We are currently experiencing the following weird issue with our iPhone app. As the title says, NSUserDefaults is losing our custom keys and values when phone is rebooted but not unlocked, and this is happening on a very specific scenario with ActivityKit. Context: We are using the NSUserDefaults in the app to store user data (e.g. username). Issue: An error occurred with no permission to access cached messages after a restart. Scenario: When receiving a Dynamic Island notification, if the phone is restarted, after unlocking the phone and tapping on the Dynamic Island to open the App, all cached information results in an error. Reasons for the error: After restarting the APP, the files are in a locked state. The Dynamic Island proactively invokes the App method. When executing the startup method and retrieving cached messages, an error occurs due to lack of permission. All storage, including files, NSUserDefaults, Keychain, and Plist retrieval, results in errors. The error message is as follows: { "errorCode": "-25308", "errorDesc": "Error Domain=com.samsoffes.sskeychain Code=-25308 "(null)"", "serviceName": "com.qunar.qunarclient8", "account": "iid" } The data returned at this time is in a protected state, [UIApplication sharedApplication].isProtectedDataAvailable. Any help or idea will be truly appreciated :)

trying to quit 2 apps and launch a 3rd. 3 individual Automator apps work by themselves fine. But can't get them to "open an app" from Calendar at a specified time. Tried building an Apple Script. Same issue. Here's the Automator app. ** tell application "Jellyfin Media Player" to quit delay 1 tell application "Jellyfin server 10.10.1" to quit delay 1 tell application "EmbyServer 4.8.10" to activate** any help on what I'm doing wrong? seems simple enough. Both Automator and Script Ed have "full disk access" and "Accessibility"

we could see that could see that test cards are available for adding Debit/Credit Cards to Apple Wallet. https://developer.apple.com/apple-pay/sandbox-testing/ However, we are unable to find a way to add balance to Apple Cash in sandbox environment.

I've created a font family, but Font Book refuses to include it in the English language set, despite my best efforts. The font has every glyph in the OpenType "Std" set, plus several others. I've checked various boxes for Latin 1 and Macintosh Character Codepages; plus Unicode ranges for Basic Latin, additional Latin, etc, etc. I've compared it to several other fonts that are in the English set, and I can't see anything that they have that my fonts don't. (In fact, many of them seem to have much less!) I've created other fonts that are in the English set, but I've no idea what the difference is. Given that macOS relies on these Language sets, in order to hide the thousands of unnecessary fonts that are permanently installed in the OS, there ought to be some guidance on how to do this.

Dear Apple engineers, Is it possible to make a fileprovider cloud volume mount path independent of the user's home folder in order to have constant path across desktop clients when files are referenced / placed by applications like Adobe Creative Cloud ? Ideally mount or link the fileprovider cloud volume under /Volumes Thanks,

Hi I have some problems with my macOS after updating to Sonoma. I am running a intel based MacBookPro 2018. After update to Sonoma I had some Kernel panic. Log attached. Also I had some problems running my LaunchDaemon for starting macFUSE and connecting to SSHFS. This used to work before. Now, my plan forward is to restore a backup from the MacBook before update. I will restore the backup and remove any redundant/not in use .plist jobs ( especially ) LaunchDaemon jobs. When this is done I will try to update macOS again. I have many .plist jobs also Daemon. Please supply information on how I can remove any redundant / not in use .plist jobs. I belive the reason for the kernel panic was the io.macfuse.filesystems.macfuse.23 4.7.2. ( attached log ) I want to keep the io.macfuse.filesystems.macfuse.23 4.7.2 , but I want to remove other kexts not in use and other .plist not in use. Please supply info in how to identify redundant kexts not in use and redundant .plist not in use. How do I know if the induvidual kexts is needed or not ? Best regards Tormod Willassen Kernel_Panic.rtf log-file log-file

Hello, I am currently developing an iOS application that leverages FinanceKit to access transaction history. I have already enabled FinanceKit in my developer account, but I am encountering challenges when trying to test the transaction history feature. Could anyone guide me on the best practices or specific steps needed to effectively test FinanceKit’s transaction history in a development environment? Any insights on mock data handling, API responses, or potential limitations during testing would be greatly appreciated. Thank you in advance for your help!

