I want to run a nap. I'm developing on my actual iPhone previously. I have been able to do this but the phone is now missing from two computers. It appears in devices and simulators on both machines.

Hi, I'm trying to ssh into another machine, copy an app into that machine and codesign it using my "Dev ID Application" certificate, then copy it back to my original machine. I'm getting the "errSecInternalComponent" error when running codesign. This is the bash script I'm running: ssh ${REMOTE_SERVER} "security -v unlock-keychain -p <REDACTED> /Users/<REDACTED>/Library/keychains/login.keychain-db" ssh ${REMOTE_SERVER} "codesign -vvv --deep --force --verify --verbose --timestamp --options runtime --sign \"Developer ID Application: <REDACTED>\" \"/tmp/$BUILD_ID/ui-app/<APP_NAME>.app\"" ssh ${REMOTE_SERVER} "codesign -dv --verbose=4 /tmp/$BUILD_ID/ui-app/<APP_NAME>.app" I've tried to follow all the available info found online, managed to sign it successfully through the machine's UI, set the ACL of the private key to ALLOW ALL, restarted the keychain service, tried with the system keychain, approved all pop ups through the UI. Still with no luck through the SSH session. Any help would be greatly appreciated. Thanks!

I am developing a macOS app that requires the Associated Domains entitlement. The app will be distributed as a custom app. The app needs to be signed using Team A’s Developer ID Application certificate and packaged under Team A’s Team ID. Team A has a secure signing and packaging setup, but they do not provide access to their Developer ID Application Identity (cert) or their provisioning profile. I am part of Team B and have access to Team B’s Developer ID Application identity and provisioning profiles. I am thinking of doing the following: I create a provisioning profile under Team B that authorizes the Associated Domains entitlement. I sign the app using Team B’s Developer ID Application identity, ensuring the required entitlements are included. Then, I re-sign the app using Team A’s Developer ID Application identity, since Team A has also set up the same bundle ID with the Associated Domains entitlement and corresponding provisioning profile. Questions: Is this approach correct & does it have any drawback? Will the double signing process work without issues, given that Team A has the required provisioning profile for the same bundle ID? Are there better ways to handle this situation where signing must be done under Team A but access is limited? Thanks!

Hi, I'm doing Java 22 experiments with open source package "wgpu-macos-aarch64-release" on my Mac M3. This library contains a .dylib file and a .a file. In Java you can load native dynamic libraries using JNI. I used that in the past. Now in MacOS 15 this stopped working. Currently, I compile my Java file and run the binary file on the command line, including the library directory. The application would load the library from that directory. This should normally works but the library is not loaded. After some investigation it seems the .dylib is rejected by MacOS. Calling spctl --assess --verbose=4 libwgpu_native.dylib gives libwgpu_native.dylib: rejected without any extra reason message. Using sudo xattr -rd com.apple.quarantine libwgpu_native.dylib doesn't solve the problem. I also can't "accept" it in "Privacy & Security" because it's run as a command line call. I know that code signing should be done for "complete" applications. But these are just experiments and working with single dynamic libraries. How should this be done, to be able to load those libraries in a Java command line program? Or in general, how can you load an unsigned dylib in an application (apart from using Java as a tool). Kr, J

Hi at all, we started a notarization process and after 3 hours is still in progress.

I keep having issues with my account. I have certificates that will not revoke. I create new certificates, then I create new profiles for development, distribution and for developer ID application distribution outside of the app store as well. With my app in Xcode, I can only get the Developer profile to work to allow builds. My distribution profile builds and then fails, with an error 5. The Developer ID Application profile will not even accept the profile in XCode, sighting that there is no code signing, yet I have checked things over and over again. Ontop of this, I had developers in the past in my team and they added a whole lot of certificates for Developer ID that I just cannot use now. I also cannot revoke them. I have no active apps on the app store now, so I was wondering if Apple or someone can assist me in removing ALL the certificates, all the profiles and get a clean slate, so that I can setup everything from scratch again, because I have lost countless of hours getting nowhere and I cannot get Apple support to assist? Anyone been through this before?

