are: Is there a way to diagnose what the launch constraints are for a service, and which why the constraints are being violated? How does one go about changing the plist for a daemon installed via SMAppService? Thanks, Naomi

Hi, I am curious about if hyperthreading is enabled/disabled on my macbook pro M1 or M4. Howto figure out? I am using macOS 15.5. Further, I develop a multi-threaded audio sequencer that creates threads per instrument. I use vector operations to increase performance. I recognized lowering synchronization rate from 250 Hz to 60 Hz gives additional performance advantages. Howto programmatically check if Hyperthreading is enabled/disabled and howto enable/disable it programmatically? After some research I found sysctl() and nvram SMTDisable=%01. https://support.apple.com/en-us/101870 Can anyone provide me an Objective C example? regards, Joël

Hi, In macOS26 beta, our app icon is not showing anymore in the MenuBar. It is also not displayed in the new section "Menu Bar > Allow in the Menu Bar", which seems to be the way to show/hide Menu Bar icons in macOS 26. The icon is correctly displayed and working in macOS 15. Our app is signed and notarized. It also has the "LSUIElement" value set to "true" in the Info.plist file. Is there some new mandatory entitlements to add in order to have our app showing in the "Allow in the Menu Bar" section? Thanks in advance for your help. Regards

Hello everyone, I am new to swift development and I am currently facing a "bug". I am building, an app on my Mac mini. It's working fine on my machine but when exporting the executable on a MacBook Air, one of my feature does not work anymore. I should be able to drag and drop a PDF which should be copy to my App document folder. But for some reason it won't work. I should add that : The app is sandboxed I tried to build the app on the MacBook Air and it does not work either. I gave all the permission to the app in the MacBook Air parameter menu. I have another drag and drop functionality with read a csv file, and it works. With Xcode, the error message was about : file not found (after being read and recognized on my log) I hope someone would have some ideas Thank you in advance PS: I'm French, sorry for my English

I have a Swift Package, it's added to both the main app and the autofill extension. The main app is an iOS app that run directly on my mac from Xcode. I use this extension to access the bundle import Foundation import OSLog class CurrentBundleFinder {} extension Foundation.Bundle { static let myModule: Bundle = { /* The name of your local package, prepended by "LocalPackages_" */ let bundleName = "DesignSystem_DesignSystem" let logger = Logger(subsystem: "DesignSystem", category: "Bundle") logger.error("Searching for bundle: \(bundleName)") let candidates = [ /* Bundle should be present here when the package is linked into an App. */ Bundle.main.resourceURL, /* Bundle should be present here when the package is linked into a framework. */ Bundle(for: CurrentBundleFinder.self).resourceURL, /* For command-line tools. */ Bundle.main.bundleURL, /* Bundle should be present here when running previews from a different package (this is the path to "…/Debug-iphonesimulator/"). */ Bundle(for: CurrentBundleFinder.self).resourceURL?.deletingLastPathComponent().deletingLastPathComponent(), /* For app extensions - look in parent app bundle */ Bundle.main.bundleURL.deletingLastPathComponent().deletingLastPathComponent(), ] logger.error("all bundle: \(candidates, privacy: .public)") for (index, candidate) in candidates.enumerated() { logger.error("Checking candidate \(index): \(candidate?.absoluteString ?? "nil", privacy: .public)") let bundlePath = candidate?.appendingPathComponent(bundleName + ".bundle") logger.error("Bundle path: \(bundlePath?.absoluteString ?? "nil", privacy: .public)") if let bundle = bundlePath.flatMap(Bundle.init(url:)) { logger.error("Successfully found bundle at: \(bundlePath?.absoluteString ?? "unknown", privacy: .public)") return bundle } } logger.error("Unable to find bundle named \(bundleName)") fatalError("unable to find bundle named \(bundleName)") }() } Bellow is the log from the main app and the autofill extension log.txt I have check that /private/var/folders/cb/fctmx0_x3_dbxy_9wnm7g0s40000gn/X/1CC84EBB-DAC0-5120-9346-5EFBC8691CF1/d/Wrapper/Proton Pass.app/PlugIns/AutoFill.appex/DesignSystem_DesignSystem.bundle exist in the file system, but the autofill extension is unable to create a bundle from that

