I have recently added a SetFocusFilterIntent target extension to my app which is a system utility which goes into the menu bar(Application is agent = YES). I have followed the approach in the WWDC22 video introducing Focus Intent and I have created an App Groups to being able to make the Extension to communicate with my main app, however from when I did this sometimes when I run the app I do get this log line: Couldn't read values in CFPrefsPlistSource<0x97cd34700> (Domain: group.xxx.xxx.MyApp, User: kCFPreferencesAnyUser, ByHost: Yes, Container: (null), Contents Need Refresh: Yes): Using kCFPreferencesAnyUser with a container is only allowed for System Containers, detaching from cfprefsd Despite this the Focus mode integration is working correctly on my development Mac. However I used to Archive the app and then Copy the app to my MacBook but when I do that now my other Mac cannot open the app and it is giving me an error. If I revert this change then I can bring the app back to my other Mac as usual following the procedure: Product -> Archive. Then from the archiver: Distribute App -> Copy App. After that I copy the app generated to the App folder of my other MacBook but it doesn't open anymore. During the archival phase now I am even getting this warning: MyAppFocus.appex is an ExtensionKit extension and must be embedded in the parent app bundle's Extensions directory, but is embedded in the parent app bundle's ../../../BuildProductsPath/Release/MyApp.app/Contents/Extensions directory. How can I solve this issue? If I rollback the commit related to this SetFocusFilterIntent new feature the app can be Copied and moved to the other Mac as before. Is this related to the extension or to the fact that I had to use this new entitlement: com.apple.security.application-groups ?

When syncing an Office 365 (Exchange) account on an M1 Max machine running the latest macOS (e.g., Sonoma), the native contactsd and AddressBookManager processes enter a severe, persistent failure loop. The CPU usage spikes from 0.0% to over 80% (observed at 81%) and repeats every 60-90 seconds. This occurs even when the account is entirely empty of contacts and after performing a clean macOS installation, strongly indicating a systemic bug in the framework's Exchange protocol handler on the M1 architecture. System Information Affected Hardware: Apple M1 Max Affected macOS Version: Tahoe 26.1 Affected Processes: contactsd, AddressBookManager Account Type: Microsoft Exchange / Office 365 Steps to Reproduce System Setup: Perform a clean installation of macOS on the M1 Max machine (USB boot, NO Migration Assistant or data restoration). Account Preparation: Ensure the target Exchange account's contacts folder is entirely empty on the server (via Outlook Web Access). Trigger: Go to System Settings > Internet Accounts and add the Exchange account. Ensure ONLY Contacts is toggled ON. Observation: Open Activity Monitor and sort by % CPU. Expected Behavior The contactsd and AddressBookManager processes should spike briefly (under 5%) to establish the empty sync, then settle to a persistent idle state (0.0% to 0.5% CPU). Actual Behavior The processes never settle: CPU Spikes: Usage repeatedly jumps from 0.0% to 81% for AddressBookManager and 22-59% for contactsd. Pattern: This extreme spike lasts for a few seconds before the thread crashes/restarts, and the process immediately re-initiates the loop, consuming massive CPU cycles continuously. Diagnostic Proof The runaway CPU is not caused by corrupt data: Data Neutralization: The account's contacts folder was emptied on the server, yet the high CPU loop persisted when syncing. Clean System: The issue is reproducible on a clean, from-scratch macOS installation, ruling out corrupted user preferences or system files. Cross-Architecture: The exact same account syncs perfectly on iOS and newer M4 Macs, confirming the data is valid and the issue is specific to the M1 Max's implementation of the Exchange protocol handler. Workaround (For Visibility) To restore system performance, the user must DELETE the entire Exchange account from System Settings > Internet Accounts and use a third-party client (e.g., Outlook for Mac) for synchronization, as it bypasses the buggy native framework.

Hello, I have a .app that runs as LaunchDaemon and configured to be an Agent (LSUIElement) that is stored in /Applications. Installing network extensions works, but deactivation fails with OSSystemExtensionErrorDomain error 13 (authorization required). requestNeedsUserApproval is not called for deactivation, but it's called when being activated. Any ideas? Thank you! P.S. It works on Debug, just not on Release...

