Hello, In my FinderSync extension, I update file badges with the following instruction, but the Finder doesn't (always) refresh them. [[FIFinderSyncController defaultController] setBadgeIdentifier:result forURL:[NSURL fileURLWithPath:normalizedPath]]; I tried without success to force the refresh with:   [[NSWorkspace sharedWorkspace] noteFileSystemChanged:path];   NSString *source = [NSString stringWithFormat:@"tell application \"Finder\" to update item (POSIX file \"%@\")", path];         NSAppleScript *appleScript = [[NSAppleScript alloc] initWithSource:source];   if (appleScript != nil) {     [appleScript executeAndReturnError:nil];   } Hiding then showing the files (chflags) doesn't work better. I'm in macOs Big Sur. Any idea to get around this bug? Thank you. Chris

Hello, I would like to intercept the open event on a file in order to load it from a cloud. I am trying to use an EndpointSecurity extension but I don't know how to manage the "deadline" timeout. I subscribed to the ES_EVENT_TYPE_AUTH_OPEN event. When I'm able to fetch the file before the event deadline, I call es_respond_flags_result with authorized_flags = 0xffffffff to accept, else I call it with authorized_flags = 0 to deny. In the latter case, it is not satisfactory as the open process fails. How could I solve this issue?

Since Ventura (Mac M1 only), Endpoint Security extensions have lost the rights to launch: => es_new_client returns ES_NEW_CLIENT_RESULT_ERR_NOT_PERMITTED It is needed to reboot in Recovery mode, go to Startup Security Utility and select "Allow user management of kernel extensions from identified developers". Is this something that will be fixed soon? (we can't ask our customers to do that)

Hello, I'm trying to get my app to communicate with a FinderSync extension using XPC. In my app, I run the listener: _xpcListener = [[NSXPCListener alloc] initWithMachServiceName:_serviceName]; _xpcListener.delegate = self; [_xpcListener resume]; Where _serviceName="a.b.c.d.e.f" In Info.plist of the app bundle, I have: keyMachServices/key dict keya.b.c.d.e.f/key true/ /dict In the FinderSync ext, I try to connect to the XPC service: _xpcConnection = [[NSXPCConnection alloc] initWithMachServiceName:_serviceName options:0]; ... [_xpcConnection resume]; It works in debug, but not when the app is installed. In this case, _xpcConnection.invalidationHandler is called. The FinderSync ext belongs to the app bundle. The .entitlements of the App: ?xml version="1.0" encoding="UTF-8"? !DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "..." plist version="1.0" dict keycom.apple.security.application-groups/key array stringa.b.c.d.e/string /array /dict /plist The .entitlements of the FinderSync: ?xml version="1.0" encoding="UTF-8"? !DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "..." plist version="1.0" dict keycom.apple.security.app-sandbox/key true/ keycom.apple.security.application-groups/key array stringa.b.c.d.e/string /array /dict /plist The app is notorized: % spctl --assess -vvvv /Applications/myApp.app                 /Applications/myApp.app: accepted source=Notarized Developer ID origin=Developer ID Application: ... In the Console, just after the start of the listener, there is this error (3 times) for myApp process: Trust evaluate failure: [leaf TemporalValidity] So I checked its certificates, but they are valid: % codesign -dvvvv --extract-certificates /Applications/myApp.app % openssl x509 -inform DER -in codesign0 -text ... Validity       Not Before: Jun 22 11:59:25 2020 GMT       Not After : Jun 23 11:59:25 2025 GMT .. % openssl x509 -inform DER -in codesign1 -text ... Validity       Not Before: Feb 1 22:12:15 2012 GMT       Not After : Feb 1 22:12:15 2027 GMT ... % openssl x509 -inform DER -in codesign2 -text ... Validity       Not Before: Apr 25 21:40:36 2006 GMT       Not After : Feb 9 21:40:36 2035 GMT ... The computer date is Ok: % date Thu Apr 8 09:20:44 CEST 2021 In the console, there is also this error for tccd process: Prompting policy for hardened runtime; service: kTCCServiceAppleEvents requires entitlement com.apple.security.automation.apple-events but it is missing for accessing={identifier=a.b.c.d.e, pid=12245, auid=501, euid=501, binary_path=/Applications/myApp.app/Contents/PlugIns/Extension.appex/Contents/MacOS/Extension}, requesting={identifier=com.apple.appleeventsd, pid=328, auid=55, euid=55, binary_path=/System/Library/CoreServices/appleeventsd}, I tried to add this com.apple.security.automation.apple-events entitlement to App and ext, but it didn't fix the problem. How can I debug this issue? Thank you.