I'm unable to API such as NSFileProviderManager on MacOS catalyst although the developer site says this extension is supported. https://developer.apple.com/documentation/fileprovider I've attempted to build a iOS framework to import into the catalyst target with no luck (I thought Catalyst was against the iOS API — maybe not?). Also attempted building a MacOS framework to import (maybe it's the other way around) but no luck. Has anyone found a workaround? Building for "MacOS for iPad" does work but isn't ideal for the UI.

Dear Apple: We are developing a file management-related app, and I would like to retrieve the list of files from the "Recents" section under "Favorites" in the Mac sidebar, then display this information in the app's interface for users. Is there an API available to obtain this information?

Is there a way to ensure a kernel extension in the Auxiliary Kernel Collection loads (and runs its start routines) before launchd? I'm emitting logs via os_log_t created with an os_log_create (custom subsystem/category) in both my KMOD's start function and the IOService::start() function. Those messages-- which both say "I've been run"-- inconsistently show up in log show --predicate 'subsystem == "com.bluefalconhd.pandora"' --last boot, which makes me think they are running very early. However, I also record timestamps (using mach_absolute_time, etc.) and expose them to user space through an IOExternalMethod. The results (for the most recent boot): hayes@fortis Pandora/tests main % build/pdtest Pandora Metadata: kmod_start_time: Time: 2025-07-22 14:11:32.233 Mach time: 245612546 Nanos since boot: 10233856083 (10.23 seconds) io_service_start_time: Time: 2025-07-22 14:11:32.233 Mach time: 245613641 Nanos since boot: 10233901708 (10.23 seconds) user_client_init_time: Time: 2025-07-22 14:21:42.561 Mach time: 14893478355 Nanos since boot: 620561598125 (620.56 seconds) hayes@fortis Pandora/tests main % ps -p 1 -o lstart= Tue Jul 22 14:11:27 2025 Everything in the kernel extension appears to be loading after launchd (PID 1) starts. Also, the kext isn't doing anything crazy which could cause that kind of delay. For reference, here's the Info.plist: <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>CFBundleExecutable</key> <string>Pandora</string> <key>CFBundleIdentifier</key> <string>com.bluefalconhd.Pandora</string> <key>CFBundleName</key> <string>Pandora</string> <key>CFBundlePackageType</key> <string>KEXT</string> <key>CFBundleVersion</key> <string>1.0.7</string> <key>IOKitPersonalities</key> <dict> <key>Pandora</key> <dict> <key>CFBundleIdentifier</key> <string>com.bluefalconhd.Pandora</string> <key>IOClass</key> <string>Pandora</string> <key>IOMatchCategory</key> <string>Pandora</string> <key>IOProviderClass</key> <string>IOResources</string> <key>IOResourceMatch</key> <string>IOKit</string> <key>IOUserClientClass</key> <string>PandoraUserClient</string> </dict> </dict> <key>OSBundleLibraries</key> <dict> <key>com.apple.kpi.dsep</key> <string>24.2.0</string> <key>com.apple.kpi.iokit</key> <string>24.2.0</string> <key>com.apple.kpi.libkern</key> <string>24.2.0</string> <key>com.apple.kpi.mach</key> <string>24.2.0</string> </dict> </dict> </plist> My questions are: A. Why don't the early logs (from KMOD's start function and IOService::start) consistently appear in the unified log, while logs later in IOExternalMethods do? B. How can I force this kext to load earlier-- ideally before launchd? Thanks in advance for any guidance!

