How should i write and not show this sensitive error?

Hey there, I’m wondering if there is a CRUD API for Apple Notes? I just saw once that it’s possible through a Apple Script on Mac. But the problem for me is that the app should also run on iOS. Does someone have an idea how to approach this?

Hello! We develop a SAS driver and a service application for DAS devices. When users in our application create a RAID array on the device: On the 1st step, our dext driver mounts a new volume. At this step DiskUtil automatically tries to mount it. As there is no file system on the new volume - the MacOS system popup appears "The disk you attached was not readable by the computer" On the 2nd step our application creates the file system on this new volume. So we do not need this MacOS system popup to appear (as it may frustrate our users). We found a way to disable the global auto mount but this solution also impacts on other devices (which is not good). Are there any other possibilities to prevent the popup "The disk you attached was not readable by the computer" from appearing?

Summary On Mac Studio systems (no built-in camera), macOS does not initialize camera services after a normal reboot if no physical camera is present. As a result, Continuity Camera does not appear anywhere in the system. Observed behavior System Information → Camera reports “No video capture devices were found.” Continuity Camera (iPhone) is completely absent from camera lists. Plugging in any USB UVC webcam immediately initializes camera services and causes both the USB camera and the iPhone (Continuity Camera) to appear. The USB camera can then be unplugged and Continuity Camera continues working until the next reboot. Reproduction steps Use a Mac Studio (no built-in camera) on recent macOS. Ensure no USB webcam or external camera is connected. Reboot the Mac normally. After login, open System Information → Camera. Expected Camera services should initialize even when no physical camera is present, allowing Continuity Camera to be available as the primary camera. Actual No camera devices are present unless a physical USB camera is connected at least once after boot. This reproduces 100% of the time on Mac Studio and appears to be a camera service bootstrap issue where Continuity Camera cannot be the first camera device. Issue has been filed via Feedback Assistant.

In a class, I call the following (edited to simplify, but it matches the real case). If I do this: func getData() -> someClass? { _ = someURL.startAccessingSecurityScopedResource() if let data = NSData(contentsOf: someURL as URL) { do { let unarchiver = try NSKeyedUnarchiver(forReadingFrom: data as Data) print((unarchiver.decodeObject(of: [NSArray.self, someClass.self /* and few others*/], forKey: oneKey) as? someClass)?.aProperty) if let result = unarchiver.decodeObject(of: [NSArray.self, someClass.self /* same other types*/], forKey: oneKey) as? someClass { unarchiver.finishDecoding() print("unarchived success") return result } else { unarchiver.finishDecoding() print("unarchiving failed") return someClass() } } catch { return nil } } I get a failure on log : unarchiving failed But if I comment out the print(unarchiver.decodeObject) - line 8, it works and I get unarchived success // print((unarchiver.decodeObject(of: [NSArray.self, someClass.self /* and few others*/], forKey: oneKey) as? someClass)?.aProperty) However, when I do exactly the same for another class (I've compared line by line to be sure), it works even with the print statement. What could be happening here ?

We are developing a macOS VPN application using NEPacketTunnelProvider with a custom encryption protocol. We are using standard On-Demand VPN rules with Wi-Fi SSID matching but we want to add some additional feature to the native behaviour.  We want to control the 'conenect/disconnect' button status and allow the user to interact with the tunnel even when the on demand rule conditions are satisfied, is there a native way to do it? In case we need to implement our custom on-demand behaviour we need to access to this information: connected interface type ssid name and being informed when it changes so to trigger our logic, how to do it from the app side? we try to use CWWiFiClient along with ssidDidChangeForWiFiInterface monitoring, it returns just the interface name en0 and not the wifi ssid name. Is location access mandatory to access wifi SSID on macOS even if we have a NEPacketTunnelProvider? Please note that we bundle our Network Extension as an App Extension (not SystemExtension).

We’re developing an enterprise VPN client for macOS using NetworkExtension (PacketTunnelProvider) with Always-On / On-Demand VPN, deployed via MDM. On macOS 14.x and 15.x we observe the following log message from nesessionmanager: nesessionmanager: NESMVPNSession[...] Resetting VPN On Demand This most commonly occurs after sleep → wake. After this happens, the VPN no longer reconnects automatically, even though isOnDemandEnabled remains true and On-Demand rules are still present. Then a manual user action is required to reconnect. Questions: Is the “Resetting VPN On Demand” log message expected during sleep/wake transitions? Under what conditions does macOS reset On-Demand VPN state? Is there a supported way to detect or recover from this state programmatically? Any guidance on expected behavior or best practices would be appreciated.

