If I use <FetchRequest.returnsDistinctResults> with unique "identifier" property, and there happened to be multiple NSManagedObjects in Core Data that contains the same "identifier", does the FetchRequest retrieve the latest modified/created object? Is there a way to define the <FetchRequest.returnsDistinctResults> logic to be based on another property (e.g. "creationDate" / "modifiedDate") and the ascension order?

We are experiencing intermittent 403 Forbidden errors during Apple Pay on web merchant validation in our production and sandbox environment. Has anyone else started seeing 403 Forbidden errors recently (since mid-2025)? Why would merchant validation be sometimes successful and sometimes fail with 403? Could this be related to new Apple Pay gateway changes or stricter validation rules? Any additional debug steps or permanent solutions we should try? Thank you.

Connect with ios in android

Hi, We’re seeing our build system (Gradle) get stuck in sendto system calls while trying to communicate with other processes via the local interface over UDP. To the end user it appears that the build is stuck or they will receive an error “Timeout waiting to lock XXX. It is currently in use by another Gradle instance”. But when the process is sampled/profiled, we can see one of the threads is stuck in a sendto system call. The only way to resolve the issue is to kill -s KILL <pid> the stuck Gradle process. A part of the JVM level stack trace: "jar transforms Thread 12" #90 prio=5 os_prio=31 cpu=0.85ms elapsed=1257.67s tid=0x000000012e6cd400 nid=0x10f03 runnable [0x0000000332f0d000] java.lang.Thread.State: RUNNABLE at sun.nio.ch.DatagramChannelImpl.send0(java.base@17.0.10/Native Method) at sun.nio.ch.DatagramChannelImpl.sendFromNativeBuffer(java.base@17.0.10/DatagramChannelImpl.java:901) at sun.nio.ch.DatagramChannelImpl.send(java.base@17.0.10/DatagramChannelImpl.java:863) at sun.nio.ch.DatagramChannelImpl.send(java.base@17.0.10/DatagramChannelImpl.java:821) at sun.nio.ch.DatagramChannelImpl.blockingSend(java.base@17.0.10/DatagramChannelImpl.java:853) at sun.nio.ch.DatagramSocketAdaptor.send(java.base@17.0.10/DatagramSocketAdaptor.java:218) at java.net.DatagramSocket.send(java.base@17.0.10/DatagramSocket.java:664) at org.gradle.cache.internal.locklistener.FileLockCommunicator.pingOwner(FileLockCommunicator.java:61) at org.gradle.cache.internal.locklistener.DefaultFileLockContentionHandler.maybePingOwner(DefaultFileLockContentionHandler.java:203) at org.gradle.cache.internal.DefaultFileLockManager$DefaultFileLock$1.run(DefaultFileLockManager.java:380) at org.gradle.internal.io.ExponentialBackoff.retryUntil(ExponentialBackoff.java:72) at org.gradle.cache.internal.DefaultFileLockManager$DefaultFileLock.lockStateRegion(DefaultFileLockManager.java:362) at org.gradle.cache.internal.DefaultFileLockManager$DefaultFileLock.lock(DefaultFileLockManager.java:293) at org.gradle.cache.internal.DefaultFileLockManager$DefaultFileLock.<init>(DefaultFileLockManager.java:164) at org.gradle.cache.internal.DefaultFileLockManager.lock(DefaultFileLockManager.java:110) at org.gradle.cache.internal.LockOnDemandCrossProcessCacheAccess.incrementLockCount(LockOnDemandCrossProcessCacheAccess.java:106) at org.gradle.cache.internal.LockOnDemandCrossProcessCacheAccess.acquireFileLock(LockOnDemandCrossProcessCacheAccess.java:168) at org.gradle.cache.internal.CrossProcessSynchronizingCache.put(CrossProcessSynchronizingCache.java:57) at org.gradle.api.internal.changedetection.state.DefaultFileAccessTimeJournal.setLastAccessTime(DefaultFileAccessTimeJournal.java:85) at org.gradle.internal.file.impl.SingleDepthFileAccessTracker.markAccessed(SingleDepthFileAccessTracker.java:51) at org.gradle.internal.classpath.DefaultCachedClasspathTransformer.markAccessed(DefaultCachedClasspathTransformer.java:209) at org.gradle.internal.classpath.DefaultCachedClasspathTransformer.transformFile(DefaultCachedClasspathTransformer.java:194) at org.gradle.internal.classpath.DefaultCachedClasspathTransformer.lambda$cachedFile$6(DefaultCachedClasspathTransformer.java:186) at org.gradle.internal.classpath.DefaultCachedClasspathTransformer$$Lambda$368/0x0000007001393a78.call(Unknown Source) at org.gradle.internal.UncheckedException.unchecked(UncheckedException.java:74) at org.gradle.internal.classpath.DefaultCachedClasspathTransformer.lambda$transformAll$8(DefaultCachedClasspathTransformer.java:233) at org.gradle.internal.classpath.DefaultCachedClasspathTransformer$$Lambda$372/0x0000007001398470.call(Unknown Source) at java.util.concurrent.FutureTask.run(java.base@17.0.10/FutureTask.java:264) at org.gradle.internal.concurrent.ExecutorPolicy$CatchAndRecordFailures.onExecute(ExecutorPolicy.java:64) at org.gradle.internal.concurrent.ManagedExecutorImpl$1.run(ManagedExecutorImpl.java:49) at java.util.concurrent.ThreadPoolExecutor.runWorker(java.base@17.0.10/ThreadPoolExecutor.java:1136) at java.util.concurrent.ThreadPoolExecutor$Worker.run(java.base@17.0.10/ThreadPoolExecutor.java:635) at java.lang.Thread.run(java.base@17.0.10/Thread.java:840) A part of the process sample: 2097 Thread_3879661: Java: jar transforms Thread 12 + 2097 thread_start (in libsystem_pthread.dylib) + 8 [0x18c42eb80] ...removed for brevity... + 2097 Java_sun_nio_ch_DatagramChannelImpl_send0 (in libnio.dylib) + 84 [0x102ef371c] + 2097 __sendto (in libsystem_kernel.dylib) + 8 [0x18c3f612c] We have observed the following system logs around the time the issue manifests: 2025-08-26 22:03:23.280255+0100 0x3b2c00 Default 0x0 0 0 kernel: cfil_hash_entry_log:6088 <CFIL: Error: sosend_reinject() failed>: [4628 java] <UDP(17) in so 9e934ceda1c13379 50826943645358435 50826943645358435 ag> 2025-08-26 22:03:23.280267+0100 0x3b2c00 Default 0x0 0 0 kernel: cfil_service_inject_queue:4472 CFIL: sosend() failed 22 The issue seems to be rooted in the built-in Application Firewall, as disabling it “fixes” the issue. It doesn’t seem to matter that the process is on the “allow” list. We’re using Gradle 7.6.4, 8.0.2 and 8.14.1 in various repositories, so the version doesn’t seem to matter, neither does which repo we use. The most reliable way to reproduce is to run two Gradle builds at the same time or very quickly after each other. We would really appreciate a fix for this as it really negatively affects the developer experience. I've raised FB19916240 for this. Many thanks,

