Hi, I am currently dealing with a crash when converting UnsafePointer<CChar>!to String in Swift. The pointer comes from the type es_string_token_t which my app receives from the Endpoint Security framework. This is what my code looks like: extension es_string_token_t {   var description: String {     if self.data != nil && self.length > 0 {       return String(cString: self.data)     }     return ""   } } And it produces the following crash: Thread 4 Crashed:: Dispatch queue: com.apple.root.default-qos 0 libsystem_platform.dylib 0x18bd44864 _platform_strlen + 4 1 libswiftCore.dylib 0x198f3a3c0 String.init(cString:) + 32 2 com.company.app.App 0x10456aac0 0x104564000 + 27328 3 com.company.app.App 0x10456f768 0x104564000 + 46952 4 com.company.app.App 0x1045793d8 0x104564000 + 87000 5 com.company.app.App 0x10457e8f8 0x104564000 + 108792 6 com.company.app.App 0x10458758c 0x104564000 + 144780 7 libdispatch.dylib 0x18bb6a5f0 _dispatch_call_block_and_release + 32 8 libdispatch.dylib 0x18bb6c1b4 _dispatch_client_callout + 20 9 libdispatch.dylib 0x18bb7da04 _dispatch_root_queue_drain + 680 10 libdispatch.dylib 0x18bb7e104 _dispatch_worker_thread2 + 164 11 libsystem_pthread.dylib 0x18bd2c324 _pthread_wqthread + 228 12 libsystem_pthread.dylib 0x18bd2b080 start_wqthread + 8 My app is deployed on arround 13k macs and only some of them experience this crash which I havent been able to reproduce. Any help would be appreciated.

Hi, I was wondering if there is something similar to NSObject's value(forKey:) for structs. I need to get a structs attribute by name and I don't want to turn my structs into classes, inherit from NSObject and use @objc in my attributes as I think it doesn't look good. I also read that you can use Mirror and use the children property to iterate the attributes but given that performance is important in my case it doesn't look like a good option. Any help would be appreciated, thanks!

Hello, I wanted to hear some opinions on this problem I want to tackle. Currently at my job we have an Endpoint Security sysext app (swift) deployed on 10k+ macs and we are using a custom rule engine we developed to run some rules on the events received by the app. These rules are downloaded by the app. This works great but we wanted to dive into the world of ML and try to use it to detect more complex malware that may be more difficult to detect using rules. We thought of two options to approach this: Periodically collect events from all macs and send them to an api to be stored somewhere and perform the training in the cloud. Somehow, maybe using the ML frameworks provided in Swift, train the model IN the device rather than in the cloud. I know this is a very broad question but I just wanted to hear some suggestions. Thanks in advance.

Hi, I was wondering if it was possible to get a notification when there is a change to the forced defaults that my app uses. This forced defaults are sent via MDM using the com.apple.ManagedClient.preferences payload type. I've seen that UserDefaults.didChangeNotification is available but it only works if the change is made from inside the app and not if the payload gets updated by the MDM. class MySettings { private let defaults = UserDefaults(suiteName: "com.myapp.app.mysettings") init() { // Somehow register for notifications } func defaultsChanged() { // This would be called when the defaults change } }

Hi, we have an app that has been in development since Catalina and ever since Sonoma came out we noticed that when executing our pkg installer the application is installed correctly but the postinstall script is not executed. The weird thing is that if I run the pkg for the first time the postinstall does not execute BUT if I run it again then it DOES!! Looking through the logs I found these ones that confirm the execution of the script is being blocked. We haven't changed anything in the way we build the installer so I'm not quite sure how to fix this. 2024-04-25 16:29:51.570662-0300 0x1c62 Error 0x0 308 0 syspolicyd: [com.apple.syspolicy.exec:default] Unable (errno: 2) to read file at &lt;private&gt; for pid: 784 process path: &lt;private&gt; library path: (null) 2024-04-25 16:29:51.570662-0300 0x1c62 Error 0x0 308 0 syspolicyd: [com.apple.syspolicy.exec:default] Terminating process due to Malware rejection: 784, &lt;private&gt; 2024-04-25 16:29:51.570679-0300 0x1d13 Default 0x0 0 0 kernel: (AppleSystemPolicy) ASP: Sleep interrupted, signal 0x100 2024-04-25 16:29:51.570682-0300 0x1d13 Default 0x0 0 0 kernel: (AppleSystemPolicy) ASP: Security policy would not allow process: 784, /private/tmp/PKInstallSandbox.m5Av3O/Scripts/com.mycompany.myapp.pkg.BSOjtt/postinstall The app as well as the installer are both signed, notarized and stapled. Here you can see the script which just simply executes the app. #!/bin/bash echo "Running postinstall" /Applications/myapp.app/Contents/MacOS/myapp --load-system-extension &amp; exit 0 Any help would be much appreciated. Thanks!

Hi, Im new to SwiftUI and Im trying to implement some drag and drop functionality for some tabs in my application. Im using .draggable(_) and .dropDestination for this and the issue I have is that as I drag the view, the mouse cursor changes to the copy cursor with the green plus sign and I don't like it but I can't figure out how to avoid it. Any help would be appreciated.