Dear Apple Engineers, I am using NFCNDEFReaderSession to read information from NFC tags. When calling the begin method of the session, a system dialog/popover appears at the bottom of the screen. Is it possible to suppress or disable this dialog? Thank you for your assistance. Here is my demo code： @IBAction func beginScanning(_ sender: Any) { guard NFCNDEFReaderSession.readingAvailable else { let alertController = UIAlertController( title: "Scanning Not Supported", message: "This device doesn't support tag scanning.", preferredStyle: .alert ) alertController.addAction(UIAlertAction(title: "OK", style: .default, handler: nil)) self.present(alertController, animated: true, completion: nil) return } session = NFCNDEFReaderSession(delegate: self, queue: nil, invalidateAfterFirstRead: true) session?.alertMessage = "Hold your iPhone near the item to learn more about it. session?.begin() }

Dear Apple Engineers： My app utilizes the App Clip experience. I would like to prevent the App Clip card from appearing when the host app is running in the foreground. How can this be achieved? I have observed that Alipay (in China) does not display an App Clip card when the device is tapped against a tag while the app is in the foreground, which indicates that this behavior is possible. Thank you for your assistance.

I decode an object with NSKeyedArchiver (SecureCoding): typealias BoolArray = Array<Array<Bool>> let val = decoder.decodeObject(of: NSArray.self, forKey: someKey) as? BoolArray I get the following log: *** -[NSKeyedUnarchiver validateAllowedClass:forKey:] allowed unarchiving safe plist type ''NSNumber' (0x204cdbeb8) [/System/Library/Frameworks/Foundation.framework]' for key 'NS.objects', even though it was not explicitly included in the client allowed classes set: '{( "'NSArray' (0x204cd5598) [/System/Library/Frameworks/CoreFoundation.framework]" )}'. This will be disallowed in the future. I changed by adding NSNumber.self in the list : let val = decoder.decodeObject(of: [NSArray.self, NSNumber.self], forKey: someKey) as? BoolArray No more warning in log. Is there a reason for this ?

I’m hitting a specific edge case with background execution that I can’t figure out. I'm using Flutter for the UI, but all the logic handles are in Swift using CoreBluetooth and CoreLocation. I need the app to wake up from a suspended state when it detects my specific BLE peripheral (OBD sensor), connect to it, and immediately start continuous location tracking for the duration of the drive. If I start this process while the app is in the foreground, or very shortly after going to BG, it works perfectly. The app stays alive for the whole trip. The issue only happens when the sequence starts from the background: The app is suspended. scanForPeripherals wakes the app when the sensor is found. In didDiscover, I immediately call locationManager.startUpdatingLocation(). locationd actually delivers updates successfully. However, 5-15 minutes later, iOS suspends the app again. Crucially, I never see the blue "Location In Use" pill on the status bar, even though I have showsBackgroundLocationIndicator = true set. Also, distance filter is set to None. Logs for reference (around suspending) locationd: {"msg":"Sending location to client","Client":"[appName]:","desiredAccuracy":"-1.000000"} runningboardd: Invalidating assertion ... from originator \\\[osservice<com.apple.bluetoothd>:...\\\] runningboardd: Removed last relative-start-date-defining assertion for process app<[appName]...> runningboardd: Calculated state ... running-suspended runningboardd: Suspending task locationd: Client [appName]: disconnected bluetoothd: State of application "[appName]" is now "suspended" Questions Why does invalidating the Bluetooth assertion cause an immediate suspend even though I called startUpdatingLocation() and am receiving updates? Does the missing blue location pill imply that the OS never fully "accepted" the location session? Is there a specific "handshake" required to transition from a BLE wake-up to a long-running location session? I'm wondering if I need to use a background task identifier to bridge the gap between the BLE wake and the location manager taking over. More context: Digging deeper in the comments, I just noticed the following patterns when the application is not suspended vs when it is recently suspended and got awaken by a BLE event. Not suspended: 303948:Jan 23 20:59:35.640118 locationd[6491] <Debug>: {"msg":"Client is setting ContinuousBackgroundLocationRequested", "Client":"[appName]:", "ContinuousBackgroundLocationRequested":1} 303949:Jan 23 20:59:35.640155 locationd[6491] <Debug>: {"msg":"Allowing process assertion due to foreground-ish status", "ClientKeyPath":"[appName]:"} Recently suspended and awaken by BLE: 564296:Jan 23 21:00:23.179125 locationd[6491] <Debug>: {"msg":"Client is setting ContinuousBackgroundLocationRequested", "Client":"[appName]:", "ContinuousBackgroundLocationRequested":1} 564298:Jan 23 21:00:23.179195 locationd[6491] <Notice>: {"msg":"#Warning Denying process assertion", "ClientKeyPath":"[appName]:"} The assertion fails for the second case and that's why the app could not persist. Most importantly, following the logs in the second case, I see the following: locationd[6491] <Notice>: {"msg":"computing freshAuthorizationContext", "Client":"[appName]:", "ClientDictionary":"{\n AlwaysServiceSession = 0;\n I suspect that the flag AlwaysServiceSession being 0 has to do with process assertion being denied for location.

