It tells me my certificate is bad (doesn't have a private key), and that it needs me to revoke it so it can generate a new one, and I do that, and it loops forever. Oh and I get email from Apple saying it's been revoked. Not sure if it's related but I also can't use a Developer ID certificate. Also says it doesn't have a private key. I even generated a new certificate using openssl so I could make sure I had the private key and the .csr file and still no happiness. I also managed to kill my login keychain at some point, because why not. I've googled and stackoverflowed and nothing works. This is on macOS 13.6.1, and Xcode Version 15.0.1 (15A507). I am frustrated to the point of tears at this point.

As mentioned before, we have to network extensions for our app -- a transparent proxy provider, and a packet filter. We just started testing with multiple users, and I'm seeing what seem to me to be very strange results, but they get less strange if the states aren't system-wide. Easiest case: I install while I'm logged in, we install the agents and daemons, start everything up, and the app then goes to activate both extensions. This starts with an OSSystemExtensionRequest for each, and when the completion delegate is invoked, I go to "connect" them, which is where the does the load/save preferences. Barring the apparent timing issue I filed a feedback on, this works. If i then fast-user-switch to a second user, the agent once again starts, and goes through the same process -- it creates an OSSystemExtensionRequest to load them both, the delegate gets invoked, and then it does the connection functions for each. The behaviour might change slightly if the second user is already logged in, but I lost my notes there. At the end of this, I am left with things in a weird-to-me state: For the second user (not an admin), I see three entries in prefs/settings > Network -- one packet filter, and two TPPs. The two TPPs either appear 100% identical, in that they both have the same connection time, or one is connected and the other isn't. For the first user (an admin), I sometimes see 1, 2, or 3 entries -- and the VPNs are not always shown as connected. This is new behaviour for us, so either it's something I'm doing in the connection code, or something in the OS changed. The latter seems unlikely since the machine in question is still running macOS 12.6, but I don't test multiple users very often. If the packet filter is global, and the TPP network connection is per user, this kinda makes sense (but why did we not notice it before?).

I didn't think it was possible, but a coworker showed me a screenshot with the SentinelOne content filter having the enabled button greyed out in sysprefs: So how are they doing that?

The crash is at do { retval = try ModelContainer(for: schema, configurations: [modelConfiguration]) } catch { fatalError("Could not create ModelContainer: \(error)") } When I first set it up, it complained (at run-time) about a lot of issues, mainly items not being optional and I apparently had a couple of @Attribute(.unique)s left. After I got rid of all of those, however, I get the crash there. I assume this is an obvious thing that I am doing wrong, but I can't figure it out.

We have a Transparent Proxy Provider, and a Packet Filter. They both get activated on app startup, and then when that's done, I call code to set the preferences to enable them. That is basically done by having the request:didFinishWithResult: method check the identity of the request, determine whether it was activation or deactivation, and then call the appropriate function to do the preferences load/save dance. However, from the logs, it looks like the preferences-handling code sometimes only gets called for one of them (and, strangely, almost always the packet filter). Is this a known issue? I'd guess something about multiple calls to load/save preferences happening at the same time?

I added a Home concept to my simple test program, which made the chain be Home has Rooms which have Items. But when I tried using something like let homeID = self.room.home?.id ?? UUID() _items = Query(#Predicate { ($0.room?.home?.id == homeID) == true }) it complained about an illegal ternary. Fine, it's picky so I changed the Item model to have a computed property: var home: Home? { return self.room?.home?.id } but with that, it crashes at runtime, because it can't find the keypath to .home. Is this all expected?

Only I do: .sheet(isPresented: self.$showMoveItemSheet) { MoveItemsView(items: Array(self.selectedItems), from: self.room) .modelContext(self.context) } .modelContext(self.context) and then in the MoveItemsView I have @Environment(\.modelContext) var context Hm, I'm setting the Query programmatically during init, would that be the cause? 'cause it does seem to work...

Continuing my standard weekend project of just playing with things, and I have a little inventory app. Basically something like @Model final class Room { var id: UUID var name: String @Relationship(deleteRule: .cascade, inverse: \Item.room) var items: [Item] } @Model final class Item { var id: UUID var name: String @Relationship(deleteRule: .nullify) room: Room } Then in a SwiftUI view for each Room, I use another ItemsView that constructs a query predicate based on the room ID that is passed in. And then on that, I've got a sheet to edit it, which is passed in @Bindable var item: Item, and has a form to edit it, and cancel & save buttons. Standard stuff. But if I edit the fields in the Item, they get reflected immediately, which, ok, that's actually what I wanted so yay. But the "Save" button calls context.save() while the "Cancel" button doesn't -- it calls context.rollback() (and I have auto-save off). And the problem I've got is: when I do that, the ItemsView updates, in real time, but when I cancel, it doesn't update; I have to quit and relaunch the app to get that properly in sync. The easiest change I can make, I presume, is to simply not use the passed in Item, but simply copy its values around to a new instance, but that won't update the item, so I'd have to delete it and re-insert it, or copy the fields back in the completion handler, or any number of things. So my question really is: assuming what I just described makes sense, what's the proper way to deal with it?

I had dealt with this in cmake, and then forgotten about it -- now trying my Xcode-only test project, and it won't work, because the profile has -systemextension as a suffix, while the one Xcode generates doesn't. Am I missing something in how to get Xcode to deal with this?

I looked at other posts with this problem and didn't find anything that worked. I used Keychain Access and Certificate Assistant to create a CSR; I uploaded that on the portal. Downloaded the certificate, and I get that error whenever I try to import it. I can import it into the System one, but then it's untrusted, and I still can't export it as a p12 file. This is one of the few times I did everything by reading the documentation as I did it, so I'm very confused.

