An update on this: Our extension is still under review. It has been over 3 weeks now. Got an update from Developer Support stating that the submission is still under review. To be honest, hard to imagine what you can do with a Safari extension for over 3 weeks review time.. Such cases make it hard to predict when you should expect a CRITICAL update to be delivered to customers..

Looks like the issue background script visibility is fixed in the latest releases of Safari Technology Preview. There are other issues identified once we managed to get a proper debugging environment in Safari. Will file separately in Feedback Assistant.

@endecotp. Yes, I think you are right. There should be a warning at least. But in my observation, there is no indication at all. So to be more precise, this is what's happening. If I declare such a method in a class added to an Xcode project, - (BOOL)doTheThing { // do not return anything } then I see a warning from Xcode saying that there is no return statement. And this issue is caught by our CI system which has a very strict policy on warnings. If anyone in the team adds even a single warning, then such a change cannot be merged. But if I add the same method to a Swift package which is linked against the same Xcode project, then there is no clang warning in Xcode about it anymore. So now we have a situation that we have no idea how many other cases like that we have in our codebase because we are totally blind to it as Xcode/clang does not indicate any issue at all...

@eskimo, it seems notary service is back in action. Managed to notarize our packages successfully. Thanks for the assist!

A small update: It looks better now. 1 out of 20 attempts fails with the issue above. But still not completely stable.

Indeed, this example allows insecure connections which contradicts with our earlier observations. I've made a quick test by setting UserName and GroupName to daemon in the plist. That did not affect the behavior. Insecure connections were still allowed. I have created a feedback about opting in ATS by launchd jobs. Sharing the number for your reference: FB9942862 I will investigate why ATS gets involved in our case. I can think of a few interesting details from the top of my head: our daemon is sandboxed. Could that change the behavior? our daemon binary has an Info.plist embedded into it. Could that make ATS look at it from bundle point of view? it performs POST requests. Could that a reason why ATS gets kicked in?

Huh. That's curious because this is not what's happening according to our testing (my last comment above). This is what I am currently observing when a process that runs in the daemon context tries to perform a POST request to a HTTP address. 2022-03-03 11:51:55.384 E daemonnamed[1467:2af9] [subsystem:category] Error occurred while trying to send data: Error Domain=NSURLErrorDomain Code=-1022 "The resource could not be loaded because the App Transport Security policy requires the use of a secure connection." UserInfo={NSUnderlyingError=0x7ffbadf0ddd0 Unknown macro: {Error Domain=kCFErrorDomainCFNetwork Code=-1022 "(null)"}, NSErrorFailingURLStringKey=http://concealed, NSErrorFailingURLKey=http://concealed, NSLocalizedDescription=The resource could not be loaded because the App Transport Security policy requires the use of a secure connection.} So if I read this message correctly, ATS is restricting it from performing a network request due to an insecure connection. If I restore the URL to its original form (HTTPS), then the request is successful. is the comment about not having ATS protection in daemon context is about it being limited in some other way? So it's not the same as for user apps?

a small update. Made a quick test by trying to make a network request to a http address from the daemon side. Got the following error log message: "The resource could not be loaded because the App Transport Security policy requires the use of a secure connection". So it looks like ATS is indeed operational when the daemon is making a network request using URLSession. So the only confusing part was the description of circumstances under which ATS is expected to be enabled.

That's great news! We already subscribe to quite a wide range of events from Endpoint Security APIs including ES_EVENT_TYPE_AUTH_CLONE for file clone operations. But we are still planning to add ES_EVENT_TYPE_AUTH_COPYFILE support. But it just means that adding the support is not that critical to have as soon as Monterey is out as we initially thought. Thanks for your help and assistance (as always :) ) Regards, Arthur

Hello, Quinn! Thanks a lot for your assist on this. I was struggling a bit with connecting to an AFP server. For some reason, it was rejecting all my connection attempts and no solutions I found online helped me. But I tried connecting to a SMB server and duplicating the file on a remote SMB server and this produces the same copyfile sys call. So it was a success in the end. I also managed to verify that our es_client instance correctly identifies this new event when I duplicate a file on a remote SMB server and handles it accordingly. So looks like it's working as designed. Our biggest worry was that this a somewhat recently added event and as soon as Monterey is dropped, we will be missing events that we need to evaluate. But it does not look that way so far. As far as I can see, the use case for this sys call is pretty narrow, isn't it? Best regards, Arthur

As suspected this was fixed in Big Sur beta 5 with no response from Apple :) Well, good that's fixed at least.

Thanks a lot! Yeah, I've also quickly checked just now. Seems to be working fine and should cover our use case. I still hope that Apple would at least respond or just silently fix it (as they did with other bugs I've reported) because I think NSWorkspace should work :) But at least now there is a workaround in case it's not fixed in time. That's already good news.