Hello, In my iOS app, I have a customer center where the user can see some details about its current subscription. I display things like the billing period, the price, the introductory offer state, the renewal date if it's not cancelled or the expiration date if it's cancelled, etc. From this screen, the user can open the subscription management sheet. I want to detect if the user cancels the subscription from this sheet or from the App Store (when the app is running) so I can refresh the information displayed on my customer center. I checked the asynchronous sequences provided by StoreKit 2 like Transaction.updates or Product.SubscriptionInfo.Status.updates and tested with a Sandbox account on my physical device with the app debugged using Xcode. But I noticed these sequences don't emit when I cancel the subscription in Sandbox. Is this the expected behavior? Is there a way to observe in real time if a user cancels the subscription? I can still manually check when the sheet is dismissed but it's not ideal because I want to know even if the user cancel from outside of the app with the app running. Thank you, Axel

I get several warnings in log: *** -[NSKeyedUnarchiver validateAllowedClass:forKey:] allowed unarchiving safe plist type ''NSNumber' (0x204cdbeb8) [/System/Library/Frameworks/Foundation.framework]' for key 'NS.objects', even though it was not explicitly included in the client allowed classes set: '{( "'NSArray' (0x204cd5598) [/System/Library/Frameworks/CoreFoundation.framework]" )}'. This will be disallowed in the future. I am not sure how to understand it: I have removed every NSNumber.self in the allowed lists for decode. To no avail, still get the avalanche of warnings. What is the key NS.objects about ? What may allowed classes set: '{( "'NSArray' be referring to ? An inclusion of NSArray.self in a list for decode ? The type of a property in a class ?

I have defined a class : class Item: NSObject, NSSecureCoding { var name : String = "" var color : ColorTag = .black // defined as enum ColorTag: Int var value : Int = 0 static var supportsSecureCoding: Bool { return true } Its decoder includes the following print statement to start: required init(coder decoder: NSCoder) { print(#function, "item should not be nil", decoder.decodeObject(of: Item.self, forKey: someKey))   Another class uses it: class AllItems: NSObject, NSSecureCoding { var allItems : [Item]? static var supportsSecureCoding: Bool { return true } and decodes as follows required init(coder decoder: NSCoder) { super.init() // Not sure it is necessary allItems = decoder.decodeObject(of: NSArray.self, forKey: mykey) as? [Item] print(#function, allItems) // <<-- get nil } I note: decoder returns nil at line 5 I have tried to change to decoder.decodeObject(of: [NSArray.self, NSString.self, NSColor.self, NSNumber.self], forKey: mykey)) Still get nil And, decoder of class Item is not called (no print in the log) What am I missing ?