As I mentioned elsewhere, I am trying to add a packet filter to our app. I can load load the extension, but I am getting permission denied when I try to save the preferences with it. I am building for release, using a Developer ID Application certificate (macOS, if that wasn't clear). I am starting to worry that I can't do this except on an MDM-managed system.

Our project uses CMake, which generates a .xcodeproj bundle. Our project has an existing network extension (Transparent Proxy Provider); I'm trying to add a second one, which is a packet filter. Xcode is extremely unhappy: error: Multiple commands produce '/Build/mybuild/Entitlements.plist' note: Target 'PacketFilter' (project 'project') has write command with output /Build/mybuild/Entitlements.plist note: Target 'ProxyProvier' (project 'project') has write command with output /Build/mybuild/Entitlements.plist My problem is: I can't tell what is generating the Entitlements.plist file! If I build each of those two targets separately, it does get generated. But if I search for "Entitlements" in the bundle, there is nothing. So I am unable to tell what is going on. Each of the extension targets has their own entitlements file -- each of them has their own CMakeLists.txt file, and has this setting: XCODE_ATTRIBUTE_CODE_SIGN_ENTITLEMENTS "${CMAKE_CURRENT_BINARY_DIR}/${TARGET}.entitlements" but something -- and I assume it's CMake, although I can't find anything that does that -- is producing a rule somewhere that says it creates Entitlements.plist. And it's doing it outside of the project.xcodeproj bundle? How can I track this down and/or fix it?

Is it actually usable as a fireawall in macOS? I tried (as an example) adding a rule to block port 80, and it did not seem to work. But, that's all I tried -- just added a line to /etc/pf.conf

I was trying to have a date picker show up conditionally; it seems to work for iOS, but macOS (13, haven't tried it on 14 yet) it ... doesn't. In particular, if I select "custom" in this code, and then click on a date part, it brings up the graphical picker, and I can select a date, but then... it doesn't go away. Clearly I am doing something wrong, but is it clear to anyone who isn't me what that is? import SwiftUI extension View { /// Hide or show the view based on a boolean value. /// /// Example for visibility: /// /// Text("Label") /// .isHidden(true) /// /// Example for complete removal: /// /// Text("Label") /// .isHidden(true, remove: true) /// /// - Parameters: /// - hidden: Set to `false` to show the view. Set to `true` to hide the view. /// - remove: Boolean value indicating whether or not to remove the view. @ViewBuilder func isHidden(_ hidden: Bool, remove: Bool = false, disable: Bool = false) -> some View { if hidden { if !remove { self.hidden() .disabled(disable) } } else { self } } } enum ExpireType: CustomStringConvertible, Hashable, CaseIterable { case never case oneWeek case twoWeek case oneMonth case sixMonth case custom func expires(given date: Date) -> Date? { let calendar = Calendar.current switch self { case .never: return nil case .custom: return nil case .oneWeek: return calendar.date(byAdding: .weekOfYear, value: 1, to: Date()) case .twoWeek: return calendar.date(byAdding: .weekOfYear, value: 2, to: Date()) case .oneMonth: return calendar.date(byAdding:.month, value: 1, to: Date()) case .sixMonth: return calendar.date(byAdding: .month, value: 6, to: Date()) } } var description: String { switch self { case .never: return "Never" case .custom: return "Custom" case .oneWeek: return "One week" case .twoWeek: return "Two weeks" case .oneMonth: return "One month" case .sixMonth: return "Six months" } } } struct ExpireDatePicker: View { @State var expires = Date() @State var expireType = ExpireType.never @State var didChange = false @State var dateString = "" @State var showDatePicker = false private func updateText() { if self.expireType == .never { self.dateString = "" } else if self.expireType == .custom { self.dateString = self.expires.formatted(.dateTime.day().month().year()) } else { self.dateString = self.expireType.expires(given: Date())!.formatted(.dateTime.day().month().year()) } } /* * For the expire date, we want to let * the user pick one of the predfined dates, * or a custom date. */ var body: some View { VStack(alignment: .trailing) { let _ = print("showDatePicker \(self.showDatePicker)") Picker("Expiration date", selection: self.$expireType) { ForEach(ExpireType.allCases, id: \.self) { et in Text(String(describing: et)) .tag(et) } } ZStack(alignment: .trailing) { Text(dateString) .fontWeight(.ultraLight) .isHidden(self.showDatePicker, disable: true) /* * This does not work well. * I can't get it to disappear, * or relinquish control */ DatePicker("", selection: self.$expires, displayedComponents: .date) .datePickerStyle(.compact) .isHidden(!self.showDatePicker, disable: true) } } .onChange(of: self.expireType) { to in self.showDatePicker = (to == .custom) self.updateText() } .onChange(of: self.expires) { to in print("expires changed to \(self.expires)") self.showDatePicker = false } } }

I've got @Environment(\.managedObjectContext) var context private var home: Home private var predicate: NSPredicate @State var sortBy: SortDescriptor<Room> @FetchRequest private var rooms: FetchedResults<Room> init(home: Home) { self.home = home _sortBy = State(initialValue: SortDescriptor<Room>(\.name)) self.predicate = NSPredicate(format: "%K = %@", "home", self.home) _rooms = FetchRequest<Room>( sortDescriptors: [self.sortBy], predicate: self.predicate) } But it won't compile -- it says Variable 'self.rooms' used before being initialized. But... how?