I am developing an app that will utilize the Family Controls capability to use the DeviceActivity API. I understand that I need to request access to the Family Controls entitlement before releasing the app, but I am nowhere near that stage. I want to be able to test the Family Controls/Device Activity APIs while developing the app in debug mode, but I don't have the ability to add the Family Controls capability to my app. When I go to add it, it doesn't show up in the available options of capabilities to add. Do I need authorization for the Family Controls entitlement to even use the APIs in testing/development? Am I missing a prerequisite checkbox somewhere that would add the capability to the available options? I'm using XCode 16.0.

Hello. Last night, I was working on notarizing my macOS application. It succeeded for the first several requests, where I was submitting zipped applications. Then I tried to notarize a .pkg file. It has been in progress for 9+ hours, and the subsequent requests seem to be all waiting. Is there anything wrong with the notary service now? Is it true that subsequent requests will not proceed until the previous request is finished? Here's the log: createdDate: 2024-10-03T14:39:48.607Z id: 9739a538-1426-4036-971d-850f202306e0 name: <Redacted> status: In Progress -------------------------------------------------- createdDate: 2024-10-03T14:34:17.276Z id: c12e54d8-f362-4301-b099-ffcd51c27a91 name: <Redacted> status: In Progress -------------------------------------------------- createdDate: 2024-10-03T14:28:43.293Z id: 9a5b5c6b-37af-4761-944c-8ada884f6714 name: <Redacted> status: In Progress -------------------------------------------------- createdDate: 2024-10-03T13:56:35.675Z id: 32d46395-c5e3-4af5-9e02-01c1d8ae4865 name: <Redacted> status: In Progress -------------------------------------------------- createdDate: 2024-10-03T05:08:17.658Z id: 2c042894-79c8-4cc9-ab2b-a08920158023 name: <Redacted> status: In Progress

from; tkinter; import * from; tkinter; import ttk import random import time import sqlite3 #Connect; to; the; database (create, if it doesnot exist) conn = sqlite3.connect("quiz_database.db") c = conn.cursor() Create the table if it doesnot exist c.execute(""'CREATE TABLE IF NOT EXISTS questions (id INTEGER PRIMARY KEY AUTOINCREMENT, question TEXT, answer1 TEXT, answer2 TEXT, correct_answer INTEGER)""') conn.commit() Sample data (replace with your own questions) sample_questions = [ ("Is the Earth flat?", "True", "False", 2), ("Do birds fly?", "True", "False", 1), ("Is water wet?", "True", "False", 1), ("Can humans breathe underwater?", "True", "False", 2), ] c.executemany("INSERT OR IGNORE INTO questions (question, answer1, answer2, correct_answer) VALUES (?, ?, ?, ?)", sample_questions) conn.commit() class QuizApp: def init(self, master): self.master = master master.title("True/False Quiz") # Initialize variables self.questions = [] self.current_question = 0 self.score = 0 self.start_time = 0 self.time_limit = 60 # Time limit in seconds # Get questions from the database self.load_questions() # Create GUI elements self.question_label = Label(master, text="", font=("Arial", 16)) self.question_label.pack(pady=20) self.true_button = Button(master, text="True", command=lambda: self.check_answer(1), width=15) self.true_button.pack(side=LEFT, padx=10) self.false_button = Button(master, text="False", command=lambda: self.check_answer(2), width=15) self.false_button.pack(side=RIGHT, padx=10) self.feedback_label = Label(master, text="", font=("Arial", 12)) self.feedback_label.pack(pady=10) self.timer_label = Label(master, text="Time Left: 60s", font=("Arial", 12)) self.timer_label.pack() self.progress_bar = ttk.Progressbar(master, orient=HORIZONTAL, length=200, mode="determinate") self.progress_bar.pack(pady=10) self.start_quiz() def load_questions(self): c.execute("SELECT * FROM questions") self.questions = c.fetchall() random.shuffle(self.questions) def start_quiz(self): self.start_time = time.time() self.display_question() self.update_timer() def display_question(self): if self.current_question < len(self.questions): question = self.questions[self.current_question] self.question_label.config(text=question[1]) # Display the question self.progress_bar["maximum"] = len(self.questions) self.progress_bar["value"] = self.current_question + 1 # Update progress bar def check_answer(self, selected_answer): correct_answer = self.questions[self.current_question][4] if selected_answer == correct_answer: self.feedback_label.config(text="Correct!", fg="green") self.score += 1 else: self.feedback_label.config(text="Incorrect!", fg="red") self.current_question += 1 if self.current_question < len(self.questions): self.display_question() else: self.end_quiz() def update_timer(self): elapsed_time = time.time() - self.start_time remaining_time = self.time_limit - elapsed_time if remaining_time > 0: self.timer_label.config(text=f"Time Left: {int(remaining_time)}s") self.master.after(1000, self.update_timer) else: self.end_quiz() def end_quiz(self): self.true_button.config(state=DISABLED) self.false_button.config(state=DISABLED) self.feedback_label.config(text=f"Quiz Over! Your score: {self.score}/{len(self.questions)}") Run the application root = Tk() app = QuizApp(root) root.mainloop() Close the database connection conn.close()

