Hey, I am trying to use Family Controls in Mac Catalyst. On the iOS app it works fine. On macOs using Mac Catalyst it builds fine but I get following console output. Failed to get service proxy: Error Domain=NSCocoaErrorDomain Code=4099 "The connection to service named com.apple.FamilyControlsAgent was invalidated: failed at lookup with error 159 - Sandbox restriction." UserInfo={NSDebugDescription=The connection to service named com.apple.FamilyControlsAgent was invalidated: failed at lookup with error 159 - Sandbox restriction.}` When i try to open the FamilyActivityPicker on the macOs app following error is displayed in the GUI. The operation could not be completed. (FamilyControls.ActivityPickerRemoteView Error error 2.) Do I need a familyControls capability for macOs? If yes, I only find it for iOS. Thanks for hints and help :)

Hi All, I submitted a Family Controls Request Form but haven't heard back. I didn't get any case id when I submitted the request, so how do you track it and know when It is approved? I'm currently developing an app that requires the main target and also the app extension to both use Family Controls. Does this mean I need to request forms for both app bundles separately or just the main app? This is really worrying for us as our project is almost ready and we are unable to launch it :( . Would appreciate any responses. Thanks,

After updating to Xcode 15.3 and Sonoma, I started getting an error when packaging my app: Provisioning profile failed qualification Profile doesn't include the com.apple.developer.mail-client entitlement. There is no indication in the documentation that this has anything to do with the provisioning profile, and there is no capacility that needs to be added. I was given the "com.apple.developer.mail-client" entitlement from Apple over a year ago as documented in: https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_developer_mail-client, and it worked fine until now.

We have a huge project. Until today we didn't use an .app but now we must in order to use Endpoint security and other stuff. Until today our binary sat in /opt/XYZ/binary.bin Now because of the .app, looks like it will have to be /opt/XYZ/Cool.app/Content/MacOs/binary.bin This change really breaks our code and will cause a massive code change. If I extract the binary from the app and place it in /opt/XYZ/binary.bin and run it, the process is killed. Is there a way to extract it from the app and run it from /opt/XYZ ? any tool, command, resource, etc' will be great.

Hello Fellow Developers, I'm reaching out for insights or solutions to a challenge we're encountering with our sync client application, particularly related to maintaining user folder access permissions across app sessions and system restarts. In our application, we leverage the openFileDialog to enable users to select a folder for file downloads and synchronization. To ensure smooth access on subsequent app launches, we save a security bookmark of the chosen folder. This is crucial for our app to function without repeatedly asking for user permissions, thereby enhancing the user experience. However, we've hit a snag where the security bookmark expires after a few days or upon a system restart, leading to a less than ideal scenario where users are prompted for reauthorization through a FileDialog. This repetitive process is not the seamless experience we aim to provide. To address permissions and security, we are currently using two entitlements: com.apple.security.files.bookmarks.document-scope com.apple.security.files.bookmarks.app-scope Despite these, we still face the bookmark expiration issue. We're seeking advice on whether there are other entitlements or methods we should consider to maintain persistent access to the selected folder without the security bookmark expiring. Our goal is to reduce or eliminate the need for users to repeatedly grant access, ensuring a seamless and efficient user experience. Has anyone faced a similar challenge or can offer guidance on additional entitlements or strategies to achieve persistent folder access? Any suggestions, alternative approaches, or insights would be greatly appreciated. We're keen on exploring all possible solutions to enhance our application's functionality and user satisfaction. Thank you for your time and assistance. I look forward to any advice or discussions this community can offer.