Let's say I have a CloudKit database schema where I have records of type Author that are referenced by multiple records of type Article. I want to delete an Author record if no Article is referencing it. Now consider the following conflict: device A deleted the last Article referencing Author #42 device B uploads a new Article referencing Author #42 at the same time The result should be that Author #42 is not deleted after both operations are finished. But both device don't know from each other changes. So either device B could miss that device A deleted the author. Or device A could have missed that a new Article was uploaded and therefore the Author #42 was deleted right after the upload of device B. I though about using a reference count first. But this won't work if the ref count is part of the Author record. This is because deletions do not use the changeTag to detect lost updates: If device A found a reference count 0 and decides to delete the Author, it might miss that device B incremented the count meanwhile. I currently see two alternatives: Using a second record that outlives the Author to keep the reference count and using an atomic operation to update and delete it. So if the update fails, the delete would fail either. Always adding a new child record to the Author whenever a reference is made. We could call it ReferenceToken. Since child records may not become dangling, CloudKit would stop a deletion, if a new ReferenceToken sets the parent reference to the Author. Are there any better ways doing this?

Hi everyone, I'm currently working on testing in-app purchases for my app, and I'm having issues with logging into a sandbox account on my iPhone. Here's the situation: I created a sandbox account via App Store Connect. I signed out of my regular Apple ID from the App Store and attempted to log in with my sandbox account during an in-app purchase. I receive a verification code on my phone, and it seems like the login is working. However, after entering the code, I keep getting redirected back to the "Sign in with Apple Account" screen. It doesn’t fully log me in. I’ve tried resetting network settings, restarting the device, and even creating a new sandbox account, but nothing seems to work. I'm running the app through Expo prebuild and attempting to test purchases, but without being able to log into the sandbox environment, I can’t move forward. Has anyone encountered this issue before or know how to fix it? Any help would be greatly appreciated! Thanks!

Only development environment can real sync. But product environment can't sync. And when run my device show this error: CoreData: Already have a mirrored relationship registered for this key: CD_M2M_Event_items:B269B612-37A6-4ED7-9FDB-601E88BF56A8:8DC64E4A-E893-4465-8B21-48CF1C52A4BC <NSCKMirroredRelationship: 0x302bb9950> (entity: NSCKMirroredRelationship; id: 0xa049af3fb0190928 <x-coredata://BEB6E57C-891C-4E71-B92F-7BAA0844913E/NSCKMirroredRelationship/p1747>; data: { cdEntityName = Event; ckRecordID = "B5908A8A-079E-482C-9F2E-1309BF071F0E"; ckRecordSystemFields = nil; isPending = 0; isUploaded = 0; needsDelete = 0; recordName = "B269B612-37A6-4ED7-9FDB-601E88BF56A8"; recordZone = "0xa049af3f6a5909a8 <x-coredata://BEB6E57C-891C-4E71-B92F-7BAA0844913E/NSCKRecordZoneMetadata/p1>"; relatedEntityName = Item; relatedRecordName = "8DC64E4A-E893-4465-8B21-48CF1C52A4BC"; relationshipName = items; }) <decode: bad range for [%@] got [offs:941 len:665 within:0]> And my product core data sync data only to October 24, 2024. The data before October 24 was synchronized normally, Nothing after October 24 is synced.