Hi, I’m trying to integrate my iOS app with Shortcuts. My goal is: In the Shortcuts app → Create a shortcut → Select an image → Share the image directly to my app for analysis. However, when I try to add the “Share with App” / “Open in App” / “Send to App” action in Shortcuts: My app does NOT appear in the list of available apps. I want my app to be selectable so that Shortcuts can send an image (UIImage / file) to my app. What I have tried My app supports receiving images using UIActivityViewController and Share Extension. I created an App Intents extension (AppIntent + @Parameter(file)...) but the app still does not appear in Shortcuts “Share with App”. I also checked the Info.plist but didn’t find any permission related to Shortcuts. The app is installed on the device and works normally. My question What permission, Info.plist entry, or capability is required so that my app becomes visible in the Shortcuts app as a target for image sharing? More specifically: Which extension type should be used for receiving images from Shortcuts? App Intents Extension? Share Extension? Intent Extension? Do I need a specific NSExtensionPointIdentifier for Shortcuts integration? Do I need to declare a custom Uniform Type Identifier (UTI) or add supported content types so Shortcuts knows my app can handle images? Are there any required entitlements / capabilities to make the app appear inside the “Share with App” action? Goal Summary I simply want: Shortcuts → Pick Image → Send to My App → App receives the image and processes it. But currently my app cannot be selected in Shortcuts. Thanks in advance for any guidance!

For Apple Pay Testing purposes, we're trying out cards from https://developer.apple.com/apple-pay/sandbox-testing/ Visa, AMEX, Discover cards can be added to the wallet. But all 5 of the listed options for Mastercard cannot be added to the wallet with the error "Card Device Limit". How can we resolve this?

Hello team, I am developing a security app where I am denying certain flows/packets if the are communicating with known malicious endpoints. Therefore I want to make use of NetworkExtensions such as the new URLFilter or ContentFilter (NEURLFilterManager, NEFilterDataProvider, NEFilterControlProvider). Does NEURLFilterManager require the user's device to be at a minimun of ios 26? Does any of these APIs/Extensions require the device to be managed/supervised or can it be released to all consumers? Thanks,

There is a project that has been running online for years. A few months ago, a player reported that after making their first successful IAP at a specific purchase point, any subsequent attempts to purchase the same item do not trigger the payment window. Instead, they get the error:"This in-app purchase has already been bought".​After contacting Apple Support once, the player was able to make a payment, but the issue reappeared on the next attempt. So far, this is the only user reporting the problem, other people can purchase normally. Question1:​ Here’s what I’ve tried: I reviewed the code and ensured that TransactionObserveris correctly called. I’ve also added **[[SKPaymentQueue defaultQueue] finishTransaction:transaction]**in all possible places, but the issue persists. According to the logs, after the user’s first purchase, every subsequent IAP attempt returns the same receipt from the initial successful transaction, even though I’m certain finishTransactionis being called. It seems like this method isn’t having the intended effect. Question2:​ I asked the player to manually trigger the Restore Purchases​ button by calling [[SKPaymentQueue defaultQueue] restoreCompletedTransactions]. the restoreCompletedTransactionsFailedWithErrorcallback returned the following error: Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." The player has already checked their device time and tried switching between Wi-Fi and 4G, but the error remains. Is this SSL error related to the "already bought" error?​ Note that this SSL issue occurred during a separate restore process, not during a purchase attempt. Question: 3:​ I noticed that I’m not calling finishTransaction​ inside the restoreCompletedTransactionsFailedWithErrorcallback. Should I add it there?​ Purchase Logs: ​The player clicked "Restore Purchases" and then attempted another purchase. The purchase flow appears normal, but the IAP returns an old, already-used receipt. [2025-12-10 17:41:38:995] Restore transaction failed: Error > Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a > secure connection to the server cannot be made." [2025-12-10 17:41:40:010] Restore transaction failed: Error > Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a > secure connection to the server cannot be made." [2025-12-10 17:41:42:011] buy method called... productID: > huoxiancj_648 orderID: 22674511 [2025-12-10 17:41:42:107] ----Log Observers ID---- [2025-12-10 17:41:42:108] ObserverID: 0x109968890 [2025-12-10 17:41:42:108] Processing unfinished transactions... [2025-12-10 17:41:42:108] Finished processing unfinished > transactions. [2025-12-10 17:41:42:108] Allowing in-app purchase... [2025-12-10 17:41:42:215] Requesting product info... [2025-12-10 17:41:42:989] productsRequest didReceiveResponse: [2025-12-10 17:41:43:066] Invalid Product ID: ( [2025-12-10 17:41:43:066] Purchase quantity: 1 [2025-12-10 17:41:43:066] Product info: [2025-12-10 17:41:43:067] Price: 648 [2025-12-10 17:41:43:067] Product ID: huoxiancj_648 [2025-12-10 17:41:43:067] Validating product info... [2025-12-10 17:41:43:067] Sending payment request... [2025-12-10 17:41:43:067] requestDidFinish [2025-12-10 17:41:43:132] paymentQueue updatedTransactions. [2025-12-10 17:41:43:133] updatedTransactions case > SKPaymentTransactionStatePurchasing [2025-12-10 17:41:43:208] [payment.applicationUsername] > userid=50306496 appid=1045 instid=12844 reserve=xxxx > productID=22674511 [2025-12-10 17:43:16:008] paymentQueue updatedTransactions. [2025-12-10 17:43:16:008] updatedTransactions case > SKPaymentTransactionStatePurchased [2025-12-10 17:43:16:008] productIdentifier= huoxiancj_648 [2025-12-10 17:43:16:113] Sending receipt to server for validation. [2025-12-10 17:43:16:113] Transaction completed. Any help or suggestions would be greatly appreciated! Thanks in advance.