Hello Apple Developer Community and Apple Engineers, I'm working on a CoreBluetooth-based iOS application and struggling to find clear, official guidance on best practices for unit testing CoreBluetooth functionality. I'd appreciate any insights from the community and especially from Apple engineers on the recommended approaches. Background &amp; Challenges: Our team has encountered several challenges when trying to implement comprehensive testing for our CoreBluetooth code: Subclassing Restrictions: Apple's documentation explicitly states "Don't subclass any of the classes of the Core Bluetooth framework. Overriding these classes isn't supported and results in undefined behavior." This makes traditional mocking approaches (creating mock subclasses of CBCentralManager, CBPeripheral, etc.) problematic for unit testing. Integration vs Unit Testing Dilemma: We currently use integration tests with third-party libraries like Nordic Semiconductor's CoreBluetoothMock, which work well for end-to-end testing but aren't true unit tests. They test the interaction between our code and the (mocked) CoreBluetooth stack rather than testing individual methods in isolation. Delegate Method Testing: Our code implements CBCentralManagerDelegate and CBPeripheralDelegate protocols. Testing these delegate methods in isolation is challenging because: The methods receive CBCentralManager/CBPeripheral parameters that we can't mock via subclassing Using third-party mocking frameworks makes them integration tests, not unit tests Testing the business logic within these methods requires the actual CoreBluetooth objects Simulator Limitations: The only official Apple documentation we found about CoreBluetooth testing is Technical Note TN2295, which is marked as "retired" and from 2012. It describes a complex simulator setup requiring physical USB adapters, suggesting simulator-only testing isn't fully supported. Specific Questions: What are Apple's current official recommendations for testing CoreBluetooth applications? Should we focus on device testing, integration testing with mocking libraries, or are there other approaches we should consider? For unit testing: How can we test individual delegate methods and business logic without violating the "no subclassing" restriction? Are there patterns or architectures that make CoreBluetooth code more unit-testable? Testing strategy: Should CoreBluetooth applications primarily rely on integration tests rather than traditional unit tests? Is this an acceptable trade-off given the hardware-dependent nature of Bluetooth? Simulator support: Is there current, supported functionality for testing CoreBluetooth applications in the simulator, or should all testing be done on physical devices? Current Approach: We're currently using: Integration tests with CoreBluetoothMock for comprehensive workflow testing Limited unit tests for business logic that we can extract from delegate methods Physical device testing for final validation This works but feels incomplete compared to the unit testing coverage we achieve in other parts of our application. Request: Any guidance from Apple engineers on the intended/recommended approach for testing CoreBluetooth applications would be incredibly valuable. Even confirmation that "integration testing with physical devices is the primary recommended approach" would help clarify our testing strategy. Thank you for any insights you can share! Environment: iOS 17+ Xcode 15+ Swift 5.9+