Hello Apple Support Team, I'm experiencing an issue with my iPhone 15 Pro. Although the battery health shows 100%, the phone shuts down unexpectedly at various charge levels, sometimes as high as 70% or even 40%. My iPhone is currently on iOS 18.2 beta 2, but this issue began with iOS 18.2 beta 1. I’ve tried multiple troubleshooting steps: Formatted the iPhone Performed a force reboot Upgraded and then downgraded the software Unfortunately, none of these solutions resolved the problem. The panic report doesn’t appear to show anything conclusive. I'm attaching the panic report for further analysis, as I’m unsure if this is a software bug related to the beta or a hardware issue. Thank you for your assistance.

I have an app with a shared internal framework, a main app target, and a widget target. In my shared framework, I have an AppIntent, FooIntent. In addition, I have an AppIntentPackage public struct FooIntentsPackage: AppIntentsPackage { } also in the framework. Finally, in the widget target, I reference that package: struct FooAppIntents: AppIntentsPackage { static var includedPackages: [any AppIntentsPackage.Type] { [ FooIntentsPackage.self ] } } However, when I run this, I get a bunch of these errors: metadata `_$s8Internal15FooAppIntentsV' did not match any imported symbol. I've tried turning off Strip Linked Product in both the Framework and the Widget, to no avail. Any ideas?

Hi, I have been looking into Core Data crashes happening when the app is in background and fault is fired due to some processing happening within the app. The stack looks like this where the line 5 just accesses a property of the NSManagedObject's subclass. Unfortunately I don't see any additional information about the exception itself. Therefore, I was wondering if anyone could shed some light on which exception the NSFaultHandler.m:395 is triggering and why. Exception Type: EXC_CRASH (SIGABRT) Exception Codes: 0x0000000000000000, 0x0000000000000000 Triggered by Thread: 10 Last Exception Backtrace: 0 CoreFoundation 0x1d15b8e38 __exceptionPreprocess + 164 (NSException.m:202) 1 libobjc.A.dylib 0x1ca7478d8 objc_exception_throw + 60 (objc-exception.mm:356) 2 CoreData 0x1d8dda27c _PFFaultHandlerLookupRow + 2508 (NSFaultHandler.m:395) 3 CoreData 0x1d8e024e0 _PF_FulfillDeferredFault + 200 (NSFaultHandler.m:915) 4 CoreData 0x1d8eb8f1c _sharedIMPL_pvfk_core + 168 (NSManagedObject_Accessors.m:1198) 5 MyApp 0x103641928 closure #8 in static ChatChannel.create(fromDTO:depth:) + 304 (ChannelDTO.swift:531) At first I was thinking if this could be a case of accessing a deleted object while the context is still referencing it, but does not look like it. At least I can't reproduce it (tried deleting objects using a separate context and even with container but no crash happens). Happy to learn about different cases what could trigger exception with this stack. Notes: Contexts I use are all created with newBackgroundContext method.

I am considering an implementation to provide OS Contacts information in real-time using data from push notifications. Through a TSI (Technical Support Incident), Apple Support recommended combining ContactProviderExtension and NotificationServiceExtension. However, the following threads indicate that this combination is not supported, as confirmed by Apple DTS (Thread 1, Thread 2). Question 1: Latest Support Status for Using ContactProviderExtension with NotificationServiceExtension Additionally, there is limited documentation on implementing ContactProviderExtension, and I am specifically struggling with the following points: Question 2: Specific Implementation Guidance for ContactProviderExtension The method to call when providing Contacts information to the OS How to add and delete Contacts information provided to the OS How to verify the Contacts information currently provided to the OS Any insights on the latest support status or specific implementation methods for these extensions would be greatly appreciated.

I have a Map within a SwiftUI. I initialize a variable like this: var cameraPosition: MapCameraPosition = .userLocation(followsHeading: true, fallback: .automatic) and then I want to zoom map, code like this: let userRegion = MKCoordinateRegion( center: userLocation.coordinate, span: MKCoordinateSpan( latitudeDelta: 0.01, longitudeDelta: 0.01 ) ) cameraPosition = .region(userRegion) But it does't work. How can I solve this problem?

