Hi, I'm in the process of creating an App + Helper Tool combo application, and depending on the necessity of root privileges, I'm setting up two paths in the app: If root privileges are not necessary, I'm using SMJobSubmit rather directly: var submissionError: Unmanaged<CFError>? let submissionResult = SMJobSubmit(kSMDomainUserLaunchd, plist, nil, &submissionError) where plist contains these items: Label=com.***.redactedApp.redacted, ProgramArguments=[path/to/helper-tool, commandName, commandArg1, commandArg2] RunAtLoad=1, KeepAlive=0 and it works as necessary, and performs the operations. Now, in the case of privilege escalation being necessary, this call becomes a bit more complex: let authorization = SFAuthorization() var authRef: AuthorizationRef? do { try authorization?.obtain(withRight: kSMRightModifySystemDaemons, flags: [.extendRights, .interactionAllowed]) authRef = authorization?.authorizationRef() } catch let error { // Logging error } var submissionError: Unmanaged<CFError>? let submissionResult = SMJobSubmit(kSMDomainSystemLaunchd, plist, authRef, &submissionError) while using the same plist, same executable at the same path, same Label. However, when using the second path, suddenly SMJobSubmit fails: Error Domain=CFErrorDomainLaunchd Code=2 "(null)" Now, naturally I headed over to system logs in Console.app, and this is the weirdest - there is nothing suspicious near the log item I submit with the above error from the main application. The tool is embedded in the Contents/MacOS folder. However, my problem is that anything that I can think of seems to lead to the same thought: it should be a problem in both cases, not just the privileged one. Is there something extra that must be taken care of when using SMJobSubmit with privileged helper tools?

While closing and reopening gamecenter, it’s not responding, and go to infinite loop i dont know what to do i repeated it several Times

When user opened my application, it crashed immediately. This is crash log message from firebase. com.apple.CFNetwork.Connection EXC_BAD_ACCESS KERN_INVALID_ADDRESS After restarting iPhone, user can use my application without crash. I cannot reproduce this crash from other device. Here are .ips crash log that I changed to .txt. crashLog-2024-12-26-182447.txt crashLog-2024-12-26-182449.000.txt crashLog-2024-12-26-182535.000.txt crashLog-2024-12-26-182535.txt Do you have any idea to fix this?

We have created an app that uses Appintents to plug into Siri. However, launching the app &gt;sometimes&lt; will launch a menu that will let the user choose between the app and Contacts. Why? How can I tell Siri to not ask for Contacts?

I am developing an app that can help users disable selected apps at a specified time, so that users can get away from their phones and enjoy real life. Here is my data structure: extension ActivityModel { @NSManaged public var id: UUID @NSManaged public var name: String @NSManaged public var weeks: Data @NSManaged public var weekDates: Data @NSManaged public var appTokens: Data } Among them, weeks is of [Bool] type, indicating which weeks from Sunday to Saturday are effective; weekDates is of [[Date,Date]] type, indicating the effective time period; appTokens is of Set type, indicating the selected apps。 At the beginning, I will open a main monitor: let deviceActivityCenter = DeviceActivityCenter() do{ try deviceActivityCenter.startMonitoring( DeviceActivityName(activityModel.id), during: DeviceActivitySchedule( intervalStart: DateComponents(hour: 0,minute: 0,second: 0), intervalEnd: DateComponents(hour: 23,minute: 59,second: 59), repeats: true ) ) }catch { return false } Since the time range may be different every day, I will start the sub-monitoring of the day every time the main monitoring starts： override func intervalDidStart(for activity: DeviceActivityName) { super.intervalDidStart(for: activity) if activity.rawValue.hasPrefix("Sub-") { ActivityModelManager.disableApps( Tools.getUUIDFromString(activity.rawValue) ) return } let weekIndex = Calendar.current.component(.weekday, from: .now) let weeks = ActivityModelManager.getWeeks(activity.rawValue) if weeks[weekIndex] { let weekDates = ActivityModelManager.getWeekDates(activity.rawValue) let deviceActivityCenter = DeviceActivityCenter() do{ try deviceActivityCenter.startMonitoring( DeviceActivityName("Sub-" + activityModel.id), during: DeviceActivitySchedule( intervalStart: getHourAndMinute(weekDates[weekIndex][0]), intervalEnd: getHourAndMinute(weekDates[weekIndex][1]), repeats: false ) ) }catch { return } }esle { return } } I will judge whether it is main monitoring or sub monitoring based on the different activity names. When the sub-monitor starts, I will get the bound application and then disable it: static func disableApps(_ id : UUID){ let appTokens = ActivityModelManager.getLimitAppById(id) let name = ManagedSettingsStore.Name(id.uuidString) let store = ManagedSettingsStore(named: name) store.shield.applications = appTokens return } When the child monitoring is finished, I resume the application: static func enableApps(_ id : UUID){ let name = ManagedSettingsStore.Name(id.uuidString) let store = ManagedSettingsStore(named: name) store.shield.applications = [] } The above is my code logic. When using DeviceActivityMonitorExtension, I found the following problems: intervalDidStart may be called multiple times, resulting in several sub-monitors being started. After a period of time, the monitoring is turned off. The static methods enableApps and disableApps are sometimes not called

