There is an inconsistent issue when views are rendered from the Device Activity Report Extension. This issue is noticeable only on release versions and it works fine in debug mode. Around 80% of the times, the Report Views return blank screen and this is only the case when a weekly/monthly filter is used. Although, it works as expected for daily report views. My questions are: How are all the Report Activity Views working fine in debug mode but not in release mode? How the daily activity filter works fine in the release mode but the weekly/monthly filters don't work? Is this because of a memory limit issue in the extension? As of now, I have the family-controls(distribution) entitlement only for the app and for the extensions I only have family-controls(development) entitlement. Do I need to request for family-controls(Distribution) entitlement even for the extensions? I have seen threads on the forum mentioning the blank screen issue associated with the DeviceActivityReport but haven't found a solution to it. Any suggestions/feedback would be of great help, thanks.

How to add Additional capabilities in Certificates, Identifiers & Profiles on app store account to Enable the Tap to Pay on iPhone capability.

I have a question regarding the way iOS handles app permissions. Why doesn't Apple provide a feature to review the reasons an app gave for requesting certain permissions after the initial authorization? There are instances where permissions were granted a long time ago or perhaps inadvertently, and now I can't recall why the app needed those permissions in the first place. This feature could be helpful for users trying to understand and manage their privacy settings more effectively. Thank you for any insights or information

Hi, I am tying to build the app with increased-memory-limit for vision OS, but I got error while asset validation Invalid Code Signing Entitlements. Your application bundle's signature contains code signing entitlements that are not supported on visionOS. Specifically, key 'com.apple.developer.kernel.increased-memory-limit' in '[AppName]' is not supported. (ID: 34399486-5b8c-4737-a446-6722fa1f6d98) how should I fix this error Thanks, Max

**Why does using CameraPicker require user authorization through a pop-up? ** Why don't ImagePicker or PhotoPicker require additional pop-up authorizations for accessing the photo library? All of these are implemented using UIImagePickerController, so why does one require a pop-up and the others do not? Additionally, I thought that by configuring the picker, I would theoretically not need any permissions. If permissions are still required, wouldn’t it make more sense to directly request camera permissions and utilize the native camera functionality? What then are the advantages of using the picker?

Hello, I am writing a Desktop application for macOS with XCode. This application will be available on app store. So, i have to put sandbox entitlement. So, this application won't be able to access Desktop folder. It will be jailed into a specific directory to store datas. I have installed a macOS application from appstore. When I launched this application, I got a TCC prompt, asking me to allow this application to access Desktop (or Downloads I don't remember). How can this be possible ? I have tried to write a sandboxed application which tries to access to Desktop folder. I didn't get any TCC prompt: My access was rejected. How can I ask to access Desktop folder from I sandboxed application ? Thanks a lot

Hey, I am trying to use Family Controls in Mac Catalyst. On the iOS app it works fine. On macOs using Mac Catalyst it builds fine but I get following console output. Failed to get service proxy: Error Domain=NSCocoaErrorDomain Code=4099 "The connection to service named com.apple.FamilyControlsAgent was invalidated: failed at lookup with error 159 - Sandbox restriction." UserInfo={NSDebugDescription=The connection to service named com.apple.FamilyControlsAgent was invalidated: failed at lookup with error 159 - Sandbox restriction.}` When i try to open the FamilyActivityPicker on the macOs app following error is displayed in the GUI. The operation could not be completed. (FamilyControls.ActivityPickerRemoteView Error error 2.) Do I need a familyControls capability for macOs? If yes, I only find it for iOS. Thanks for hints and help :)

Hi All, I submitted a Family Controls Request Form but haven't heard back. I didn't get any case id when I submitted the request, so how do you track it and know when It is approved? I'm currently developing an app that requires the main target and also the app extension to both use Family Controls. Does this mean I need to request forms for both app bundles separately or just the main app? This is really worrying for us as our project is almost ready and we are unable to launch it :( . Would appreciate any responses. Thanks,

After updating to Xcode 15.3 and Sonoma, I started getting an error when packaging my app: Provisioning profile failed qualification Profile doesn't include the com.apple.developer.mail-client entitlement. There is no indication in the documentation that this has anything to do with the provisioning profile, and there is no capacility that needs to be added. I was given the "com.apple.developer.mail-client" entitlement from Apple over a year ago as documented in: https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_developer_mail-client, and it worked fine until now.

We have a huge project. Until today we didn't use an .app but now we must in order to use Endpoint security and other stuff. Until today our binary sat in /opt/XYZ/binary.bin Now because of the .app, looks like it will have to be /opt/XYZ/Cool.app/Content/MacOs/binary.bin This change really breaks our code and will cause a massive code change. If I extract the binary from the app and place it in /opt/XYZ/binary.bin and run it, the process is killed. Is there a way to extract it from the app and run it from /opt/XYZ ? any tool, command, resource, etc' will be great.

Hello Fellow Developers, I'm reaching out for insights or solutions to a challenge we're encountering with our sync client application, particularly related to maintaining user folder access permissions across app sessions and system restarts. In our application, we leverage the openFileDialog to enable users to select a folder for file downloads and synchronization. To ensure smooth access on subsequent app launches, we save a security bookmark of the chosen folder. This is crucial for our app to function without repeatedly asking for user permissions, thereby enhancing the user experience. However, we've hit a snag where the security bookmark expires after a few days or upon a system restart, leading to a less than ideal scenario where users are prompted for reauthorization through a FileDialog. This repetitive process is not the seamless experience we aim to provide. To address permissions and security, we are currently using two entitlements: com.apple.security.files.bookmarks.document-scope com.apple.security.files.bookmarks.app-scope Despite these, we still face the bookmark expiration issue. We're seeking advice on whether there are other entitlements or methods we should consider to maintain persistent access to the selected folder without the security bookmark expiring. Our goal is to reduce or eliminate the need for users to repeatedly grant access, ensuring a seamless and efficient user experience. Has anyone faced a similar challenge or can offer guidance on additional entitlements or strategies to achieve persistent folder access? Any suggestions, alternative approaches, or insights would be greatly appreciated. We're keen on exploring all possible solutions to enhance our application's functionality and user satisfaction. Thank you for your time and assistance. I look forward to any advice or discussions this community can offer.