I requested the com.apple.developer.device-information.user-assigned-device-name entitlement on Feb 11 and received an email reply stating "We’ll contact you within a few weeks with your request status." However, it's been more than a month without any updates. Can anyone chime in with their experience RE: how long it took for Apple to review their request for this entitlement? https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_developer_device-information_user-assigned-device-name

I have a macOS app which contains a dext. I'd like to distribute it to external testers using TestFlight, so it has to pass Mac App Store review. It failed, because the App Sandbox entitlement was missing. I checked the app, it has the entitlement, but the dext does not. However, the .entitlements file used by the dext does contain App Sandbox set to true. I tried adding a "fake-entitlement" value to the .entitlements file, and that made it into the dext's code signature, but the App Sandbox entitlement appears to be stripped out by the build process? For a dext target, it isn't possible to add the App Sandbox capability in Xcode's Signing and Capability section. I have to add the entitlement manually in the .entitlement file (or it was put there by the Xcode driver template, I don't remember). I've tried clean building several times, I've tried Xcode 15.0.1, 15.2 and 15.3, but the result is always the same. I'm inspecting the entitlements using codesign -dvvv --entitlements - Does anyone know what I can do to put the App Sandbox entitlement into my dext's signature? Is this happening to anyone else?

I encounter a warning: "Cannot be used with TestFlight because the signature for the bundle at “Lattics.app” is missing an application identifier but has an application identifier in the provisioning profile for the bundle. Bundles with application identifiers in the provisioning profile are expected to have the same identifier signed into the bundle in order to be eligible for TestFlight." (90886). I don't need the TestFlight. And I add "com.apple.application-identifier" to the entitlements, but it crash on opening. I got an error: Code Signing Crashes

Hello everyone! Since iOS 17.4, it's now easier to set up an eSIM from a browser/email or with a link. We can now longpress the QR code to get the option to add an eSIM. Is it still required to have that private entitlement to enable the same functionality in-app but not in a browser? Seems odd. I can store QR codes on Imgur to install eSIM but can't do the same with my native app by CTCellularPlanProvisioning.addPlan method. Redirecting users to the browser seems like a workaround, but it creates a noticeable discrepancy in usability. I might have overlooked some SDK updates or new methods. Are there any new approaches to enable in-app eSIM setup with the latest update? Secondly, in the "Other eSIM activation methods" section of this page, a special link is mentioned, but I couldn't find any examples or resources for that. Thanks

The company that works on our app was required to have their clients create dev accounts that our app could be moved to. We did the app transfer from our previous developer and everything seemed fine. However when they try to update the app they get errors and have told us to remove certain data from the old dev account. We have tried this 3 different times and still no success. Here are the things we are being told to remove. Perhaps someone can give me more info on where to find these on our previous developer's account. Here's the identifier for you: 'group.com.subsplashstudio145.First-Bible-Church-of-Decatur' According to our team you will need to have the app group, NotificationContent and NotificationService removed from that other account. Any help appreciated! Thanks!

Hello! Firstly, I am submitting an entitlement request to access the E-sim configuration for the iOS application. While filling out the form, I encountered an issue with providing carrier information. The form is designed for a single carrier, but I have five carriers. Should I list all of them? Secondly, I have come across numerous discussions online regarding the time it takes to process such requests. Could you please provide me with an estimated timeframe for completion? Our customer is interested in completing the feature within a month. Thanks

I got approved for ProximityReader APIs for Apple Tap to Tay on iPhone. The Setting up the entitlement for Tap to Pay on iPhone guide says to look for "Additional Capabilities." I do not see it under my Certificates, Identifiers & Profiles. Where should I look?

I am trying to run a simple bash script from within swift. Eventually it should call a python script, but for now, I am just trying to get it to echo hello. The script is included in the bundle and also included in the targets. The script is called from the QLExtension. The script is correctly found, but I get an error: Error Domain=NSPOSIXErrorDomain Code=1 "Operation not permitted" let scriptPath = Bundle.main.path(forResource: "run_local", ofType: "sh") if scriptPath == nil { print("script not found or other error") return nil } let process = Process() process.executableURL = URL(fileURLWithPath: "/bin/bash") process.arguments = [scriptPath!] do { try process.run() process.waitUntilExit() } catch { print("Failed to run the script: \(error)") } The script, run_local.sh is included in the bundle and is just #!/bin/bash echo "hi" > /dev/null Is this possible? Are there any particular entitlements that I need in order for this to work? Everything else works with this app; this is the only error. -- The reason I am building this: I use google drive to synchronize files locally. A number of those files do not have a local representation. Google "stores" those files locally using a text file with a document ID (one would open something like docs.google.com/docs/) I want to be able to preview the google drive files using quicklook One very simple way to do this is to fetch the google drive files (using google drive API) at preview time. I have a python script that can do this and wanted to hook it up to the QLExtension for preview Another option is to keep a separate service running (I would use python) that keeps a local copy of all the synchronized google files. (But then I'll probably need to connect to a local sql database or similar that tells the swift extension the local file math: i.e., effectively a mapping from ID => local_file_path. But perhaps access of this kind to a SQL database is allowed?)