I have noticed race conditions on macOS when tearing down and re-configuring an NEPacketTunnelProvider. My goal is to handle switching out one VPN profile for another identical/near identical one (I'll add some context for this below). The flow that I have tested was to wait for the NEVPNStatusDidChange notification to report a NEVPNStatus.disconnected state, and then start the process of re-configuring the VPN with a new profile. In practice however, I have noticed that I must wait a couple of seconds between NEVPNStatus.disconnected state being reported and setting up a new tunnel. Otherwise, the system routing table gets messed up but the VPN reports being in NEVPNStatus.connected state, resulting in a tunnel that appears healthy but can't be accessed. With this, I wanted to ask if you have any suggestions on any OS items I can observer, in order to deterministically know that the system has fully cleaned up my packet tunnel, and that I am safe to configure another? This would be much more optimal than a hard-coded delay. Additional context: Jamf is a common solution for deploying MDM configuration profiles. However, in my tests, it doesn't support Apple's recommended approach of using the PayloadIdentifier to mark profiles for replacement, as PayloadIdentifiers are automatically updated to match the PayloadUUID of that same profile on upload. Although given what I've observed, I'm not sure the Apple recommended approach would work here in any case. Additionally, it would be nice to transition from non-MDM to MDM cleanly, however, this also requires an indeterminate wait time between the non-MDM configuration being disconnected and subsequently removed, and the MDM one being configured. With these scenarios, we need to be able to add a second configuration, with possibly identical VPN settings, then remove the old one, allowing the system to transition to the new configuration. For the MDM case, the pattern I've noticed on the system is that when the current profile is suddenly deleted, the connection will go into disconnected state, then NEVPNConfigurationChange will fire. The new profile can be configured from NEVPNConfigurationChange, however some time is needed to avoid races. For non-MDM, I had experimented with an approach of polling for MDM configurations appearing. When they do, I'd remove my previous notification observers, and set up a new NEVPNStatusDidChange notification observer, to remove the non-MDM VPN configuration after. it enters a disconnected state. Following the removal, I would call a function to reconfigure the VPN with new configuration. When this logic is in place, the call to stopVPNTunnel() is made. Again, a hardcoded delay is required between stopping and removing the old configuration and setting up a new one. Thanks!

The documentation says: The caching behavior of the NSURL and CFURL APIs differ. For NSURL, all cached values (not temporary values) are automatically removed after each pass through the run loop. You only need to call the removeCachedResourceValueForKey: method when you want to clear the cache within a single execution of the run loop. The CFURL functions, on the other hand, do not automatically clear cached resource values. The client has complete control over the cache lifetimes, and you must use CFURLClearResourcePropertyCacheForKey or CFURLClearResourcePropertyCache to clear cached resource values. https://developer.apple.com/documentation/foundation/nsurl/removeallcachedresourcevalues()?language=objc Is this really true? In my experience I've had to explicitly remove cached resource values via -removeAllCachedResourceValues or removeCachedResourceValueForKey: otherwise the URL contains stale values. For example on a URL that no longer exists I attempted to read NSURLIsHiddenKey and the last value was already cached. Instead of getting a NSFileNoSuchFileError I get the old cache value unless explicitly call -removeCachedResourceValueForKey: first and I'm fairly certain the value was cached on a previous run loop churn.

Our app attempts to install a PDF workflow in ~/Library/PDF Services but on a clean install of newer macOS versions, that directory no longer exists. Attempting to create the folder requires prompting for user permission to access the ~/Library directory and then prompting the user to access the newly created ~/Library/PDF Services directory. This is annoying and awkward. Creating the PDF Service in the sandbox Library directory does nothing useful since the PDF workflow does not show up in the PDF workflow list in the print dialog. We would like to create both directories in one step, or have the OS create the folder like it used to. Is there an entitlement that will allow our app access to the ~/Library directory without requiring Full Disk Access? Is there a way to have the OS create a symlink in ~/Library for the PDF Services directory that works with macOS 14 and later?

Hello Team, We applied for Tap to Pay on iPhone entitlement and were approved, but on distribution support it's only showing Development. We can build and debug Tap to Pay on development, but unable to build release. We opened ticket with Apple support but they were saying it was configured correctly. I attached screenshot of our developer account entitlement for Tap to Pay. It clearly said Development only.

Why can I use background delivery to realize background notifications when I run the app for the first time, but when I delete the app running in the background, and then reopen the app to run it in the background, there will be no background notification when the data changes?

Hello Apple Forums, We are developing an iOS application that connects to a custom BLE accessory and sends control commands to it. Our system architecture is as follows: A separate hardware device collects data and sends it to our backend server via Wi-Fi. The backend evaluates state changes and determines when the BLE accessory should update its display. The iOS app acts purely as a BLE command executor for this accessory. Our goal is to: Maintain a BLE connection with the accessory while the app is in the background. Receive state-change events from our backend server. Upon receiving such events, send a BLE command to the accessory to update its state. We understand that iOS does not allow arbitrary background execution. We would like to confirm whether there is any supported mechanism, entitlement, or program that allows: Long-running background execution for BLE control, or Server-originated events (other than APNs) to trigger background BLE actions. If this is not supported, we would appreciate confirmation that APNs (silent push) is the only supported way to trigger such background BLE actions, or guidance on any recommended alternative architectures. Thank you for your guidance.