Hello, I’m experiencing a strange issue with a newly created Subscription Group in my iOS app. For all my existing subscription groups, everything works perfectly — initial purchase, renewals, cancellations, all notifications arrive normally. But for this one newly created group, the first purchase never triggers any server notification from App Store Server Notifications (ASSN). ⸻ 📘 Problem Summary • I created a new Subscription Group in App Store Connect. • The products are all Approved and Published for over a week. • Users can successfully purchase the subscription in production. • The purchase is shown as Purchased in the App Store purchase UI. • The receipt can be fetched locally on device. • But my server receives no notifications, including: • DID_RENEW • DID_CHANGE_RENEWAL_STATUS • SUBSCRIBED • ONE_TIME_CHARGE • CONSUMPTION_REQUEST • etc. The old subscription groups still send notifications normally, so the notification URL and server infrastructure are correct.

Honestly, don't know how to test it in sandbox. I'm confused on if I need a sandbox to actually test out my in app purchase. Do I need to download something? Someone please help.

I am developing a running training app that coaches can use to create interval workout plans. I can use HKWorkout to get information about Splits similar to that in Fitness app, but I can't get information about Intervals. My idea is to show interval details when users view their completed custom interval workout plans. Can I use Healthkit (or another feasible method) to get the actual distance or time of exercise in intervals workout ? (I know the workoutPlan property, but it doesn't reflect the segments of a real interval training workout.) Any insights or suggestions would be greatly appreciated! Thanks in advance!

I have a watch only app that display an open/close park status and the current temperature with a current condition icon. That's it. On second submission the watch app was rejected due to no WeatherKit attribution. I have a lack of clarity of what's needed. With my single view that display my content I don't want WeatherKit attribution to overwhelm what's being presented to the user. I've tried looking for watch apps in the store that provide attribution and I'm not finding any. Looking for advice on how to meet this requirement without attribution overpowering my content.

Hi, I am experiencing an issue where my in-app purchase products cannot be fetched from App Store Connect during sandbox testing, despite all products being properly configured. ERROR MESSAGE: When testing on a physical iOS device, I receive the following error: "Error fetching offerings - The operation couldn't be completed. (RevenueCat.OfferingsManager.Error error 1.) There's a problem with your configuration. None of the products registered in the RevenueCat dashboard could be fetched from App Store Connect (or the StoreKit Configuration file if one is being used)." All products show status "READY_TO_SUBMIT" with the warning: "This product's status (READY_TO_SUBMIT) requires you to take action in App Store Connect before using it in production purchases." I have 2 subscriptions and 4 Consumable in-app purchases set up in App Store Connect. VERIFICATION COMPLETED: Bundle ID matches exactly in App Store Connect, Xcode project, and RevenueCat dashboard Product IDs match exactly between App Store Connect, RevenueCat, and application code Paid Applications Agreement is signed and active (Signed on 12/9 morning, everything shows as active) All products are in "Ready to Submit" status with complete metadata All products are properly linked to the app in App Store Connect Testing on physical iOS device (not simulator) with sandbox account signed in via Settings > Developer section Products have been in "Ready to Submit" status for 8 hours I have researched this error and verified the common causes (Paid Agreements, Product ID mismatches, Bundle ID mismatches) are all correctly configured on my end. QUESTION: Is this an issue on Apple's end, or are there additional requirements for products in "Ready to Submit" status to be available in sandbox testing? I have been unable to test my in-app purchases despite all configuration appearing correct. Thank you for your assistance.