I am using the MatterSupport extension to commission devices for my own ecosystem. I use the extension to do the initial connection to the device (BLE, PASE, bring device onto wifi/thread) and then use the method commissionDevice(in home: MatterAddDeviceRequest.Home?, onboardingPayload: String, commissioningID: UUID) in MatterAddDeviceExtensionRequestHandler to send a request to my own hub on the local network where it then connects to the device via wifi/thread and fully commissions the device. This flow is working correctly for wifi enabled devices, however it fails for thread devices. For some context, I am using my own border router (and have already added the router's credentials to the phone using THClient's storeCredentials). Here are some device-specific results: ESP32 (WIFI): successful commission ESP32 (THREAD): failure Matter Certified ONVIS smart plug (THREAD): failure The ESP32's are running espressif matter examples. Example border router is a running OTBR docker container I believe that the entire PASE session is established and the device gets onto the thread network, but the process seems to stall after that. I have verified that selectThreadNetwork(...) and validateDeviceCredential(...) get called but the commissioning process seems to stall before it can get to commissionDevice(...) I am limited to 7k characters, but I'll try to include as many relevant log lines as I can near the error if anyone has any ideas. I've already created a bug report with ID: FB18985348 which includes the full logs from the esp32 and a sysdiagnose from an iPhone 12 Pro (iOS 18.5) using the following log profiles: Home app/HomeKit HomeThread ThreadNetwork When commissioning directly from my hub, the entire commissioning completes successfully 100% of the time. This failure only happens when I use MatterSupport to initiate commissioning for Matter over Thread devices specifically. Very condensed homed log overview for uncertified ESP32 thread example Next: 'SecurePairing' -> 'ReadCommissioningInfo' Step: 'ReadCommissioningInfo' Sending read requests for commissioning information NetworkCommissioning Features: has Thread. endpointid = 0 <MTRDeviceController_Concrete: ..., uuid: F9BB9F53-BF73-4B82-B00B-045E7709530E...> completed for nodeID 0x0000000055d193ec with status: Success ✔ 'ReadCommissioningInfo' Next: 'ReadCommissioningInfo' -> 'ArmFailSafe' Step: 'ArmFailSafe' ✔ 'ArmFailSafe' Next: 'ArmFailSafe' -> 'ConfigRegulatory' Step: 'ConfigRegulatory' ✔ 'ConfigRegulatory' Next: 'ConfigRegulatory' -> 'ConfigureTCAcknowledgments' Step: 'ConfigureTCAcknowledgments' ✔ 'ConfigureTCAcknowledgments' Next: 'ConfigureTCAcknowledgments' -> 'SendPAICertificateRequest' Step: 'SendPAICertificateRequest' ✔ 'SendPAICertificateRequest' Next: 'SendPAICertificateRequest' -> 'SendDACCertificateRequest' Step: 'SendDACCertificateRequest' ✔ 'SendDACCertificateRequest' Next: 'SendDACCertificateRequest' -> 'SendAttestationRequest' Step: 'SendAttestationRequest' ✔ 'SendAttestationRequest' Next: 'SendAttestationRequest' -> 'AttestationVerification' Step: 'AttestationVerification' Error on commissioning step 'AttestationVerification': Internal error Next: 'AttestationVerification' -> 'AttestationRevocationCheck' Step: 'AttestationRevocationCheck' (with error) Device attestation error: Integrity check failed. Continue commissioning (ignore attestation failure: YES) ✔ 'AttestationRevocationCheck' Next: 'AttestationRevocationCheck' -> 'SendOpCertSigningRequest' Step: 'SendOpCertSigningRequest' ✔ 'SendOpCertSigningRequest' Next: 'SendOpCertSigningRequest' -> 'ValidateCSR' Step: 'ValidateCSR' ✔ 'ValidateCSR' Next: 'ValidateCSR' -> 'GenerateNOCChain' Step: 'GenerateNOCChain' ✔ 'GenerateNOCChain' Step: 'SendTrustedRootCert' ✔ 'SendTrustedRootCert' Next: 'SendTrustedRootCert' -> 'SendNOC' Step: 'SendNOC' ✔ 'SendNOC' Next: 'SendNOC' -> 'ThreadNetworkSetup' Step: 'ThreadNetworkSetup' ✔ 'ThreadNetworkSetup' Next: 'ThreadNetworkSetup' -> 'FailsafeBeforeThreadEnable' Step: 'FailsafeBeforeThreadEnable' ✔ 'FailsafeBeforeThreadEnable' Next: 'FailsafeBeforeThreadEnable' -> 'ThreadNetworkEnable' Step: 'ThreadNetworkEnable' ✔ 'ThreadNetworkEnable' Next: 'ThreadNetworkEnable' -> 'kEvictPreviousCaseSessions' Step: 'kEvictPreviousCaseSessions' ✔ 'kEvictPreviousCaseSessions' Next: 'kEvictPreviousCaseSessions' -> 'kFindOperationalForStayActive' Step: 'kFindOperationalForStayActive' Error: Timeout Next: 'kFindOperationalForStayActive' -> 'Cleanup' Step: 'Cleanup' (with timeout error) ✔ 'Cleanup' Commissioning complete for node ID 0x0000000055D193EC with timeout error

I'm using the #Playground macro in Xcode 26.0, running on macOS 26.0. I can get the basics working, but I don't understand how it hooks into the rest of the app, like the App Delete or the Core Data stack. Do we have to create a new Core Data stack, like for SwiftUI Previews, or can it hook into the stack from the main app (if so, how)?