So I have a button on a widget styled as seen below. I want this button to take up the entirety of the width, problem is, when it does so either using a frame(maxWidth: .infinity) or if I increase the horizontal padding, the button still only gets clicked if the user taps near the buttons center. Otherwise, it will open the app. Relevant code: Button(intent: Intent_StartRest() ){ Text("stop") } .buttonStyle(PlainButtonStyle()) .tint(.clear) .padding(.vertical, 6) .padding(.horizontal, 100) .background(RoundedRectangle(cornerRadius: 30).fill(.button)) .foregroundStyle(.buttonText) // Just sets text color .useAppFont(size: 18, relativeTo: .caption, weight: .bold) // Just sets font Any pointers?

Hello, While testing Apple Pay transaction I noticed my transactions were showing the incorrect App Name and image. I was using two Apps which likely have similar names. BetRivers Casino and Sportsbook (app 1) and Bally Casino by BetRivers (app 2). In the first image you see Bally Casino which is the wrong app, this is confirmed by the website links underneath. All our sites use a single app except for Ballycasino.betrivers. Our other tests did not display like this, so we would like to understand why it happened so we may assist our customers should question arise. My other image is when our App opens Apple Pay, it shows the name "SugarHouse", I am unable to find the location of where this comes from, as we would want to edit this.

When trying the request "hotels" on MapKitJS with searchRegionPriority=default, it will return an hotel in Ramallah even if the searchRegion is very far from there. It can happen if your search region is very broad in most place (above Europe if you zoom out a lot, over Turkey and Middle East even if the bounding box is narrower), but on specific places it happens even with a small search region (like in Tripoli, Lebanon, whatever the zoom level). With searchRegionPriority=required, many hotels can be found in the same area. Reproduce with: https://maps-api.apple.com/v1/search?q=hotels&searchRegion=34.45512816097114,35.849070061159864,34.428418939926146,35.80795182731595&lang=en&searchRegionPriority=default

The app works on iPhone 16 Pro OS18.1 paired AW 10 OS11.0 but when the same iPhone paired with AW OS 11.1, I got the warning below and watch is not responsive Could not get trait set for device Watch7,9 with version 11.1

