When trying to check if a certificate has been revoked with SecPolicyCreateRevocation (Flags: kSecRevocationUseAnyAvailableMethod | kSecRevocationRequirePositiveResponse) and SecTrustEvaluateWithError I always get the result error code errSecIncompleteCertRevocationCheck, regardless if the certificate was revoked or not. Reproduction: Execute the program from the attached Xcode project (See Feedback FB21224106). Error output: Error: Error Domain=NSOSStatusErrorDomain Code=-67635 ""revoked.badssl.com","E8","ISRG Root X1" certificates do not meet pinning requirements" UserInfo={NSLocalizedDescription="revoked.badssl.com","E8","ISRG Root X1" certificates do not meet pinning requirements, NSUnderlyingError=0x6000018d48a0 {Error Domain=NSOSStatusErrorDomain Code=-67635 "Certificate 0 “revoked.badssl.com” has errors: Failed to check revocation;" UserInfo={NSLocalizedDescription=Certificate 0 “revoked.badssl.com” has errors: Failed to check revocation;}}} To me it looks like that the revocation check just fails („Failed to check revocation;“), no further information is provided by the returned error. In the example the certificate chain of https://revoked.badssl.com (default code) and https://badssl.com is verified (to switch see comments in the code). I have a proxy configured in the system, I assume that the revocation check will use it. On the same machine, the browsers (Safari and Google Chrome) can successfully detect if the certificate was revoked (revoked.badssl.com) or not (badssl.com) without further changes in the system/proxy settings. Note: The example leaks some memory, it’s just a test program. Am I missing something? Feedback: FB21224106

When running the currently latest version of macOS (26.1) on a machine with ARM CPU (I could not reproduce the issue with Intel-Based machines) Finder Sync extensions do not work any more in general. Steps to reproduce the problem: In Xcode create a new macOS App project with default settings (in my case I chose XIB for the UI and Objective-C as language, and disabled testing, but that should not make any difference) In Xcode add a new target / "Finder Sync Extension" to the project with default settings, this adds a new Finder Sync Extension with example code to the app. Run the application and open Finder and navigate to "/Users/Shared/MySyncExtension Documents" In the system settings ("Login Items & Extensions") enable the extension (Listed as "File Provider"). On systems where it is working, in the context menu of that folder an entry "Example Menu Item" will appear. On systems where it does not work it is missing. Some findings: Adding the *.appex with "pluginkit -a" registers the extension as expected, it is then visible in the system settings, removing it with "pluginkit -r" is also reflected in the system settings. "pluginkit -m -i " returns the extension on systems where it is working (assuming it is registered while this command is executed), on systems wehre it is not working, nothing is returned, regardless of the registration state. When enabling the extension in the system settings nothing more happens, there is no process started for the extension (unlike as on systems where it is working), and thus no context menu entries and no badges are displayed in Finder. Restarting Finder or the system does not help. Any ideas what I could be missing here?

Hello! We run xcodebuild in parallel and with the latest Xcode version (15.1) we occassionally get the following error messages: 2024-01-02 13:38:59.974 xcodebuild[3883:16435] Error: execSQLStatement:onConnection:toCompletionWithRetry:writeLockHelp - SQL=CREATE INDEX receiver_data_index ON cfurl_cache_receiver_data(entry_ID);, error-code=1, error-message=no such table: main.cfurl_cache_receiver_data 2024-01-02 13:38:59.975 xcodebuild[3883:16435] ERROR: NSURLStorageURLCacheDB _setDBSchema: DB=/Users/vagrant/Library/Caches/com.apple.dt.xcodebuild/Cache.db table index on receiver_data - no such table: main.cfurl_cache_receiver_data. ErrCode: 1. Is this a bug? Is it safe to ignore this error? It looks like the build itself succeeds despite the error. Thank you and regards, Dominik