After reading Apple documentation (FamilyControls, DeviceActivity, ManagedSettings, ManagedSettingsUI, ScreenTime) and testing the API, I do not find a way to get the child's device apps on the parent device in order to block them or disable them for a certain time. Is there a way of doing it? Or can it only be done locally on the child device?

How to determine whether the shortcut command is triggered by Siri or the user clicks?

We had a question that came up when we comparing data from WeatherKit to other sources - WeatherKit visibility was well beyond the boundaries we had historically, even from Darksky. That raises two questions: is visibility actually in meters like the docs say? is this visibility at ground level, 500ft, or some other height? We were seeing visibility numbers of up to 40 miles (after converting the number the API sent to miles), where all of our other sources are usually within 10 miles

I am trying to get universal links to work in our app Firefox iOS The Problem: I am not able to get universal links to work for our release app or beta app scheme locally or with a TestFlight build. I am able to get it working on our development scheme with a locally hosted app site association file. I also was able to get it working using our development scheme but setting the bundle id to the release app bundle id. I also built a demo app with the release app id and the release app development certificate. It succeeded there as well. Implementation Steps: Added associated domains entitlement to the production and beta schemes for our main app target (No associated domains entitlements or capabilities added for any extensions) Confirmed that the bundle ids associated with these schemes have the associated domains capability Added applinks:blog.mozilla.org to associated domains list Confirmed in code that user activities are being handled via SceneDelegate.swift Steps to Debug: I have gone through and validated every step in the provided Universal Link Debugging. All were successful: Associated Domains Development -> Diagnostics: Opens Installed App Validate AASA host and applinks match curl -v https://blog.mozilla.org/.well-known/apple-app-site-association returns the expected json file swcutil dl correctly downloads the AASA blob swcutil verify succeeds I have inspected the IPA of our beta build and confirmed the App ID and the associated domains is an entitlement. I have looked at the console logs filtering by swcd. I am not seeing any errors and I see the download for the AASA file kick off: Beginning data task AASA-4BABF039-3C69-4E36-AA4E-ECCDF3D14878 { domain: bl….mo….org, bytes: 0, route: cdn } There is only one error that appears in the console but our app is not enterprise-managed so I assume this is normal. Error getting enterprise-managed associated domains data. If this device is not enterprise-managed, this is normal: Error Domain=SWCErrorDomain Code=1701 "Failed to get associated domain data from ManagedConfiguration framework." UserInfo={NSDebugDescription=Failed to get associated domain data from ManagedConfiguration framework., Line=298, Function=<private>} I have run Sysdiagnos and identified for our App ID: Site/Fmwk Approval: approved I am at a loss as to what is preventing universal links from working even though all validation steps pass.