Hi. I'm an iOS developer, We are creating a Automaker Carplay app for an Automaker provider, but we are facing some troubles: Xcode error: Provisioning profile "iOS Team Provisioning Profile: BundleIdentifier" doesn't match the entitlements file's value for the com.apple.developer.carplay-protocols entitlement. We have the entitlements requested and approved by apple, but we cannot deploy the app in real devices. We don't know if we need to do an extra step. Thank you very much.

In the past, I used to export a developer-signed test version of my macOS app in Xcode, create a zip archive from the Finder, upload it to my website and share the link to the testers. The last time I did this with macOS 14 the tester was still able to download the test app and run it. But it seems that with macOS 15 the trick to open the context menu on the downloaded app and click Open to bypass the macOS warning that the app couldn't be checked when simply double-clicking it, doesn't work anymore. Now I'm always shown an alert that macOS couldn't check the app for malware, and pushes me to move it to the bin. In this StackOverflow topic from 10 years ago they suggested to use ditto and tar to compress and uncompress the app, but neither worked for me. How can I share macOS apps that I signed myself with testers without physically handing them a drive containing the uncompressed app?

We have two memberships under the same account (Enterprise and Organization) and that both share the same Team Name, which is causing issues in iOS 18. as per latest email get from Apple regarding security update in iOS 18. How can i get unique Team Names to my Enterprise and Organization memberships. Where should i have to connect? Who can help ?

Hi there, this is the first time I submitted a Mac app for notarization but looks like all my submissions are stuck in in progress for like one day at the moment. Can anyone help take a look? This is my submission history: Successfully received submission history. history -------------------------------------------------- createdDate: 2025-01-16T00:23:18.445Z id: 0581680c-9cfe-4e5b-9cc9-3ba101c9fd52 name: MiniCalendar.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-15T05:12:13.480Z id: 55a03297-491b-4d30-8126-45d488a6beb9 name: MiniCalendar.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-15T04:27:40.510Z id: 092f558f-01d0-48e5-9761-58dda54de23c name: MiniCalendar.zip status: In Progress -------------------------------------------------- createdDate: 2025-01-15T01:12:55.923Z id: 3aa74a6f-bcb8-4911-9d18-fcbb3e9a6c11 name: MiniCalendar.zip status: In Progress

Project Background: I developed a Mac project using Electron and VSCode Successfully uploaded the packaged pkg using Transporter, However, I will receive an email informing me that there are some issues with the project: ITMS-90296: App sandbox not enabled - The following executors must include the 'com. apple. security. app sandbox' entitlement with a Boolean value of true in the entitlement property list: [[com. electron. iflyrecclient. pkg/Payload/iFlytek Listen. app/Contents/MacOS/iFlytek Listen]] ITMS-90886: 'Cannot be used with TestFlight because the signature for the bundle at' iFlytek hears. app 'is missing an application identifier but has an application identifier in the provisioning profile for the bundle.' Bundles with application identifiers in the provisioning profile are expected to have the same identifier signed into the bundle in order to be eligible for TestFlight.' Here is my packaging process: Generate an app using the electron packager tool Sign the app using @ electron osx sign (version 1.3.1) After signing, use productbuild - component Yourappname App/Applications - sign "3rd Party Mac Developer Installer: * * * * * (XXXXXXXXXX)" Yourappname. pkg command generates pkg PS： For the second step, I have set sand box=true in both entitlents.plist and entitlents.macinheriting. plist. And after signing, using codesign -dvvv -- entitiements - /path to view the app file shows' checkbox=true ', and the [iFlytek Listen. app/Contents/MacOS/iFlytek Listen] file in the issue also exists. Using the Suspicious Package software to view pkg also has sandbox=true. A few months ago, I uploaded it once and the issues mentioned in the email did not appear. The only changes were the macOS system version number and the replacement of the signature with provisionprofileprovisionprofile. I have reviewed similar issues on the Apple Developer Forums, but have not been resolved

