Hi, I've used Xcode's conversion tool to convert a chrome extension. However, the tool throws warnings for basically every key and permission in the manifest.json file. It does create an Xcode project though. I've validated the manifest.json against 3 different json standards and no issues were detected. I'm using the latest version of Monterey and Xcode. ╰─$ xcrun safari-web-extension-converter --objc --macos-only . objc[2832]: Class AMSupportURLConnectionDelegate is implemented in both /usr/lib/libamsupport.dylib (0x21686f130) and /Library/Apple/System/Library/PrivateFrameworks/MobileDevice.framework/Versions/A/MobileDevice (0x108b4c2c8). One of the two will be used. Which one is undefined. objc[2832]: Class AMSupportURLSession is implemented in both /usr/lib/libamsupport.dylib (0x21686f180) and /Library/Apple/System/Library/PrivateFrameworks/MobileDevice.framework/Versions/A/MobileDevice (0x108b4c318). One of the two will be used. Which one is undefined. Xcode Project Location: [...]/Browser Extensions/Chrome extension/DistPublic App Name: [...] App Bundle Identifier: com.yourCompany.[...] Platform: macOS Language: Objective-C Warning: The following keys in your manifest.json are not supported by your current version of Safari. If these are critical to your extension, you should review your code to see if you need to make changes to support Safari: description webRequestBlocking persistent version nativeMessaging <all_urls> tabs scripts storage alarms manifest_version webRequest name icons The only permission that I found is really not supported is webRequestBlocking. But even if I remove it, the tool still complains about the rest. Any idea what is causing this behavior?

Hi, I have a macOS app bundle with multiple binaries. I can create an archive, notarize it and export the app bundle all within Xcode. But when I try to export the archive from the command line I get an error message: ╰─$ xcodebuild -exportArchive -archivePath myarchive.xcarchive -exportOptionsPlist myarchiveExportOptions.plist -exportPath ~/Desktop -verbose 2021-12-06 09:03:39.241 xcodebuild[15117:509468] [MT] IDEDistribution: -[IDEDistributionLogging _createLoggingBundleAtPath:]: Created bundle at path "/var/folders/qj/55jnf34d0dz7nrjmw9kkvj6c0000gn/T/....xcdistributionlogs". error: exportArchive: helperBinary does not support provisioning profiles. Error Domain=IDEProvisioningErrorDomain Code=10 "helperBinary does not support provisioning profiles." UserInfo={IDEDistributionIssueSeverity=3, NSLocalizedDescription=helperBinary does not support provisioning profiles., NSLocalizedRecoverySuggestion=helperBinary does not support provisioning profiles, but provisioning profile someName distribution has been manually specified. Remove this item from the "provisioningProfiles" dictionary in your Export Options property list.} ** EXPORT FAILED ** This is the export options plist I use (that's the one Xcode has exported): <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>destination</key> <string>export</string> <key>method</key> <string>developer-id</string> <key>provisioningProfiles</key> <dict> <key>...</key> <string>someName distribution</string> </dict> <key>signingCertificate</key> <string>Developer ID Application</string> <key>signingStyle</key> <string>manual</string> <key>teamID</key> <string>...</string> </dict> </plist> How can I exclude the helper binary for the provisioning profile during the export of the archive? The main executable uses endpoint security.

I couldn't find an event type to subscribe to for identifying user logins (SSH, GUI). As an alternative approach I investigated the possibility of monitoring process events e.g. for loginwindow. However, I noticed that this doesn't seem to work either, because the user id and audit session id changes from root 0/system session 100001 right after exec to the respective user's id (e.g. 501) and his gui session id (e.g.100005) after successful authentication. Since I couldn't find any evidence for a fork or exec event, I assume that something like setuid is used internally. Is there any way one could get notified for events which change the process' context (like setuid or a session id change)? Are there events for user logins/sessions I've overlooked?

I'm working on an enterprise product and we need to be able to provide a meaningful mapping between processes and the session context they're running in. I know that we can get the asid of a process based on an exec event subscription via ES, but the asid is too detailed. Ultimately we want to be able to say process A is running in the system/console of user {a,b,c}/ssh session. One problem is that for what we would consider a system session (non interactive) there exist multiple asids. So we need to group all non user sessions a be able to distinguish them from user gui/ssh sessions. Is there a way to get more information about a process' session, maybe but querying its asid? Maybe based on bsm and the audit token? I was thinking along the lines of what launchctl procinfo provides under the section audit flags. There are flags like has_console_access,has_authenticated. But I haven't been able to find out where this information is coming from. There are related flags in the Security framework (SessionAttributeBits) but especially the two I mentioned are missing.

The man pages sysctl(3) state that sysctlbyname and the other mentioned functions return either 0 in case of success or -1 and set errno. But the Apple Documentation (for objective C) for sysctlbyname says the following about the the return values: Return value 0 on success, or an error code that indicates a problem occurred. Possible error codes include EFAULT, EINVAL, ENOMEM, ENOTDIR, EISDIR, ENOENT, and EPERM. So which is it? Or does it return something different in objective C than the C function mentioned in the man pages? But even the provided example in Apple's documentation only checks for return value -1 and then uses errno to log the error. Seems to me that the documentation is wrong.

When I want to add libcurl as a dependency I add libcurl.4.tbd under Link Binary with Libraries and it works. As I understand it these tbd files are stub libraries to enable the linking process for dynamic libraries while keeping the Xcode SDK download small (by replacing the actual dylib with a kind of placeholder). When I open the libcurl.4.tbd in Xcode, it lists under install-name /usr/lib/libcurl.4.dylib and I expected to find this file. But I can't find the actual libcurl.4.dylib at this dir nor anywhere else on my system. otool -L gives me same filepath. How is the linking handled in this case and where is the actual dylib located? I've learned that libcurl.4.dylib actually resides within a shared cache file unter /System/Library/dyld. I'm running macOS 11.1 What's the benefit instead of just placing the dylib under the specified path like /usr/lib/?