Hello, Our app is going to be used in an industrial setting where users will connect to many devices a day via Bluetooth to complete an installation process. They will only connect to one device at a time, so connection limit isn't an issue. What we're wondering about is the limit on number of pairings (found in Settings > Bluetooth > MY DEVICES). This is important because pairings can't be removed programatically. I seem to remember reading somewhere the limit was ~30 devices, but I can't find that document anymore. Does anyone know if this limit is correct, or where I could find a document regarding this?

Is there a way to deploy a client certificate (mTLS) payload with an Application using MDM? What alternatives are there for accomplishing this? A .p12 is fine if that is the only option, however the app would need to import it into it's keychain and delete the .p12 file (or the MDM would need to do so).

i notice the problem woth my phone since downloading tje beta version. The web browser app that I use is crashing not responding.

I'm not getting satisfactory answer so I'm trying here to see if there is any workaround. Xamarin support ended in May and our current app (Xamarin forms) crashes on iOS 18 beta. I understand that we may have to upgrade our app to MAUI but is that truly only solution? I'm currently targeting Xcode 15 SDK (iOS 17). Would Xcode 16 SDK for iOS 18 work for Xamarin forms?

Hello, I have a problem with an iOS app that is deployed via the MDM system Intune. The app closes immediately after starting. The APP works without distribution via the MDM. Devices with iOS 17 also work. I am attaching a crash report. (txt is ips) Unfortunately I have no idea how to solve the problem because it only occurs via the MDM and therefore I cannot debug it. The problem occurs in production environment. Please help me with the solution. Insight Mobile-2024-06-24-144828.txt Best regards Moritz

i got the iOS 18 dev beta around a week ago (big mistake) and everything was good for a week, before it started acting up. it starts to lag immensely, then it crashes from whatever app it's currently using, panics, and then shuts down my phone. it's been going on for around a week, and i've tried everything. hard/forced reset (did the trick, now it doesn't.) tried connecting to itunes (doesn't recognise the device, either cause the cable is bad, or the version's bugged.) tried connecting to apple devices (same reason as the previous.) recovery mode (STILL doesn't recognise the device.) i'm going on a trip to norway in 2 days, so getting my phone fixed is essential. i do recall having a backup with iOS 17, yet i don't know if i can back up versions from 1-2 weeks ago. i might book a reservation at a genius bar to see what's going on. i'm on an iphone se (3rd gen), and have been using it for about 1 and a half years. this issue is most likely due to the iOS beta, and i don't have a clue on what else might be affecting this. can someone help me out here? it would be greatly, GREATLY appreciated.

_IOW and friends, defined in <sys/ioccom.h>, help build ioctl() calls. Is there an equivalent function in Swift?

The presenter in this WWDC session from 2019 (https://asciiwwdc.com/2019/sessions/701) states: "So, now in macOS Catalina, executables that are denied access to files due to a lack of Full Disk Access approval are now prepopulated unchecked." I'm unable to make this work. Included is a minimal test app that tries to access a resource that would require Full Disk Access (FDA) and then opens Privacy & Security ... FDA in settings. When I run this from Xcode or manually run the app from Finder the test app does not appear in the list of apps in FDA. If I manually drag and drop the app from the build folder into the FDA window and enable it then the app is granted FDA access successfully. To be clear I understand that even the app is automatically populated in the FDA list the user will still need to toggle the switch to enable it. But I'd like to avoid making the user hunt down the app manually add it. Testing on macOS Sonoma 14.5. Xcode 15.4. Link to project file: https://akiairzavu3i3x4dmaya-public.s3.amazonaws.com/FDA+test.zip

I'm seeking some help or guidance. I'm attempting to write an app for private use that listens for HID events from a RF reader and responds. I have a functional app, which has to be launched via sudo, to be able to execute IOHIDManagerOpen(manager, IOOptionBits(kIOHIDOptionsTypeSeizeDevice)) correctly. I'm trying to modify this app, now, to use SMAppService and bypass the need for terminal and sudo, but I'm getting confused at what parts of my code need to be embedded into the helper and how to manage communications between the different components. I make it to step 8 in https://developer.apple.com/forums/thread/721737 before I start getting lost. Does anyone know of a functional, SIMPLE, sample app I could take a look at, or a good guide that lays out all parts of an example? Everything I've found gives the bones but no meat.