Hey, I'm trying to update my old app that used DarkSky to WeatherKit, and struggling. I always get: ailed to generate jwt token for: com.apple.weatherkit.authservice with error: Error Domain=WeatherDaemon.WDSJWTAuthenticatorServiceListener.Errors Code=2 "(null)" This is regardless if I do it on my iPad, or in the simulator. I have done the following: Selected WeatherKit on the Capabilities and App Services tabs of the Identifier section on developer. Put it under signing and capabilities in XCode I've tried making a new provisioning profile, cleaning build folder, etc. Not sure what to do here. I suspect part of this problem is that I developed this app in 2018 and now I'm trying to update it. I am able to run the app on TestFlight, but not as an internal tester. Apple won't let me, so I have to add myself as an external tester. Thanks for any help you can provide!

I've found an app that has a call blocking feature an is able to add more than 10_000_000 entries. As I understand it doesn't use more than one extension for it because I see only one in the Call Blocking & Identifying settings menu. How to implement that? My limit now is around 1_800_000 entries.

Widgets on the widget is not responding to the touch properly. This issue is also affecting within the home screen widget in a way that the widget switches to light mode by itself even though I am in dark mode. Additionally, lock screen does not to respond once the lock screen widget has been edited. Is anyone else having this issue?

I'm working with the FamilyControls API and am running into an issue with sharing ActivityTokens between devices in the same family sharing network. Based on this documentation, ActivityTokens are only accessible and readable by other members in the family sharing network. My app is based on the idea that if one user selects the Games category in the FamilyActivityPicker, then this token can be shared with another device in the same family-sharing network and this other device can read and display the category. So my question is: If a user in the network selects an activity category in the FamilyActivityPicker, can this category token be shared, read, and used by another user in the family-sharing network?

Hello everyone, I’m currently developing an app that uses the Family Controls API, specifically the Screen Time API. However, my current entitlement is limited to development mode, which prevents me from publishing my app on TestFlight. I have already contacted Apple Developer Support for production access but wanted to reach out to the community as well and I was referenced to FamilyControls API documentation and I couldn't find anything related to my case. Has anyone successfully upgraded their entitlement from development-only to production? Any insights on the process, tips for communicating with Developer Support, or guidance on ensuring full compliance with the Family Controls guidelines would be extremely helpful.

My Brand new iphone 16 pro max keeps restarting on its own for no reasonable

The example database/server provided by Apple for Live Caller ID contains a hardcoded database with a tiny number of pre-defined numbers. However, its not expected to be representational of an live real world usage server. But the question is how can that be accomplished if its a requirement that the data be KPIR encrypted? In real world scenarios, the factors that effect whether a number should be blocked or not are continually changing and evolving on a minute-by-minute basis and new information becomes available or existing information changes. If the database supports tens of millions or hundreds of millions of constantly changing phone numbers, in order to meet the requirements of the Live Caller ID being KPIR encrypted, that would imply the database has to re-encrypt its database of millions endlessly for all time. That seems unfeasable and impractical to implement. Therefore how do the Apple designers of this feature envisage/suggest a real-world server supporting millions of changing data should meet the requirement to be KPIR encrypted?

After setting up all permissions, family members not showing up on the device list

We developing an app, It's a Parental control app required to block large number of apps. In child mobile installed more than 200 apps parent has to block and disable these apps but parent cant able to block more than 50 apps. Is there any option is there to block all the 200 apps from child mobile.