After creating a hardlink on a distributed filesystem of my own via: % ln f.txt hlf.txt Neither the original file, f.txt, nor the hardlink, hlf.txt, are immediately accessible, e.g. via cat(1) with ENOENT returned. A short time later though, both the original file and the hardlink are accessible. Both files can be stat(1)ed though, which confirms that vnop_getattr returns success for both files. Dtruss(1) indicates it's the open(2) syscall that fails: % sudo dtruss -f cat hlf.txt 2038/0x4f68: open("hlf.txt\0", 0x0, 0x0) = -1 Err#2 ;ENOENT 2038/0x4f68: write_nocancel(0x2, "cat: \0", 0x5) = 5 0 2038/0x4f68: write_nocancel(0x2, "hlf.txt\0", 0x7) = 7 0 2038/0x4f68: write_nocancel(0x2, ": \0", 0x2) = 2 0 2038/0x4f68: write_nocancel(0x2, "No such file or directory\n\0", 0x1A) = 26 0 Dtrace(1)ing my KEXT no longer works on macOS Sequoia, so based on the diagnostics print statements I inserted into my KEXT, the following sequence of calls is observed: vnop_lookup(hlf.txt) -&gt; EJUSTRETURN ;ln(1) vnop_link(hlf.txt) -&gt; KERN_SUCCESS ;ln(1) vnop_lookup(hlf.txt) -&gt; KERN_SUCCESS ;cat(1) vnop_open(/) ; I expected to see vnop_open(hlf.txt) here instead of the parent directory. Internally, hardlinks are created in vnop_link via a call to vnode_setmultipath with cache_purge_negatives called on the destination directory. On macOS Monterey for example, where the same code does result in hardlinks being accessible, the following calls are made: vnop_lookup(hlf.txt) -&gt; EJUSTRETURN ;ln(1) vnop_link(hlf.txt) -&gt; KERN_SUCCESS ;ln(1) vnop_lookup(hlf.txt) -&gt; KERN_SUCCESS ;cat(1) vnop_open(hlf.txt) -&gt; KERN_SUCCESS ;cat(1) Not sure how else to debug this. Perusing the kernel sources for uses of VISHARDLINK, VNOP_LINK and vnode_setmultipath call sites did not clear things up for me. Any pointers would be greatly appreciated.

We've been using our own logging system for quite a long time but we are interested in the benefits offered by Logger/OSLog and plan to migrate to it. Before modifying thousands of logging calls, we want to understand a bit more how, when and where (ie. from which thread/queue) OSLog strings interpolation is performed. More specifically, we are concerned by simultaneous access to properties from different threads. Our app usually handles that using DispatchQueues (single or concurrent) and calls to our logging system is safe as the log string is built synchronously. On the other hand, when using Logger/OSLog, the provided string is in fact an OSLogMessage which keeps a reference to values and properties in order to build the final String later (asynchronously). If it is correct, the "later" part concerns us. Example Let's consider the following class property profile (instance of Profile class which implements CustomStringConvertible): private var profile: Profile? With our own logging system, we used to log the profile property at the time the logging method is called (and when the access to profile is safe): Log.debug(logModule, "Current profile: \(profile)") Now moving to Logger/OSLog, the following error appears: logger.debug("Current profile: \(profile)") // Reference to property 'profile' in closure requires explicit use of 'self' to make capture semantics explicit Our understanding is that the property profile is not accessed synchronously but later, possibly after or even worse while the property is being mutated from another thread (-> crash). In which case fixing the error using "Current profile: \(self.profile)" instead would be a very bad idea... The same goes with class instance properties used in the implementation of CustomStringConvertible.description property. If the description property is built asynchronously, the class instance properties may have been mutated or may be being mutated from another thread. TL;DR We have searched for good practices when using Logger/OSLog but could not find any dealing with the thread-safeness of logged objects. Is it a good idea to capture self in Logger calls? Is it safe to log non value-type objects such as class instances? Thanks for clarifications.