Modern versions of macOS use a file system permission model that’s far more complex than the traditional BSD rwx model, and this post is my attempt at explaining that model. If you have a question about this, post it here on DevForums. Put your thread in the App & System Services > Core OS topic area and tag it with Files and Storage. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = "eskimo" + "1" + "@" + "apple.com" On File System Permissions Modern versions of macOS have four different file system permission mechanisms: Traditional BSD permissions Access control lists (ACLs) App Sandbox Mandatory access control (MAC) The first two were introduced a long time ago and rarely trip folks up. The second two are newer, more complex, and specific to macOS, and thus are the source of some confusion. This post is my attempt to clear that up. Error Codes App Sandbox and the mandatory access control system are both implemented using macOS’s sandboxing infrastructure. When a file system operation fails, check the error to see whether it was blocked by this sandboxing infrastructure. If an operation was blocked by BSD permissions or ACLs, it fails with EACCES (Permission denied, 13). If it was blocked by something else, it’ll fail with EPERM (Operation not permitted, 1). If you’re using Foundation’s FileManager, these error are both reported as Foundation errors, for example, the NSFileReadNoPermissionError error. To recover the underlying error, get the NSUnderlyingErrorKey property from the info dictionary. App Sandbox File system access within the App Sandbox is controlled by two factors. The first is the entitlements on the main executable. There are three relevant groups of entitlements: The com.apple.security.app-sandbox entitlement enables the App Sandbox. This denies access to all file system locations except those on a built-in allowlist (things like /System) or within the app’s containers. The various “standard location” entitlements extend the sandbox to include their corresponding locations. The various “file access temporary exceptions” entitlements extend the sandbox to include the items listed in the entitlement. Collectively this is known as your static sandbox. The second factor is dynamic sandbox extensions. The system issues these extensions to your sandbox based on user behaviour. For example, if the user selects a file in the open panel, the system issues a sandbox extension to your process so that it can access that file. The type of extension is determined by the main executable’s entitlements: com.apple.security.files.user-selected.read-only results in an extension that grants read-only access. com.apple.security.files.user-selected.read-write results in an extension that grants read/write access. Note There’s currently no way to get a dynamic sandbox extension that grants executable access. For all the gory details, see this post. These dynamic sandbox extensions are tied to your process; they go away when your process terminates. To maintain persistent access to an item, use a security-scoped bookmark. See Accessing files from the macOS App Sandbox. To pass access between processes, use an implicit security scoped bookmark, that is, a bookmark that was created without an explicit security scope (no .withSecurityScope flag) and without disabling the implicit security scope (no .withoutImplicitSecurityScope flag)). If you have access to a directory — regardless of whether that’s via an entitlement or a dynamic sandbox extension — then, in general, you have access to all items in the hierarchy rooted at that directory. This does not overrule the MAC protection discussed below. For example, if the user grants you access to ~/Library, that does not give you access to ~/Library/Mail because the latter is protected by MAC. Finally, the discussion above is focused on a new sandbox, the thing you get when you launch a sandboxed app from the Finder. If a sandboxed process starts a child process, that child process inherits its sandbox from its parent. For information on what happens in that case, see the Note box in Enabling App Sandbox Inheritance. IMPORTANT The child process inherits its parent process’s sandbox regardless of whether it has the com.apple.security.inherit entitlement. That entitlement exists primarily to act as a marker for App Review. App Review requires that all main executables have the com.apple.security.app-sandbox entitlement, and that entitlements starts a new sandbox by default. Thus, any helper tool inside your app needs the com.apple.security.inherit entitlement to trigger inheritance. However, if you’re not shipping on the Mac App Store you can leave off both of these entitlement and the helper process will inherit its parent’s sandbox just fine. The same applies if you run a built-in executable, like /bin/sh, as a child process. When the App Sandbox blocks something, it typically generates a sandbox violation report. For information on how to view these reports, see Discovering and diagnosing App Sandbox violations. To learn more about the App Sandbox, see the various links in App Sandbox Resources. For information about how to embed a helper tool in a sandboxed app, see Embedding a Command-Line Tool in a Sandboxed App. Mandatory Access Control Mandatory access control (MAC) has been a feature of macOS for many releases, but it’s become a lot more prominent since macOS 10.14. There are many flavours of MAC but the ones you’re most likely to encounter are: Full Disk Access (macOS 10.14 and later) Files and Folders (macOS 10.15 and later) App container protection (macOS 14 and later) App group container protection (macOS 15 and later) Data Vaults (see below) and other internal techniques used by various macOS subsystems Mandatory access control, as the name suggests, is mandatory; it’s not an opt-in like the App Sandbox. Rather, all processes on the system, including those running as root, as subject to MAC. Data