Do I need an entitlement to use the ARWorldTrackingConfiguration and get that data in RoomPlan enhancements being done?

I encountered a problem while implementing DNS Proxy for Network Extension. It consists of MyMyExt, a System Extension that implements DNS Proxy, and MyMyService, a container. The system extension consists of classes that inherit the NEDNSProxyProvider. Class has overrided "override init(), override func startProxy(...), override func stopProxy(...) override func handleNewFlow(...)" Since the manager.loadFromPreferences(...) and manager.saveToPreferences(...) calls, system extensions and DNS Proxy have been added. However, contrary to expectations, init(), startProxy(...), etc. are not being called. (In System Settings → Network → Filter, DNS Proxy has been added, but is displayed as "Activated" and a yellow circle) Here is the information that appears on the console. ... Omitted ... MyMyService.MyMyExt [Info] DNSProxyManager.swift: 51 [-] DNSProxy: saved nesessionmanager NESMDNSProxySession[Primary Tunnel:MyMyService.MyMyExt:<GUID>:(null)]: Adding a connection for client mDNSResponder[167] nesessionmanager NESMDNSProxySession[Primary Tunnel:MyMyService.MyMyExt:<GUID>:(null)]: handleNetworkDetectionNotification <MyMyService.MyMyExt> nesessionmanager NESMDNSProxySession[Primary Tunnel:MyMyService.MyMyExt:<GUID>:(null)]: Received a restart command from nesessionmanager[1011] nesessionmanager Registering session NESMDNSProxySession[Primary Tunnel:MyMyService.MyMyExt:<GUID>:(null)] nesessionmanager NESMDNSProxySession[Primary Tunnel:MyMyService.MyMyExt:<GUID>:(null)]: Resetting VPN On Demand nesessionmanager NESMDNSProxySession[Primary Tunnel:MyMyService.MyMyExt:<GUID>:(null)] in state NESMVPNSessionStateIdle: update configuration nesessionmanager <NESMServer: 0x13ae0ac90>: <MyMyService.MyMyExt> Register DNS Proxy Session: NESMDNSProxySession[Primary Tunnel:MyMyService.MyMyExt:<GUID>:(null)] nesessionmanager NESMDNSProxySession[Primary Tunnel:MyMyService.MyMyExt:<GUID>:(null)]: Successfully registered nesessionmanager NESMDNSProxySession[Primary Tunnel:MyMyService.MyMyExt:<GUID>:(null)]: status changed to connecting nesessionmanager NESMDNSProxySession[Primary Tunnel:MyMyService.MyMyExt:<GUID>:(null)] in state NESMVPNSessionStateIdle: received start message nesessionmanager NESMDNSProxySession[Primary Tunnel:MyMyService.MyMyExt:<GUID>:(null)]: Leaving state NESMVPNSessionStateIdle nesessionmanager NESMDNSProxySession[Primary Tunnel:MyMyService.MyMyExt:<GUID>:(null)]: Entering state NESMVPNSessionStatePreparingNetwork nesessionmanager NESMDNSProxySession[Primary Tunnel:MyMyService.MyMyExt:<GUID>:(null)]: Cannot create agent for plugin type MyMyService.MyMyExt, missing designated requirement nesessionmanager NESMDNSProxySession[Primary Tunnel:MyMyService.MyMyExt:<GUID>:(null)]: Failed to create an NEAgent nesessionmanager NESMDNSProxySession[Primary Tunnel:MyMyService.MyMyExt:<GUID>:(null)]: Leaving state NESMVPNSessionStatePreparingNetwork nesessionmanager NESMDNSProxySession[Primary Tunnel:MyMyService.MyMyExt:<GUID>:(null)]: Entering state NESMVPNSessionStateStopping, timeout 20 seconds ... Omitted ... Perhaps the key is the "Cannot create agent for plugin type MyMyService.MyMyExt, missing designated requirement" recorded in the log. But I can't find out what this message is about or how to resolve it. and, here is my code, more info at my previous post. I ask for your help. Thank you, for your attention.