I am in the process of writing a macOS app using NSFileProviderExtension so that I can map my customer's data in Finder. I am in the process of building it out, I had initially started in Obj-C and then after the advice of folks here (https://developer.apple.com/forums//thread/793272?answerId=849339022&amp;page=1#849752022) I have switched to Swift as the NSReplicatedFileProvider is not available in Obj-C. I have done the main app and also started plugging away with the FileProviderExtension. To verify that I have properly setup, I create a static list of files in the FileProviderExtension enumerate so I can see it work in Finder. I build the app and it works as expected and I see it mounted in Finder and I see the static list of files. But what I don't see is any debug statements in the app, none of those message show up in the logs. I am baffled by this. I check the log stream to see what the process prints out and I know it is logging everything else eg: 2025-07-18 11:32:05.772364-0700 0x19ea3f9 Activity 0x1172100 63622 0 DriveFileProviderExtension: (libsystem_secinit.dylib) AppSandbox 2025-07-18 11:32:05.794609-0700 0x19ea3f9 Activity 0x1172101 63622 0 DriveFileProviderExtension: (libsystem_info.dylib) Retrieve User by ID 2025-07-18 11:32:05.800179-0700 0x19ea3f9 Default 0x0 63622 0 DriveFileProviderExtension: (ExtensionFoundation) [com.apple.extensionkit:default] Extension `/Users/radwar/Library/Developer/Xcode/DerivedData/Drive-fxfhbjutfvumoabnnfmxxstpifha/Build/Products/Debug/Drive.app/Contents/PlugIns/DriveFileProviderExtension.appex/Contents/MacOS/DriveFileProviderExtension` of type: `1` launched. 2025-07-18 11:32:05.801453-0700 0x19ea3f9 Default 0x0 63622 0 DriveFileProviderExtension: (RunningBoardServices) [com.apple.runningboard:connection] Initializing connection 2025-07-18 11:32:05.803083-0700 0x19ea3f9 Default 0x0 63622 0 DriveFileProviderExtension: (RunningBoardServices) [com.apple.runningboard:process] Removing all cached process handles 2025-07-18 11:32:05.803231-0700 0x19ea613 Default 0x0 63622 0 DriveFileProviderExtension: (RunningBoardServices) [com.apple.runningboard:connection] Sending handshake request attempt #1 to server 2025-07-18 11:32:05.803414-0700 0x19ea613 Default 0x0 63622 0 DriveFileProviderExtension: (RunningBoardServices) [com.apple.runningboard:connection] Creating connection to com.apple.runningboard 2025-07-18 11:32:05.803459-0700 0x19ea613 Default 0x0 63622 0 DriveFileProviderExtension: (libxpc.dylib) [com.apple.xpc:connection] [0x12f106e10] activating connection: mach=true listener=false peer=false name=com.apple.runningboard 2025-07-18 11:32:05.805893-0700 0x19ea613 Default 0x0 63622 0 DriveFileProviderExtension: (RunningBoardServices) [com.apple.runningboard:connection] Handshake succeeded 2025-07-18 11:32:05.805955-0700 0x19ea613 Default 0x0 63622 0 DriveFileProviderExtension: (RunningBoardServices) [com.apple.runningboard:connection] Identity resolved as xpcservice&lt;clio.Drive.DriveFileProviderExtension([osservice&lt;com.apple.FileProvider(501)&gt;:990])(501)&gt;{vt hash: 247410607}[uuid:454E32DB-3FB4-4DC6-9C05-F4B2F97333E0]{persona:9EF54117-4998-4D72-83C4-F12587C95FBA} but none of my print lines are being printed. I have code like this sprinkled through the methods: print("🔍 FileProviderExtension INIT - Logger configured") print("🔍 Domain: \(domain.displayName)") None of these show up anywhere. I also do a pure log stream with all system output, and there, too, I don't see anything. What am I missing? With my Obj-C version, all NSLogs used to show up as expected. With Swift, am I missing something?