Hello, I have an app with Minimum system version = 10.13 in Info.plist. This app embeds a sys ext whose Minimum system version is 10.15. It's running in 10.15 and 11, but not in 10.14 and 10.13. => kLSIncompatibleSystemVersionErr The sys ext is installed only if "@available(macOS 10.15, *)", the app can run without it. How can I manage this issue? Thank you.

Hello, My app (embedding a Finder ext and Sys ext) is running well in my development machine (Big Sur with SIP disabled) but crashes at startup in Catalina (with SIP). The app is signed and notarized. Exception Type: EXC_CRASH (Code Signature Invalid) Exception Codes: 0x0000000000000000, 0x0000000000000000 Exception Note: EXC_CORPSE_NOTIFY Termination Reason: Namespace CODESIGNING, Code 0x1 I did the following checks: codesign -dv --verbose=4 /Applications/myApp.app Executable=/Applications/myApp.app/Contents/MacOS/myApp Identifier=a.b.c.d Format=app bundle with Mach-O thin (x86_64) CodeDirectory v=20500 size=37422 flags=0x10000(runtime) hashes=1158+7 location=embedded VersionPlatform=1 VersionMin=659200 VersionSDK=721152 Hash type=sha256 size=32 CandidateCDHash sha256=97cb5bb480cd24ee3f3abc025271110f481bef5a CandidateCDHashFull sha256=97cb5bb480cd24ee3f3abc025271110f481bef5a601b72d7c0b1440d2188c096 Hash choices=sha256 CMSDigest=97cb5bb480cd24ee3f3abc025271110f481bef5a601b72d7c0b1440d2188c096 CMSDigestType=2 Executable Segment base=0 Executable Segment limit=3915776 Executable Segment flags=0x1 Page size=4096 CDHash=97cb5bb480cd24ee3f3abc025271110f481bef5a Signature size=8992 Authority=Developer ID Application: ... Authority=Developer ID Certification Authority Authority=Apple Root CA Timestamp=19 May 2021 at 10:50:35 Info.plist entries=22 TeamIdentifier=... Runtime Version=11.1.0 Sealed Resources version=2 rules=13 files=118 Internal requirements count=1 size=196 = Could the "Runtime Version=11.1.0" explain the issue? Note that the deployment target is 10.15. codesign -vvv --deep --strict /Applications/myApp.app ... /Applications/myApp.app: valid on disk /Applications/myApp.app: satisfies its Designated Requirement spctl -a -t exec -vvv /Applications/myApp.app 2&1 | grep Notarized source=Notarized Developer ID security cms -D -i /Applications/myApp.app/Contents/Library/SystemExtensions/a.b.c.d.e.Extension.systemextension/Contents/embedded.provisionprofile  ?xml version="1.0" encoding="UTF-8"? !DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "..." plist version="1.0" dict keyAppIDName/key string.../string keyApplicationIdentifierPrefix/key array string.../string /array keyCreationDate/key date2021-03-29T06:47:11Z/date keyPlatform/key array stringOSX/string /array keyIsXcodeManaged/key false/ keyDeveloperCertificates/key array