I am developing a macOS application and have encountered an issue with entitlements that I am unable to resolve. The error emerges from the RunningBoard service when I try to play a video in a WKWebView. Here is the specific error: Error acquiring assertion: <Error Domain=RBSServiceErrorDomain Code=1 "(originator doesn't have entitlement com.apple.runningboard.assertions.webkit AND originator doesn't have entitlement com.apple.multitasking.systemappassertions)" UserInfo={NSLocalizedFailureReason=(originator doesn't have entitlement com.apple.runningboard.assertions.webkit AND originator doesn't have entitlement com.apple.multitasking.systemappassertions)}> I'm seeking answers to the following questions: What do the entitlements com.apple.runningboard.assertions.webkit and com.apple.multitasking.systemappassertions refer to specifically? How can I resolve the errors associated with the absence of these entitlements? This problem appears to affect many users, yet a public solution has not been identified. I've tried adding NSMicrophoneUsageDescription and NSCameraUsageDescription to my Info.plist, as suggested here, but to no avail. An apparent Apple employee suggested adding Background Modes to capabilities here, but such options do not exist. Numerous similar issues are documented online, but none provide a resolution. When I attempt to include the entitlements com.apple.runningboard.assertions.webkit and com.apple.multitasking.systemappassertions as indicated in the logs, my application fails to start, resulting in the following error message: Could not launch “My App Name” Runningboard has returned error 5. Please check the system logs for the underlying cause of the error. The error logs are extensive and include: Could not launch “Quick Music Bar” Domain: IDELaunchErrorDomain Code: 20 Recovery Suggestion: Runningboard has returned error 5. Please check the system logs for the underlying cause of the error. User Info: { DVTErrorCreationDateKey = "2024-02-24 06:26:22 +0000"; DVTRadarComponentKey = 968756; IDERunOperationFailingWorker = IDELaunchServicesLauncher; } -- The operation couldn’t be completed. Launch failed. Domain: RBSRequestErrorDomain Code: 5 Failure Reason: Launch failed. -- Launchd job spawn failed Domain: NSPOSIXErrorDomain Code: 153 -- Event Metadata: com.apple.dt.IDERunOperationWorkerFinished : { "device_model" = "Mac14,10"; "device_osBuild" = "14.3.1 (23D60)"; "device_platform" = "com.apple.platform.macosx"; "dvt_coredevice_version" = "355.7.7"; "dvt_mobiledevice_version" = "1643.60.2"; "launchSession_schemeCommand" = Run; "launchSession_state" = 1; "launchSession_targetArch" = arm64; "operation_duration_ms" = 113; "operation_errorCode" = 20; "operation_errorDomain" = IDELaunchErrorDomain; "operation_errorWorker" = IDELaunchServicesLauncher; "operation_name" = IDERunOperationWorkerGroup; "param_debugger_attachToExtensions" = 0; "param_debugger_attachToXPC" = 1; "param_debugger_type" = 3; "param_destination_isProxy" = 0; "param_destination_platform" = "com.apple.platform.macosx"; "param_diag_MainThreadChecker_stopOnIssue" = 0; "param_diag_MallocStackLogging_enableDuringAttach" = 0; "param_diag_MallocStackLogging_enableForXPC" = 1; "param_diag_allowLocationSimulation" = 1; "param_diag_checker_tpc_enable" = 1; "param_diag_gpu_frameCapture_enable" = 0; "param_diag_gpu_shaderValidation_enable" = 0; "param_diag_gpu_validation_enable" = 0; "param_diag_memoryGraphOnResourceException" = 0; "param_diag_queueDebugging_enable" = 1; "param_diag_runtimeProfile_generate" = 0; "param_diag_sanitizer_asan_enable" = 0; "param_diag_sanitizer_tsan_enable" = 0; "param_diag_sanitizer_tsan_stopOnIssue" = 0; "param_diag_sanitizer_ubsan_stopOnIssue" = 0; "param_diag_showNonLocalizedStrings" = 0; "param_diag_viewDebugging_enabled" = 1; "param_diag_viewDebugging_insertDylibOnLaunch" = 1; "param_install_style" = 0; "param_launcher_UID" = 2; "param_launcher_allowDeviceSensorReplayData" = 0; "param_launcher_kind" = 0; "param_launcher_style" = 99; "param_launcher_substyle" = 8192; "param_runnable_appExtensionHostRunMode" = 0; "param_runnable_productType" = "com.apple.product-type.application"; "param_structuredConsoleMode" = 1; "param_testing_launchedForTesting" = 0; "param_testing_suppressSimulatorApp" = 0; "param_testing_usingCLI" = 0; "sdk_canonicalName" = "macosx14.2"; "sdk_osVersion" = "14.2"; "sdk_variant" = macos; } -- System Information macOS Version 14.3.1 (Build 23D60) Xcode 15.2 (22503) (Build 15C500b) Timestamp: 2024-02-24T15:26:22+09:00 The system information is as follows: macOS Version 14.3.1 (Build 23D60), Xcode 15.2 (22503) (Build 15C500b), Timestamp: 2024-02-24T15:26:22+09:00 Has anyone else encountered this issue, or can anyone provide guidance on how to proceed?