I am working with a compiler that produces native binaries, It's really meant for servers so it's not integrated with Xcode or the Xcode build system. As such the output binaries get the default ad-hoc signatures the linker makes. After (re)compiling such a binary, there is a delay whilst running it. This is because macOS notices it's an unknown binary and goes off to ask notarization servers/Xprotect if it's known malware. Fine, I understand the need for this and why it happens. From the logs it's clear that macOS is now tracking the "provenance" of binaries. This means where they came from. This raises the question of whether it could know that my local dev binaries are coming from this compiler, if it was in turn properly signed and notarized. And if so, whether there is some security policy I could set to say "if binary X produces binary Y, then trust Y". Yes I know this would be a security exploit if it were done that way by default, but I am willing to take the risk of special malware that compiles itself first using this special compiler that isn't installed by default then runs the output, as presumably any such malware would be so targeted Xprotect/notarization wouldn't know about it anyway. The provenance mechanism is some internal security thing and isn't documented, but I'm curious if anyone knows more about it and whether it's usable for this? Or alternatively if there's a way to stop macOS doing these slow checks for certain binaries e.g. under specific paths?

Hello, I use setCodeSigningRequirement: in sandboxed XPCService and it seems that no matter what I always get errSecCSNoSuchCode[1] when the app is signed with development certificate. The same application signed with DeveloperID is fine. I use following CSR for development signed builds. identifier com.example.app and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.1] exists and certificate leaf[field.1.2.840.113635.100.6.1.12] exists But also tried to simplify to identifier com.example.app or just true. If I validated the CSR with codesign -R I get "explicit requirement satisfied". I spotted this log line: Sandbox: com.example.app(67058) deny(1) file-read-data /Users/(...)/example-app/build/arm64-mac/src/mac/app/Debug/Example App.app/Contents/MacOS/ExampleApp So I disabled the sandbox for XPCService and now everything works. But then why the DeveloperID signed build works with XPCService sandboxed? ...or does it really? :) Just for completeness the CSR which I use in production build are: identifier com.example.app and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] exists and certificate leaf[field.1.2.840.113635.100.6.1.13] exists and certificate leaf[subject.OU] = EXAMPLE

Somewhere in the back of my head, I seem to remember that we can include prefPanes in our app store distributed apps these days (much like we can now include driverkit extensions). I can't for the life of me find this in the documentation again though. Can we do this? Or do I need to copy it from my app bundle to ~/Library/PreferencePanes? Thanks!

1.The code structure is as follows: The main project imports an SDK. 2.The main project defines a struct A with a length of 1400 bytes, and the SDK also defines a struct A with a length of 1000 bytes. 3.The SDK does not expose the definition of struct A, but it is used in the implementation of the exposed API in the SDK. 4.In the usage process, the main project first calls the SDK's API, which uses struct A of SDK's and initializes it with memset. Then, in the main project, memset is used again to initialize the struct A declared in the main project. In the above scenario, it works fine on iOS versions lower than iOS18, but on iOS18 beat1, the app crashes randomly, and the crash scenarios are not fixed. We need to know whether iOS18 has made any improvements to the API for operating memory such as memset. Is memory management more stringent? Why do versions below iOS18 not cause problems? Thanks！

Our companies security policies require that SIP be enabled all the time which makes it difficult to develop my System Extension since I need to uninstall anytime I need to test any changes to a newly compiled extension. Is there anyway to uninstall the extension with SIP enabled? I already have developer mode on. Is there anything in XCode that can do this? Thx

Branching from a previous post titled "Privileged daemon using SMAppService in macOS Sequoia," I have a privileged daemon using SMAppSerice that works in Sonoma and Ventura. In the previous OS versions, privilege is applied in System Settings: Login Items, Allow in the Background. Under macOS sequoia, the daemon appears by its bundle id instead of the parent app, and underneath it reads "Item from unidentified developer" and does not run, even when enabled. I'm wondering if additional steps are needed in the new OS to sign privileged daemons properly?