I'm trying to implement live caller id PIR server in python and I have an issue related to evaluation key config. I don't receive the POST /key request even if I try to install the extension on new device and I had this error in device system logs: error 11:21:30.663022+0200 ciphermld requestData(byKeywords:shardIds:clientConfig:) threw an error: CipherML.CipherMLError.missingSecre t Ke y I think the reason why the evaluation key is not generated is related to this error but I'm not sure. It might be also related to HE params - I tried with the same params as in swift server example with plaintext_modulus=17 and it works, but for plaintext_modulus=65537 on the same device the system doesn't send me the evaluation key. Is there a limitation that restricts the evaluation key generation for some HE params? There is how the entire config object that I retrieve looks like: { "configs": { "Live-C aller-ID-Lookup. TestLiveCallerI D.iden tity": { "pir_config": { "encry ption_p aram eters": { "pol ynomial_deg ree": "4096", "plaint ext_mo dulus": "65537", "coeff icient_m oduli": [ "134176769", "268369921", "268361729" ], "secu rity_le vel": "SECU RITY LEVEL QUANT UM128", "h e_sc heme": "H E_SC HEM E_B F V" }, "shard_configs": [ { "num_entries": "2", "entry_size": "55991", "dimensions": [ "2", "1" ], "shard_id": "" } ], "keyword_pir_params": { "num_hash_functions": "2", "sharding_function": { "sha256": {} } }, "algorithm": "PIR _ALGO RITHM _MUL_PIR", "batch_size": "2", "evalu ation_ke config_hash": "" }, "config_id": "" } }, "key_info": [ { "timestamp": "1738660849", "key_config": { "encryp tion_par ameters": { "polynomial_degree": "4096", "plaintex t_mo dulus": "65537", "coeffic ient_m oduli": [ "134176769", "268369921", "268361729" ], "secu rity_level": "SECUR ITY_LEVEL_QU ANTUM128", "he_sc heme": "HE_SC HEME_BFV" }, "gal ois_e lements": [ 20 49, 40 97 ], "has _rel in_key": true } } ] } PS evaluation key data is just a placeholder, but anyway it should be skipped cause of expired timestamp More logs: ```language default 11:21:30.535865+0200 ciphermld Running rotation task for ["Live-Caller-ID-Lookup.TestLiveCallerID.identity"] info 11:21:30.535953+0200 ciphermld Skipping groups that manage their own networking: &lt;private&gt; default 11:21:30.537007+0200 ciphermld Request to fetchConfigs has started for useCases '["Li ve-Caller-ID-Lookup.TestLiveCallerID.identity"]', userId: '&lt;private&gt;', existingConfigIds: '["id"]' default 11:21:30.542174+0200 ciphermld Request to queries-batch has started for userId: '&lt;private&gt;', length: 28350 default 11:21:30.655914+0200 ciphermld Request to fetchConfigs has finished, response length: 230 default 11:21:30.656182+0200 ciphermld Received configurations: 1 usecase(s), 1 key(s) for group 'Live-Caller-ID-Lookup.TestLiveCallerID.identity' debug 11:21:30.660868+0200 ciphermld Skipping non-active key: timestamp: 1738660849 key_config { encryption_parameters { polynomial_degree: 4096 plaintext_modulus: 65537 coefficient_moduli: [134176769, 268369921, 268361729] security_level: Quantum128 he_scheme: BFV } galois_elements: [2049, 4097] has_relin_key: true } error 11:21:30.662982+0200 ciphermld No key for use-case 'Live-Caller-ID-Lookup.TestLiveCallerID.identity' error 11:21:30.663022+0200 ciphermld requestData(byKeywords:shardIds:clientConfig:) threw an error: CipherML.CipherMLError.missingSecre t Ke y default 11:21:30.663824+0200 com.apple.CallKit.CallDirectory &lt;private&gt; XPC request complete, results(0) error:Error Domain=CipherML.CipherMLError Code=32 "missing secre t ke y" UserInfo={NSLocalizedDescription=missing secre t ke y} default 11:21:30.972372+0200 ciphermld Request to queries-batch has finished response, length: 0 default 11:21:30.974711+0200 