I recently started a new app that supports universal links. I noticed an error in the apple-app-site-association (AASA) file and updated it. I used mode=developer in the applinks configuration, and it works well on Simulator, but for the life of me I can't get my device to load the new file, and the CDN hasn't updated in days. Any suggestions for how to get it to update, or get iOS to load the file directly? mode=developer is supposed to do this, but it simply won't on device. I've tried touching the file, and I can see its reported HTTP last modification date and eTag have changed. I've tried deleting and reinstalling the app; I've tried restarting the phone; I've tried clean builds; I've tried changing the applinks: to something else and reinstalling; I've tried installing via TestFlight.

This was working a few days ago, but it has since stopped and I can't figure out why. I've tried resetting TCC, double-checking my entitlements, restarting, deleting and rebuilding, and nothing works. My app is a sandboxed macOS SwiftUI LSUIElement app that, when invoked, checks to see if the frontmost process is Terminal, then tries to get the frontmost window’s title. func getFrontmostWindowTitle() throws -> String? { let trusted = AXIsProcessTrusted() print("getFrontmostWindowTitle AX trusted: \(trusted)") guard let app = NSWorkspace.shared.frontmostApplication else { return nil } let appElement = AXUIElementCreateApplication(app.processIdentifier) var focusedWindow: AnyObject? let status = AXUIElementCopyAttributeValue(appElement, kAXFocusedWindowAttribute as CFString, &focusedWindow) guard status == .success, let window = focusedWindow else { if status == .cannotComplete { throw Errors.needAccessibilityPermission } return nil } var title: AnyObject? let titleStatus = AXUIElementCopyAttributeValue(window as! AXUIElement, kAXTitleAttribute as CFString, &title) guard titleStatus == .success else { return nil } return title as? String } I recently renamed the app, but the Bundle ID has not yet changed. I have com.apple.security.accessibility set to YES in the Entitlements file (although i had to add it manually), and a NSAccessibilityUsageDescription string set in Info.plist. The first time I ran this, macOS nicely prompted for permission. Now it won't do that, even when I use AXIsProcessTrustedWithOptions() to try to force it. If I use tccutil to reset accessibility and apple events, it still doesn't prompt. If I drag my app from the build products folder to System Settings, it gets added to the system TCC DB (not the user DB). It shows an auth value of 2 for my app: % sudo sqlite3 "/Library/Application Support/com.apple.TCC/TCC.db" "SELECT client,auth_value FROM access WHERE service='kTCCServiceAccessibility' OR service='kTCCServiceAppleEvents';" com.latencyzero.<redacted>|2 <redactd> I'm at a loss as to what went wrong. I proved out the concept earlier and it worked, and have since spent a lot of time enhancing and polishing the app, and now things aren't working and I'm starting to worry.

I'm trying to add a generic password to the keychain and get back the persistent ID for it, and give it .userPresence access control. Unfortunately, if I include that, I get paramError back from SecItemAdd. Here's the code: @discardableResult func set(username: String, hostname: String?, password: String, comment: String? = nil) throws -> PasswordEntry { // Delete any existing matching password… if let existing = try? getEntry(forUsername: username, hostname: hostname) { try deletePassword(withID: existing.id) } // Store the new password… var label = username if let hostname { label = label + "@" + hostname } var item: [String: Any] = [ kSecClass as String : kSecClassGenericPassword, kSecAttrDescription as String : "TermPass Password", kSecAttrGeneric as String : self.bundleID.data(using: .utf8)!, kSecAttrLabel as String : label, kSecAttrAccount as String : username, kSecValueData as String : password.data(using: .utf8)!, kSecReturnData as String : true, kSecReturnPersistentRef as String: true, ] if self.synchronizable { item[kSecAttrSynchronizable as String] = kCFBooleanTrue! } if let hostname { item[kSecAttrService as String] = hostname } if let comment { item[kSecAttrComment as String] = comment } // Apply access control to require the user to prove presence when // retrieving this password… var error: Unmanaged<CFError>? guard let accessControl = SecAccessControlCreateWithFlags(nil, kSecAttrAccessibleWhenUnlockedThisDeviceOnly, .userPresence, &error) else { let cfError = error!.takeUnretainedValue() as Error throw cfError } item[kSecAttrAccessControl as String] = accessControl item[kSecAttrAccessible as String] = kSecAttrAccessibleWhenUnlockedThisDeviceOnly var result: AnyObject! let status = SecItemAdd(item as CFDictionary, &result) try Errors.throwIfError(osstatus: status) load() guard let secItem = result as? [String : Any], let persistentRef = secItem[kSecValuePersistentRef as String] as? Data else { throw Errors.malformedItem } let entry = PasswordEntry(id: persistentRef, username: username, hostname: hostname, password: password, comment: comment) return entry } (Note that I also tried it omitting kSecAttrAccessible, but it had no effect.) This code works fine if I omit setting kSecAttrAccessControl. Any ideas? TIA!