Is it correct to codesign dylib/framewoks with entitlements? My understanding is that only executables need to have the entitlement and the dylibs loaded in that process will automatically inherit those entitlements. However, I am seeing a lot of scripts on the internet that are signing dylibs as well with entitlements. For eg - # sign *.dylibs find "$APP_BUNDLE" -type f -name "*.dylib" -exec codesign --deep --force --verify --verbose --timestamp --options runtime --entitlements "$ENTITLEMENTS_FILE" --sign "$SIGNING_IDENTITY" {} \; Is this even allowed? I know of at least one app that has passed notarization checks as well. If allowed, can a dylib have more entitlements than the process that loaded it?

My non-cloud Developer ID certificate will expire soon, and my account also has a cloud-managed Developer ID Certificate. My Mac application build workflow uses Archiving, so the cloud cert should be fine for that. But my workflow also signs bundled apps, such as Sparkle framwork's Autodupate app, using the codesign tool. Is it correct that codesign only uses certificates from the local Keychain, and so cannot use a Cloud-managed Developer ID certificate? Before I manually renew the non-cloud Developer ID certificate, I want to make sure I'm not missing some easier method. Thanks.

I get the error message in Xcode signing certificate Provisioning profile "iOS Team Provisioning Profile: com.example.app" doesn't include the pushkit entitlement. I have push notifications ticked in my Identifier in the online developer account. There is no other dedicated pushkit capability available to select. Push notifications, time sensitive notifications and background mode-> voice over ip are added as capabilities in the Xcode project. The team provisioning profile for the app states under its enabled capabilities: both push notifications and time sensitive notifications. Is pushkit part of another capability that I need to select? I have read the guide below and it just says to add the push notification capability. https://developer.apple.com/documentation/pushkit/supporting-pushkit-notifications-in-your-app I have gone round and round in circles trying to get this profile to work for this, so any pointers would be much appreciated. Thanks

I facing issue where the system extension i try to install have message: no related kext found for sysex 'com.apple.usbsoundriver' com.apple.usbsoundriver:extension failed to validate! uninstalling... uninstalling invalid extension com.apple.usbsoundriver Is internet access is required for system extension validation? I install the driver without internet access. This work in some others machine, only fresh reformated Mac machine without internet connection have this issue. Why is this so?

I tried building the React App for Any iOS device (Arm64) but I get error. Although I can build successfully for any iOS Simulators In the codesigning step I get the following error, "Warning: unable to build chain to self-signed root for signer "Apple Development: my email address ( ... ) " I don't have paid membership of Apple Developer Program, does that cause this failure? Also, to archive also do I need Apple Developer Program paid membership?

I am working on a MacOS application in which I need System Extension along with some network extension capabilities. In order to distribute the app externally, I have to create a Developer ID application (provisioning profile) using the App ID that already has Network extension capability. I have followed this documentation to create the App ID and provisioning profiles: https://developer.apple.com/documentation/bundleresources/entitlements/com.apple.developer.networking.networkextension?language=objc What I have: 2 App IDs (For app with network and system extension capability and for extension with only network extension capability) *2 Developer ID application (For both App and Extension) My App's entitlement file contains: <key>com.apple.developer.networking.networkextension</key> <array> <string>app-proxy-provider</string> <string>packet-tunnel-provider</string> </array> My system extension's entitlement file contains: <key>com.apple.developer.networking.networkextension</key> <array> <string>packet-tunnel-provider</string> <string>app-proxy-provider</string> <string>content-filter-provider</string> <string>dns-proxy</string> </array> Both the targets now have the following error: Provisioning profile "StandaloneCSAExtension" doesn't match the entitlements file's value for the com.apple.developer.networking.networkextension entitlement. Note: Instead of Developer ID application if I create a normal development provisioning profile with the same App ID, everything works perfectly fine, the only reason why we need to move to Developer ID application is because we need to distribute the app externally. Please help me if I have missed anything. Thanks in advance!