Currently, I use NSFileProviderItemCapabilitiesAllowsAddingSubitems on a folder to control the creation of sub-items (either folders or files) within a parent folder. However, this capability doesn't allow me to meet a requirement where I need to permit file creation but restrict folder creation. I am seeking input on different options to achieve this requirement. Note: One reactive approach would be to intercept folder creation within the createItem() event handler and reject it with an ExcludedFromSync error (without uploading to cloud). This would prevent createItem() from being reattempted on that folder, but the folder would still remain on the mount. Is there any way to delete it?

We create plug-ins for Adobe Creative Cloud and have run into an issue with respect to file/folder permissions. First, all of our libraries, code is code-signed and notarized as per Apple requirements but distribute outside of the Mac App store. We install a Photoshop plug-in and its mainly a UI which then executes a background app containing the business logic to read/write files. The background app runs as a separate process and is not in the Photoshop sandbox space so it doesn't inherit Photoshop permissions/scoping rules. Our plug-in communicates with the background process via ports etc. When a user chooses a file to process from lets say the Desktop, generally macOS first pops up a message that says ABCD background app is trying to access files from the Desktop do you grant it permission etc...This is also true for network mounted volumes or downloads folder. This message generally appears properly when everything is under an account with admin rights. However, when our tool is installed from a Standard Account, the macOS messages asking for confirmation to access the Desktop or Documents or Downloads folder doesn't appear and access to the file/folders is denied. Thus our background only process errors out. Looking at the Security and Privacy-&gt;Files and Folders the button to enable access is in the Off position. If we turn these on Manually, everything works. But this is a really poor user experience and sometimes our users think our software is not working. Does anybody have any idea how to allow for the file/folder permissions to be registered/granted in such a case? Should we try to register these as Full Disk Access? Any ideas and/or solutions are welcome.

I reported this as a bug (FB18614667), but also wanted to ask here in case this is actually just me doing something wrong, or maybe I'm misunderstanding the entire use case of metadataRead. (My understanding is that metadataRead is basically read but it checks a cache that the kernel manages before trying to read the physical resource, and in the case of a cache miss it would just go to the physical resource and then add the bytes to the cache. Is that right?) I’m encountering an issue in an FSKit file system extension where (for example) read(into: buf, startingAt: 0, length: Int(physicalBlockSize)) works, but metadataRead(into: buf, startingAt: 0, length: Int(physicalBlockSize)) throws an EIO error (Input/output error) no matter what I do. (Note: physicalBlockSize is 512 in this example.) The documentation (https://developer.apple.com/documentation/fskit/fsblockdeviceresource/metadataread(into:startingat:length:)) indicates that the restrictions on metadataRead are that the operations must be sector-addressed (which is the case here, especially as regular read has the same restriction and succeeds) and that partial reading of metadata is not supported. (I don’t think that applies here?) In a sample project I was able to replicate this behavior where the module only ever reads the block device in its enumerateDirectory implementation, and so trying to list the contents of a directory leads to an "Input/output error" when e.g. running ls on the volume. The enumerateDirectory sample implementation is like so: func enumerateDirectory(_ directory: FSItem, startingAt cookie: FSDirectoryCookie, verifier: FSDirectoryVerifier, attributes: FSItem.GetAttributesRequest?, packer: FSDirectoryEntryPacker) async throws -> FSDirectoryVerifier { let buf = UnsafeMutableRawBufferPointer.allocate(byteCount: Int(blockDevice.physicalBlockSize), alignment: 1) defer { buf.deallocate() } // metadataRead will throw... try blockDevice.metadataRead(into: buf, startingAt: 0, length: Int(blockDevice.physicalBlockSize)) // but read will work. // try await blockDevice.read(into: buf, startingAt: 0, length: Int(blockDevice.physicalBlockSize)) // ... return dummy file here (won't reach this point because metadataRead throws) } I'm observing this behavior on both macOS 15.5 (24F74) and macOS 15.6 beta 3 (24G5074c). Has anyone been able to get metadataRead to work? I see it used in Apple's msdos FSKit implementation so it seems like it has to work at some level.

Are there official header files for libMobileGestalt.tbd (MobileGestalt framework) or some Apple-approved way to access it? If not, are there any substitutes for its functionality?