On a MacBook Pro, 16GB of RAM, 500 GB SSD, OS Sequoia 15.7.1, M3 chip, I am running some python3 code in a conda environment that requires lots of RAM and sure enough, once physical memory is almost exhausted, swapfiles of about 1GB each start being created, which I can see in /System/Volumes/VM. This folder has about 470 GB of available space at the start of the process (I can see this through get info) however, once about 40 or so swapfiles are created, for a total of about 40GB of virtual memory occupied (and thus still plenty of available space in VM), zsh kills the python process responsible for the RAM usage (notably, it does not kill another python process using only about 100 MB of RAM). The message received is "zsh: killed" in the tmux pane where the logging of the process is printed. All the documentation I was able to consult says that macOS is designed to use up to all available storage on the startup disk (which is the one I am using since I have only one disk and the available space aforementioned reflects this) for swapping, when physical RAM is not enough. Then why is the process killed long before the swapping area is exhausted? In contrast, the same process on a Linux machine (basic python venv here) just keeps swapping, and never gets killed until swap area is exhausted. One last note, I do not have administrator rights on this device, so I could not run dmesg to retrieve more precise information, I can only check with df -h how the swap area increases little by little. My employer's IT team confirmed that they do not mess with memory usage on managed profiles, so macOS is just doing its thing. Thanks for any insight you can share on this issue, is it a known bug (perhaps with conda/python environments) or is it expected behaviour? Is there a way to keep the process from being killed?

Our team is in the process of updating our apps to comply with Texas's new state law. In order to minimize user confusion and provide the most ideal flow to access the app as possible, we have a few questions we would like answered. Summary of questions: Is isEligibleForAgeFeatures intended to be accurate and accessible before the user has accepted the Age Range permissions prompt? As other US states and/or other countries adopt a similar law going forward, will this instance variable cover those locations? Will the runtime crashes on isEligibleForAgeFeatures and other symbols in the DeclaredAgeRange framework be addressed in a future RC or in the official release? Details and Investigations: With regards to isEligibleForAgeFeatures, our team has noticed that this value is always false before the age range prompt has been accepted. This has been tested on the XCode RC 26.2 (17C48). Assuming the request needs to be accepted first, isEligibleForAgeFeatures does not get updated immediately when the user chooses to share their age range (updated to true, when our sandbox test account is a Texas resident). Only upon subsequent relaunches of the app does this return a value that reflects the sandbox user's location. Is isEligibleForAgeFeatures intended to be accurate and accessible before the user has accepted the Age Range permissions prompt? This leads to our follow-up question to clarify whether isEligibleForAgeFeatures explicitly correlates to a user in an affected legal jurisdiction–if future US states and/or other countries adopt a similar law going forward, will this instance variable cover those locations? Can we also get confirmation about whether the runtime crash on isEligibleForAgeFeatures and other symbols in the DeclaredAgeRange framework will be addressed in a future RC or in the official release? Thank you.

Hi everyone, I have a question regarding the intended privacy limits of the DeviceActivityReportExtension. According to the documentation and the WWDC21 session "Meet the Screen Time API", this extension was created specifically to prevent the host application from accessing the user's underlying activity data (websites visited, app usage, screen time, etc). But I have found that my host app is actually able to reconstruct this raw activity data from the activity report. I am able to extract specific visited websites and app usage durations back into the main app. I reported this to Apple Security (Case ID: OE1100504480881 ), assuming it was a sandbox bypass. However, they closed the ticket stating that this is "expected behavior" and requires no fix. My question for Screen Time Engineers: Is the documentation incorrect? If my host app is expected to be able to read this data, is there a formal API we should be using instead of extracting it from the report extension? The current behavior contradicts the privacy limits described in the documentation, so I am confused if I should rely on this data access for my app features or if it will be patched later. Thanks.

Hello, I have a problem with a subscription: it is not recognised by my application (under TestFlight); it is as if it did not exist. I have two subscriptions in the same group, a premium subscription that works perfectly and a basic subscription that is not recognised. I have checked everything at least twenty times. Its status is ‘Ready to submit’. I asked GPT 5.1 and Claude AI, but clearly both of their AIs are out of date and are giving me an obsolete procedure with App Store Connect options that don't exist.

Hello, I'm using PassKit with to perform Apple Pay payment in a financial application. Our approach are: On iOS application, define PKMerchantCapability threeDSecure and credit, perform apple pay experience and get the encrypted response. On PCI service, receive the encrypted data Payment token, decrypt this data, and use to perform the payment. The problem is, in MasterCard transaction the eciIndicator is missing. I want to know if has some rule or problem about it.