I requested the com.apple.developer.device-information.user-assigned-device-name entitlement on Feb 11 and received an email reply stating "We’ll contact you within a few weeks with your request status." However, it's been more than a month without any updates. Can anyone chime in with their experience RE: how long it took for Apple to review their request for this entitlement? https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_developer_device-information_user-assigned-device-name

I have a macOS app which contains a dext. I'd like to distribute it to external testers using TestFlight, so it has to pass Mac App Store review. It failed, because the App Sandbox entitlement was missing. I checked the app, it has the entitlement, but the dext does not. However, the .entitlements file used by the dext does contain App Sandbox set to true. I tried adding a "fake-entitlement" value to the .entitlements file, and that made it into the dext's code signature, but the App Sandbox entitlement appears to be stripped out by the build process? For a dext target, it isn't possible to add the App Sandbox capability in Xcode's Signing and Capability section. I have to add the entitlement manually in the .entitlement file (or it was put there by the Xcode driver template, I don't remember). I've tried clean building several times, I've tried Xcode 15.0.1, 15.2 and 15.3, but the result is always the same. I'm inspecting the entitlements using codesign -dvvv --entitlements - Does anyone know what I can do to put the App Sandbox entitlement into my dext's signature? Is this happening to anyone else?

I encounter a warning: "Cannot be used with TestFlight because the signature for the bundle at “Lattics.app” is missing an application identifier but has an application identifier in the provisioning profile for the bundle. Bundles with application identifiers in the provisioning profile are expected to have the same identifier signed into the bundle in order to be eligible for TestFlight." (90886). I don't need the TestFlight. And I add "com.apple.application-identifier" to the entitlements, but it crash on opening. I got an error: Code Signing Crashes

Hello everyone! Since iOS 17.4, it's now easier to set up an eSIM from a browser/email or with a link. We can now longpress the QR code to get the option to add an eSIM. Is it still required to have that private entitlement to enable the same functionality in-app but not in a browser? Seems odd. I can store QR codes on Imgur to install eSIM but can't do the same with my native app by CTCellularPlanProvisioning.addPlan method. Redirecting users to the browser seems like a workaround, but it creates a noticeable discrepancy in usability. I might have overlooked some SDK updates or new methods. Are there any new approaches to enable in-app eSIM setup with the latest update? Secondly, in the "Other eSIM activation methods" section of this page, a special link is mentioned, but I couldn't find any examples or resources for that. Thanks

The company that works on our app was required to have their clients create dev accounts that our app could be moved to. We did the app transfer from our previous developer and everything seemed fine. However when they try to update the app they get errors and have told us to remove certain data from the old dev account. We have tried this 3 different times and still no success. Here are the things we are being told to remove. Perhaps someone can give me more info on where to find these on our previous developer's account. Here's the identifier for you: 'group.com.subsplashstudio145.First-Bible-Church-of-Decatur' According to our team you will need to have the app group, NotificationContent and NotificationService removed from that other account. Any help appreciated! Thanks!

Hello! Firstly, I am submitting an entitlement request to access the E-sim configuration for the iOS application. While filling out the form, I encountered an issue with providing carrier information. The form is designed for a single carrier, but I have five carriers. Should I list all of them? Secondly, I have come across numerous discussions online regarding the time it takes to process such requests. Could you please provide me with an estimated timeframe for completion? Our customer is interested in completing the feature within a month. Thanks

I got approved for ProximityReader APIs for Apple Tap to Tay on iPhone. The Setting up the entitlement for Tap to Pay on iPhone guide says to look for "Additional Capabilities." I do not see it under my Certificates, Identifiers & Profiles. Where should I look?

I am trying to run a simple bash script from within swift. Eventually it should call a python script, but for now, I am just trying to get it to echo hello. The script is included in the bundle and also included in the targets. The script is called from the QLExtension. The script is correctly found, but I get an error: Error Domain=NSPOSIXErrorDomain Code=1 "Operation not permitted" let scriptPath = Bundle.main.path(forResource: "run_local", ofType: "sh") if scriptPath == nil { print("script not found or other error") return nil } let process = Process() process.executableURL = URL(fileURLWithPath: "/bin/bash") process.arguments = [scriptPath!] do { try process.run() process.waitUntilExit() } catch { print("Failed to run the script: \(error)") } The script, run_local.sh is included in the bundle and is just #!/bin/bash echo "hi" > /dev/null Is this possible? Are there any particular entitlements that I need in order for this to work? Everything else works with this app; this is the only error. -- The reason I am building this: I use google drive to synchronize files locally. A number of those files do not have a local representation. Google "stores" those files locally using a text file with a document ID (one would open something like docs.google.com/docs/) I want to be able to preview the google drive files using quicklook One very simple way to do this is to fetch the google drive files (using google drive API) at preview time. I have a python script that can do this and wanted to hook it up to the QLExtension for preview Another option is to keep a separate service running (I would use python) that keeps a local copy of all the synchronized google files. (But then I'll probably need to connect to a local sql database or similar that tells the swift extension the local file math: i.e., effectively a mapping from ID => local_file_path. But perhaps access of this kind to a SQL database is allowed?)

Do I need an entitlement to use the ARWorldTrackingConfiguration and get that data in RoomPlan enhancements being done?