I have published an application that makes use of AppGroup containers to share an sqlite database between the main application and a notification service extension. I have taken into account special file access coordination requirements for an sqlite database shared between processes (WAL, https://github.com/andpor/react-native-sqlite-storage/issues/308#issuecomment-522250831). The application is part of an educational study involving several hundred students of young age. As such, many devices are enrolled in FamilySharing where parents control access of their children. In production, records are added to the database by the main application. The notification service extension reads the database and syncs metadata with a server. Unfortunately, I'm seeing issues with database access from the extension on devices where FamilySharing is enabled. I cannot see detailed information about the issue, because Crash reporting is disabled as per guidelines of the participating institutions. Moreover, I have implemented logging in the extension such that any conventional error (do, catch) thrown by database access code would be visible to me in server logs. I cannot see errors in my log, which leads me to believe something is crashing the extension process when it tries to access the database in the AppGroup container. I cannot find any information in Apple documentation or the pertinent online forums about a special case for AppGroups in FamilySharing context. However, since I've only ever seen the issue on devices where FamilySharing is enabled, I have to assume the error lies there. Is there any undocumented special consideration for AppGroup access in FamilySharing contexts? Is an AppGroup that was created while the app was running under the child's account no longer accessible by the same application when it's running under the parent's account?

What are we supposed to use now, since Debugger() was deprecated in 10.8:

Hi folks! I'm David Barsky and I work on rust-analyzer, which is the IDE for the Rust programming language. For a while, we've had issues with VS Code not sending the correct changed files to the language server (such as changing commits or rebasing), so I started using rust-analyzer's native, off-by-default file watching functionality that binds to FSEvent via the notify library. This has helped a bunch, but I'm not sure how completely reliable it is. Before I consider changing the default file watching behavior for our (many!) users, I wanted to check: is it possible to combine "walk &amp; watch" into a single, atomic operation? My goal is that upon getting a notification for a file change event, rust-analyzer can read the changed file and not worry about TOCTOU-esque conditions (rust-analyzer has a pretty robust incremental computation system, so we're able to invalidate changes pretty reliably). That being said, based off: this response from Quinn "The Eskimo!" about 8 years ago, and FSEventStreamCallback being a bit limited in the number of args, ...it seems like the answer appears to be "no". (I'm also familiar with Watchman, but it'd be great if the big pile of heuristics that Watchman uses were less necessary.)

When using App Intents, I can edit already existing SwiftData items, but I cannot insert new ones. Below are the two app intents I've used, both function in their entirety other than the model context insertion at the end of the second one. struct LinkViewedIntent: AppIntent { static var title: LocalizedStringResource = "Mark Link Viewed" @Parameter(title: "Link") var link: LinkEntity? init(link: Link) { self.link = LinkEntity(link: link) } init() {} func perform() async throws -> some IntentResult & ProvidesDialog { let entities = try await LinkEntityQuery().suggestedEntities().filter({$0.viewed == false}) guard !entities.isEmpty else { return .result(dialog: "There are no unviewed links to mark.") } var enteredLink: LinkEntity if let link = link { enteredLink = link } else { enteredLink = try await $link.requestDisambiguation( among: LinkEntityQuery().suggestedEntities(), dialog: "Which link would you like to mark viewed?" ) } let context = ModelContext(ConfigureModelContainer()) let links = try? context.fetch(FetchDescriptor<Link>()) guard let link = links?.filter({ $0.id == enteredLink.id }).first else { return .result(dialog: "An Error Occured") } if link.viewed == true { return .result(dialog: "Link is already viewed") } link.viewed = true try context.save() return .result(dialog: "Okay, \(enteredLink.name ?? enteredLink.link) has been marked as viewed.") } static var parameterSummary: some ParameterSummary { Summary("Mark \(\.$link) as viewed.") } } struct SaveLinkIntent: AppIntent { static var title: LocalizedStringResource = "Save Link" @Parameter(title: "URL") var url: URL? func perform() async throws -> some IntentResult & ProvidesDialog { let modelContext = ModelContext(ConfigureModelContainer()) var fullurl: URL if let url = url { fullurl = url } else { fullurl = try await $url.requestValue() } print(fullurl.absoluteString) guard let link = await makeLink(address: fullurl.absoluteString) else { return .result(dialog: "") } modelContext.insert(link) return .result(dialog: "I've added \(link.metadata?.title ?? link.address) to Memento") } }

We have developed a system extension based on the Endpoint Security framework, but after upgrading to macOS 15 beta, the system extension fails to enable in Login Items & Extensions. The specific prompt is shown in the image , and the system log indicates an XPC connection failure. When we use the command to check the extension status, it is [activated waiting for user]. We have tried some other products that use system extensions, and they are also unable to load the system extension.