If I have two iOS apps, with bundle ids com.mycompany.A and com.mycompany.B, and they both have the shared group id of group.com.mycompany.B, then they can read/write data to same file (in shared defaults or, for example, a Realm database saved to the same shared group location). What I have noticed is that if both apps get installed and some data X written to shared defaults (but data which isn't accessed by both apps i.e. if only app A uses this data), then if app A is deleted and reinstalled then X is not deleted in this situation (unless both apps A and B are deleted). I guess that is to be expected as they both use the same group id and the OS won't clear that area out unless both apps are deleted. However I think I am seeing a situation where if app A has group.com.mycompany.A as its group and app B has group.com.mycompany.B as its group, then this is still the same situation - data written by app B for doesn't get deleted if only app B is deleted/reinstalled on the phone. It won't get deleted unless both app B and A are deleted from the phone. This is not what I was expecting. I need to perform some more checks (its more complex to verify as app A is developed by one company and app B by another), but if this were to be the case would this be unexpected behavior by the OS? Presumably it would be unexpected as the container should be identified by the full group id and not a partial portion of the group id right?

We are facing a DNS resolution issue with a specific ISP, where our domain name does not resolve correctly using the system DNS. However, the same domain works as expected when a custom DNS resolver is used. On Android, this is straightforward to handle by configuring a custom DNS implementation using OkHttp / Retrofit. I am trying to implement a functionally equivalent solution in native iOS (Swift / SwiftUI). **Android Reference (Working Behavior) : ** val dns = DnsOverHttps.Builder() .client(OkHttpClient()) .url("https://cloudflare-dns.com/dns-query".toHttpUrl()) .bootstrapDnsHosts(InetAddress.getByName("1.1.1.1")).build() OkHttpClient.Builder().dns(dns).build() **Attempted iOS Approach ** I attempted the following approach : Resolve the domain to an IP address programmatically (using DNS over HTTPS) Connect directly to the resolved IP address Set the original domain in the Host HTTP header **DNS Resolution via DoH : ** func resolveDomain(domain: String) async throws -> String { guard let url = URL( string: "https://cloudflare-dns.com/dns-query?name=\(domain)&type=A" ) else { throw URLError(.badURL) } var request = URLRequest(url: url) request.setValue("application/dns-json", forHTTPHeaderField: "accept") let (data, _) = try await URLSession.shared.data(for: request) let response = try JSONDecoder().decode(DNSResponse.self, from: data) guard let ip = response.Answer?.first?.data else { throw URLError(.cannotFindHost) } return ip } **API Call Using Resolved IP : ** func callAPIUsingCustomDNS() async throws { let ip = try await resolveDomain(domain: "example.com") guard let url = URL(string: "https://\(ip)") else { throw URLError(.badURL) } let configuration = URLSessionConfiguration.ephemeral let session = URLSession( configuration: configuration, delegate: CustomURLSessionDelegate(originalHost: "example.com"), delegateQueue: .main ) var request = URLRequest(url: url) request.setValue("example.com", forHTTPHeaderField: "Host") let (_, response) = try await session.data(for: request) print("Success: \(response)") } **Problem Encountered ** When connecting via the IP address, the TLS handshake fails with the following error: Error Domain=NSURLErrorDomain Code=-1200 "A TLS error caused the secure connection to fail." This appears to happen because iOS sends the IP address as the Server Name Indication (SNI) during the TLS handshake, while the server’s certificate is issued for the domain name. **Custom URLSessionDelegate Attempt : ** class CustomURLSessionDelegate: NSObject, URLSessionDelegate { let originalHost: String init(originalHost: String) { self.originalHost = originalHost } func urlSession( _ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void ) { guard challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust, let serverTrust = challenge.protectionSpace.serverTrust else { completionHandler(.performDefaultHandling, nil) return } let sslPolicy = SecPolicyCreateSSL(true, originalHost as CFString) let basicPolicy = SecPolicyCreateBasicX509() SecTrustSetPolicies(serverTrust, [sslPolicy, basicPolicy] as CFArray) var error: CFError? if SecTrustEvaluateWithError(serverTrust, &error) { completionHandler(.useCredential, URLCredential(trust: serverTrust)) } else { completionHandler(.cancelAuthenticationChallenge, nil) } } } However, TLS validation still fails because the SNI remains the IP address, not the domain. I would appreciate guidance on the supported and App Store–compliant way to handle ISP-specific DNS resolution issues on iOS. If custom DNS or SNI configuration is not supported, what alternative architectural approaches are recommended by Apple?

We attempted to run a burn-in test while connected to our MacBook Pro M4 Max, but this crashed about 10 minutes into testing. We tried to run a 2-hour burn-in on M4 Max host while charging the battery from below 5%, running six bus-powered drives (via ATTO/Black Magic/IOmeter), hitting the RJ45 port for 2.5Gbps (via JPerf), and streaming at least 4K60Hz video content to two display, however, M4 Max will crashed in 20 [minutes.]( https://www.example.com/)