I have discovered a gap in my understanding of user selected URLs in iOS, and I would be grateful if someone can put me right please. My understanding is that a URL selected by a user can be accessed by calling url.startAccessingSecurityScopedResource() call. Subsequently a call to stopAccessingSecurityScopedResource() is made to avoid sandbox memory leaks. Furthermore, the URL can be saved as a bookmark and reconstituted when the app is run again to avoid re-asking permission from the user. So far so good. However, I have discovered that a URL retrieved from a bookmark can be accessed without the call to url.startAccessingSecurityScopedResource(). This seems contrary to what the documentation says here So my question is (assuming this is not a bug) why not save and retrieve the URL immediately in order to avoid having to make any additional calls to url.startAccessingSecurityScopedResource? Bill Aylward You can copy and paste the code below into a new iOS project to illustrate this. Having chosen a folder, the 'Summarise folder without permission' button fails as expected, but once the 'Retrieve URL from bookmark' has been pressed, it works fine. import SwiftUI import UniformTypeIdentifiers struct ContentView: View { @AppStorage("bookmarkData") private var bookmarkData: Data? @State private var showFolderPicker = false @State private var folderUrl: URL? @State private var folderReport: String? var body: some View { VStack(spacing: 20) { Text("Selected folder: \(folderUrl?.lastPathComponent ?? "None")") Text("Contents: \(folderReport ?? "Unknown")") Button("Select folder") { showFolderPicker.toggle() } Button("Deselect folder") { folderUrl = nil folderReport = nil bookmarkData = nil } .disabled(folderUrl == nil) Button("Retrieve URL from bookmark") { retrieveFolderURL() } .disabled(bookmarkData == nil) Button("Summarise folder with permission") { summariseFolderWithPermission(true) } .disabled(folderUrl == nil) Button("Summarise folder without permission") { summariseFolderWithPermission(false) } .disabled(folderUrl == nil) } .padding() .fileImporter( isPresented: $showFolderPicker, allowedContentTypes: [UTType.init("public.folder")!], allowsMultipleSelection: false ) { result in switch result { case .success(let urls): if let selectedUrl = urls.first { print("Processing folder: \(selectedUrl)") processFolderURL(selectedUrl) } case .failure(let error): print("\(error.localizedDescription)") } } .onAppear() { guard folderUrl == nil else { return } retrieveFolderURL() } } func processFolderURL(_ selectedUrl: URL?) { guard selectedUrl != nil else { return } // Create and save a security scoped bookmark in AppStorage do { guard selectedUrl!.startAccessingSecurityScopedResource() else { print("Unable to access \(selectedUrl!)"); return } // Save bookmark bookmarkData = try selectedUrl!.bookmarkData(options: .minimalBookmark, includingResourceValuesForKeys: nil, relativeTo: nil) selectedUrl!.stopAccessingSecurityScopedResource() } catch { print("Unable to save security scoped bookmark") } folderUrl = selectedUrl! } func retrieveFolderURL() { guard let bookmarkData = bookmarkData else { print("No bookmark data available") return } do { var isStale = false let url = try URL( resolvingBookmarkData: bookmarkData, options: .withoutUI, relativeTo: nil, bookmarkDataIsStale: &isStale ) folderUrl = url } catch { print("Error accessing URL: \(error.localizedDescription)") } } func summariseFolderWithPermission(_ permission: Bool) { folderReport = nil print(String(describing: folderUrl)) guard folderUrl != nil else { return } if permission { print("Result of access requrest is \(folderUrl!.startAccessingSecurityScopedResource())") } do { let contents = try FileManager.default.contentsOfDirectory(atPath: folderUrl!.path) folderReport = "\(contents.count) files, the first is: \(contents.first!)" } catch { print(error.localizedDescription) } if permission { folderUrl!.stopAccessingSecurityScopedResource() } } }

What are my options if I want to iterate over loaded images (dynamic libraries) within a signal handler? I have a few solutions that might work, but without going too much into them, i'm curious if anyone has experience here, or ideas what to look into. Cheers, AC