How do you monitor Darkwake? If possible, could you share some sample code?

The method I use now is to forge the es_message_t object, so as to verify the corresponding relevant code logic through XCTest and carry out coverage statistics. However, some operation functions of the es_message_t object may not be directly called, which will cause crash.

Thank you for your reply, I think I understand what you said, I will optimize my code according to your explanation, thank you for your help, your answer is very helpful to me. (-:

What QoS type should I set for the NOTIFY event

Using a Dispatch semaphore to turn an asynchronous call into a synchronous call is generally considered bad form. That’s because the semaphore can’t propagate priority. That’s why we have -synchronousRemoteObjectProxyWithErrorHandler:. In the code serverProxy for synchronousRemoteObjectProxyWithErrorHandler access object The use of dispatch_async is to implement an asynchronous operation, and implement the corresponding timeout operation, to be precise, I should be required here to drop a serial column, the reason is because I found the line of sight NSXPC interface call timeout mode is like this. On the server side does not trigger the callback, the awareness is that the client side calls callbackWithInfo:info reply:^(bool action) and waits for the server side to call the action to implement the callback, but if the server side does not call the action all the time, That leads to more and more fds. I'm sure that if the NSXPC server side does not call the action callback function, the number of ports on the client side will increase. When the nsxpc server started returning the corresponding action callback function, the number of port numbers in the client program decreased significantly

An __exceptionPreprocess problem has been found in the main thread's always, which is in the main thread, and I'm not sure why it affects the com.apple.root.default-qos thread. With a fix to the __exceptionPreprocess error in the thread, the crash did not occur again.

I found a solution. Thank you

i used Objective-C

Since I am a beginner in osx development, I want to learn the usage of fs_usage. Do you have any recommendation materials or can you provide some examples of fs_usage

Thank you very much for your reply. I understand the problem.

At the same time, I found a new problem. I wanted to block writing to a file. If writing to the file through program code does not seem to trigger the ES_EVENT_TYPE_AUTH_OPEN event, causing the program code to still write to the file. NSFileManager *fileManager = [NSFileManager defaultManager]; if([fileManager fileExistsAtPath:self.CopyFilePath.stringValue]) { // Write to file NSString *content = @"test"; [content writeToFile:self.CopyFilePath.stringValue atomically:YES encoding:NSUTF8StringEncoding error:nil]; } I would like to know what events can be monitored to intercept program code writing to a file

I also think that it may not be good to intercept the operation of the code copy file

How else can I contact the team that approved EndpointSecurity distribution? Because the EndpointSecurity framework's distribution permissions are important to my work. The EndpointSecurity App I developed needs to be distributed to other users of the company under the permission of distribution. Thank you for your answer.

Hello, I would like to ask about the application of distribution permission, usually fixed for such a long time, or should I keep applying? I have applied for nearly 7 months, but there has been no feedback, so I can't go on with my work, may I ask how you sent the email application, can you tell me? I really need it. Thank you.

May I ask which email address or whom can I contact to know the progress of my permission application?