com.apple.CallKit.CallDirectory &lt;private&gt; XPC request complete, results(1) error:(null) default 11:21:36.161964+0200 com.apple.CallKit.CallDirectory &lt;private&gt; Sending XPC request default 11:21:36.163149+0200 com.apple.CallKit.CallDirectory &lt;private&gt; Sending XPC request default 11:21:36.169931+0200 ciphermld requestData(byKeywords:shardIds:clientConfig:) method was called default 11:21:36.170448+0200 ciphermld requestData(byKeywords:shardIds:clientConfig:) method was called default 11:21:36.174001+0200 ciphermld Cached: 0 / Missing: 1 error 11:21:36.174997+0200 ciphermld No userId or secre t Ke y for use-case '.Lve-Caller-ID-Lookup.TestLiveCallerID.identity'. Running rotation task' default 11:21:36.175075+0200 ciphermld Running rotation task for ["Live-Caller-ID-Lookup.TestLiveCallerID.identity"] info 11:21:36.175240+0200 ciphermld Skipping groups that manage their own networking: &lt;private&gt; default 11:21:36.177700+0200 ciphermld Request to fetchConfigs has started for useCases '["Live-Caller-ID-Lookup.TestLiveCallerID.identity"]', userId: '&lt;private&gt;', existingConfigIds: '["id"]' default 11:21:36.179914+0200 ciphermld Request to queries-batch has started for userId: '&lt;private&gt;', length: 28350 default 11:21:36.336051+0200 ciphermld Request to fetchConfigs has finished, response length: 230 default 11:21:36.336308+0200 ciphermld Received configurations: 1 usecase(s), 1 key(s) for group 'Live-Caller-ID-Lookup.TestLiveCallerID.identity' debug 11:21:36.341522+0200 ciphermld Skipping non-active key: timestamp: 1738660849 key_config { encryption_parameters { polynomial_degree: 4096 plaintext_modulus: 65537 coefficient_moduli: [134176769, 268369921, 268361729] security_level: Quantum128 he_scheme: BFV } galois_elements: [2049, 4097] has_relin_key: true } error 11:21:36.356497+0200 ciphermld No key for use-case 'Live-Caller-ID-Lookup.TestLiveCallerID.identity' error 11:21:36.356669+0200 ciphermld requestData(byKeywords:shardIds:clientConfig:) threw an error: CipherML.CipherMLError.missingSecre t Ke y default 11:21:36.357075+0200 com.apple.CallKit.CallDirectory &lt;private&gt; XPC request complete, results(0) error:Error Domain=CipherML.CipherMLError Code=32 "missing secre t ke y" UserInfo={NSLocalizedDescription=missing secre t ke y} default 11:21:36.625701+0200 ciphermld Request to queries-batch has finished response, length: 0 default 11:21:36.626749+0200 com.apple.CallKit.CallDirectory

Hi Apple Developers, I am currently working on a message filtering application and facing issues specifically with filtering RCS (Rich Communication Services) messages. To debug this, I created a sample app that consistently categorizes all incoming messages as "junk." However, the filtering behaviour is inconsistent and not functioning as expected. Here are the key issues observed during testing on iOS versions 18.2.1 and 18.3: Inconsistent Filtering Behavior: When a message is received from an unknown number, it sometimes gets moved to the Junk folder momentarily but is then immediately moved back to the main Messages inbox. In some cases, the message does not get moved to the Junk folder at all, despite the app returning the verdict as "junk." Duplicate Contact Tiles: The Messages app displays two separate conversation tiles for the same mobile number, which is unexpected behavior. I have attached both a sample app and a screen recording that clearly demonstrates the issue. The recording shows that the app categorizes messages as junk, yet they still end up in the main Messages inbox. For reference, my carrier partner is T-Mobile. Please let me know if you need any additional information to investigate this issue further. Looking forward to your insights and guidance. Best regards, Rijul Singhal