dataMIIFtjCCBJ6gAwIBAgIIDPP2OBmNMQwwDQYJKoZIhvcNAQELBQAweTEtMCsGA1UEAwwkRGV2ZWxvcGVyIElEIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSYwJAYDVQQLDB1BcHBsZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTETMBEGA1UECgwKQXBwbGUgSW5jLjELMAkGA1UEBhMCVVMwHhcNMjAwNjIyMTE1OTI1WhcNMjUwNjIzMTE1OTI1WjCBpTEaMBgGCgmSJomT8ixkAQEMCjg2NFZEQ1MyUVkxRTBDBgNVBAMMPERldmVsb3BlciBJRCBBcHBsaWNhdGlvbjogSW5mb21hbmlhayBOZXR3b3JrIFNBICg4NjRWRENTMlFZKTETMBEGA1UECwwKODY0VkRDUzJRWTEeMBwGA1UECgwVSW5mb21hbmlhayBOZXR3b3JrIFNBMQswCQYDVQQGEwJDSDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOPkChyZl1hPMQNeU+YEBi+lDQxQsFFmpjrFPpZNlM3noLKvzP8KI9uBs/TEt0Yx/OpbbuQHT+z0afr/eVepffT/c001dMMy96AwesjT0L3VI5tApzBC8Ds+iAXV0LBSkj41rcnxoRSH7tnOcIQ7pQbe2RJVBsc0R686b3lf8RTDDnKsDbYQ0NjLLRu+gg3XQaaF2YkGwavYlOH4W674UbhauyDp427yL4rHmpWqsWB16iKVLngATvhRsIAoMMDQNiqgpwFQvgM+RE87gWITXtMeiLJsN11ycZgC+NwIVlAgk6niLZkPJyQyRXtC/dMYUGlju0OxQJlR3aZ4FDUhl8UCAwEAAaOCAhMwggIPMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUVxftos/cfJihEOD8voctLPLjF1QwQAYIKwYBBQUHAQEENDAyMDAGCCsGAQUFBzABhiRodHRwOi8vb2NzcC5hcHBsZS5jb20vb2NzcDAzLWRldmlkMDYwggEdBgNVHSAEggEUMIIBEDCCAQwGCSqGSIb3Y2QFATCB/jCBwwYIKwYBBQUHAgIwgbYMgbNSZWxpYW5jZSBvbiB0aGlzIGNlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBhc3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFyZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRlIHBvbGljeSBhbmQgY2VydGlmaWNhdGlvbiBwcmFjdGljZSBzdGF0ZW1lbnRzLjA2BggrBgEFBQcCARYqaHR0cDovL3d3dy5hcHBsZS5jb20vY2VydGlmaWNhdGVhdXRob3JpdHkvMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMDMB0GA1UdDgQWBBQSsj8IO9I/UtSJbMvBWka5Yp6GyTAOBgNVHQ8BAf8EBAMCB4AwHwYKKoZIhvdjZAYBIQQRDA8yMDE5MDkxNjAwMDAwMFowEwYKKoZIhvdjZAYBDQEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBABL6WyRaT4OIK8kEpcbAiLyy3J2MRuB9sWIyQR0iYoqZyd3D+I+kEhd25UCuMyxUN48nK1juNoKdHqtkEjl6xJqOioNMAGbBga3jHl8LTmOWZ8u5Vg2ODzsI2uX/oTmHelh1g6dAxk6nl2UBhiJdCTpszJXMPvOHUqIpbH8kRHhQUq+OoRXkkB32bJPd/fLyPjxnPz30tN4OFu6ms6rO08e1Z9avhQntwAMPi6OYy3LAED2n7NOSkdtpP8j9rFCz6yrcZyNjG0D045G1bIA8mVzU95j5bc68Bpb4NUKxC9vqkoUbNbM8vkTOVJmceuBqt3i+3bLRnfkeFwKrtDSeP00=/data /array keyEntitlements/key dict keycom.apple.developer.endpoint-security.client/key true/ keycom.apple.developer.system-extension.install/key true/ keycom.apple.application-identifier/key string.../string keykeychain-access-groups/key array string....*/string /array keycom.apple.developer.team-identifier/key string.../string /dict keyExpirationDate/key date2039-03-25T06:47:11Z/date keyName/key string.../string keyProvisionsAllDevices/key true/ keyTeamIdentifier/key array string.../string /array keyTeamName/key string.../string keyTimeToLive/key integer6570/integer keyUUID/key stringdb2079f3-d329-4c03-b8ca-23a61ec3b305/string keyVersion/key integer1/integer /dict /plist%                    Is there something bad here? Thank you Chris