Vaults are not a third-party developer opportunity. See this post if you’re curious. In the Full Disk Access and Files and Folders cases, users grant a program a MAC privilege using System Settings > Privacy & Security. Some MAC privileges are per user (Files and Folders) and some are system wide (Full Disk Access). If you’re not sure, run this simple test: On a Mac with two users, log in as user A and enable the MAC privilege for a program. Now log in as user B. Does the program have the privilege? If a process tries to access an item restricted by MAC, the system may prompt the user to grant it access there and then. For example, if an app tries to access the desktop, you’ll see an alert like this: “AAA” would like to access files in your Desktop folder. [Don’t Allow] [OK] To customise this message, set Files and Folders properties in your Info.plist. This system only displays this alert once. It remembers the user’s initial choice and returns the same result thereafter. This relies on your code having a stable code signing identity. If your code is unsigned, or signed ad hoc (“Signed to Run Locally” in Xcode parlance), the system can’t tell that version N+1 of your code is the same as version N, and thus you’ll encounter excessive prompts. Note For information about how that works, see TN3127 Inside Code Signing: Requirements. The Files and Folders prompts only show up if the process is running in a GUI login session. If not, the operation is allowed or denied based on existing information. If there’s no existing information, the operation is denied by default. For more information about app and app group container protection, see the links in Trusted Execution Resources. For more information about app groups in general, see App Groups: macOS vs iOS: Fight! On managed systems the site admin can use the com.apple.TCC.configuration-profile-policy payload to assign MAC privileges. For testing purposes you can reset parts of TCC using the tccutil command-line tool. For general information about that tool, see its man page. For a list of TCC service names, see the posts on this thread. Note TCC stands for transparency, consent, and control. It’s the subsystem within macOS that manages most of the privileges visible in System Settings > Privacy & Security. TCC has no API surface, but you see its name in various places, including the above-mentioned configuration profile payload and command-line tool, and the name of its accompanying daemon, tccd. While tccutil is an easy way to do basic TCC testing, the most reliable way to test TCC is in a VM, restoring to a fresh snapshot between each test. If you want to try this out, crib ideas from Testing a Notarised Product. The MAC privilege mechanism is heavily dependent on the concept of responsible code. For example, if an app contains a helper tool and the helper tool triggers a MAC prompt, we want: The app’s name and usage description to appear in the alert. The user’s decision to be recorded for the whole app, not that specific helper tool. That decision to show up in System Settings under the app’s name. For this to work the system must be able to tell that the app is the responsible code for the helper tool. The system has various heuristics to determine this and it works reasonably well in most cases. However, it’s possible to break this link. I haven’t fully research this but my experience is that this most often breaks when the child process does something ‘odd’ to break the link, such as trying to daemonise itself. If you’re building a launchd daemon or agent and you find that it’s not correctly attributed to your app, add the AssociatedBundleIdentifiers property to your launchd property list. See the launchd.plist man page for the details. Scripting MAC presents some serious challenges for scripting because scripts are run by interpreters and the system can’t distinguish file system operations done by the interpreter from those done by the script. For example, if you have a script that needs to manipulate files on your desktop, you wouldn’t want to give the interpreter that privilege because then any script could do that. The easiest solution to this problem is to package your script as a standalone program that MAC can use for its tracking. This may be easy or hard depending on the specific scripting environment. For example, AppleScript makes it easy to export a script as a signed app, but that’s not true for shell scripts. TCC and Main Executables TCC expects its bundled clients — apps, app extensions, and so on — to use a native main executable. That is, it expects the CFBundleExecutable property to be the name of a Mach-O executable. If your product uses a script as its main executable, you’re likely to encounter TCC problems. To resolve these, switch to using a Mach-O executable. For an example of how you might do that, see this post. Revision History 2024-11-08 Added info about app group container protection. Clarified that Data Vaults are just one example of the techniques used internally by macOS. Made other editorial changes. 2023-06-13 Replaced two obsolete links with links to shiny new official documentation: Accessing files from the macOS App Sandbox and Discovering and diagnosing App Sandbox violations. Added a short discussion of app container protection and a link to WWDC 2023 Session 10053 What’s new in privacy. 2023-04-07 Added a link to my post about executable permissions. Fixed a broken link. 2023-02-10 In TCC and Main Executables, added a link to my native trampoline code. Introduced the concept of an implicit security scoped bookmark. Introduced AssociatedBundleIdentifiers. Made other minor editorial changes. 2022-04-26 Added an explanation of the TCC initialism. Added a link to Viewing Sandbox Violation Reports.  Added the TCC and Main Executables section. Made significant editorial changes. 2022-01-10 Added a discussion of the file system hierarchy. 2021-04-26 First posted.