I am using TapToPay with stripe it is working fine on the development mode but when i try to create build for app store it shows 2 errors.

Hi, so I want to have a set of config files and data files which need to be accessible for say 3 of the apps I am building. And these files should be accessible to all 3 regardless of who makes them. The config file can have details like theme etc or sign in details etc. How do I go about doing this? Some of the things I thought of were, Using the app group storage folder, where if I understand correctly, if my apps belong to the same app group and have the required entitlement I can create files, they can be accessed by all 3 apps and they will exist until the last of the applications is uninstalled. Is this right? Letting the user pick a location/folder in "On my iPhone" in each of the apps and store the folder in bookmarks for each of the app. In this way the data will remain even after it is uninstalled. Is there any other way this can be done. Is there a recommended way of doing this?

I followed the official Apple documentation to integrate external puchase, but after adding the com.apple.developer.storekit.external-purchase key to the entitlements plist file, I got the following error: "Provisioning profile "{company name}" doesn't include the com.apple.developer.storekit.external-purchase entitlement." error and fails to build. https://developer.apple.com/support/storekit-external-entitlement-kr/

several steps I have done： 1、send Apple Pay Entitlement & Whitelisting Request email and approved by Apple 2、setting Addiction Capability，config wallet ，import Profile Provisioning 3、setting Entitlement.info，enable com.apple.developer.payment-pass-provisioning=YES 4、successfully show “add Card to ApplePay” Page 5、error occurs in (void)addPaymentPassViewController:(PKAddPaymentPassViewController *)controller generateRequestWithCertificateChain:(NSArray<NSData *> *)certificates nonce:(NSData *)nonce nonceSignature:(NSData *)nonceSignature completionHandler:(void (^)(PKAddPaymentPassRequest *request))handler{ ..... handler(request); } download from testflight to test I got a error ’Error Domain=PKPassKitErrorDomain Code=1 "(null)"’, it seems always happened whatever i do. It is there any steps I miss？What I can do to solve the issue.