Hello, I am trying to utilize the Critical Messaging API to allow my user to message 1 or multiple pre registered contacts automatically. An issue I am having with this in testing is that when the application attempts to fire off texts to the phone numbers the success rate changes from trial to trial, with no variable changing. Sometimes I can send a Critical Message to multiple phone numbers in rapid succession, sometimes the message is only sent to 1 contact, and sometimes I get no successes. Each failure always returns the MSCriticalMessaging.notSupported error. The API documentation states, "The send(_:to:) method only works if the app is backgrounded, if it’s called from foreground the framework returns a MSCriticalMessagingError.notSupported error." If my app is always backgrounded in these tests, what other issues may cause this notSupported error return, and why does the outcomes success rate vary?

I have an app with lots of networking calls that are currently done through URLSession. We would like to implement the new carried constrained entitlements and begin moving data through the ultra constrained network path for core features of our application. I have successfully implemented the NWPathMonitor to identify when the current network path is ultra constrained and I have been consistently on a physical device in a real world environment. I'm aware that we will not be able to use URLSession to do this from other posts in this forum like this one. Because of this problem with URLSession I am attempting to fallback to using NWConnection when the current path is ultra constrained. I have setup a NWConnection with the NWParameters.allowUltraConstrainedPaths set to true. The request works perfectly when connected to wifi or cellular. However, it does not work at all when the current path is ultra constrained. When attempting this request through my NWConnection I receive an error that says: The operation couldn’t be completed. (Network.NWError error 50 - Network is down) Is this expected? I have confirmed my physical device is connecting to carrier provided satellite and I have been able to load data in other ios apps from Apple like the music app while on this carrier constrained connection. If this is not the correct way to move data when the path is ultra constrained what is the correct way?

I'm trying to use FSKit to create a File System Extension that can read MFS-formatted disk images, following the old MFSLives sample project for reference. I have a well-formed MFS formatted img file that I'm trying to mount, but I'm having trouble getting the system to actually use my FSModule. DiskImageMounter fails to mount the img file, but I'm able to use it to attach the image as a device by clicking "Ignore" when it prompts me that it isn't able to read the disk. This is effectively the same as using the hdiutil command in Terminal. hdiutil attach -imagekey diskimage-class=CRawDiskImage -nomount Sample.img I've read that FSKit isn't fully integrated with Disk Arbitration yet, so I decided to see if I could force the system to use my extension by using the mount command. mkdir /tmp/Sample mount -F -t MFS disk54 /tmp/Sample Watching the logs in Console, I can see that fskit_agent sees my extension in its "New Modules List", and I see an MFS process gets launched and logs messages from com.apple.running and com.apple.xpc. However, the logs from the MFS process end there, and don't include any of my debug logs, which should be posted when my FSFileSystem subclass is created or when probeResource is called. Ultimately the mount command fails with exit code 69 and prints the following error message: mount: Probing resource: The operation couldn’t be completed. Permission denied mount: Unable to invoke task I've checked everything I could think of: The extension is enabled in System Settings. The extension has the FSKit Module capability added in Xcode. The Info.plist sets the FSSupportsBlockResources key to YES. The Info.plist sets both the FSName and FSShortName keys to MFS. The extension has its Team set to my developer account, with Xcode setting the Provisioning Profile and Signing Certificate automatically. The hosting app has its Team set to my developer account with the "Development" signing certificate. I wanted to see if it was something with my project configuration or implementation, so I downloaded the KhaosT/FSKitSample project from GitHub. Once I got that building, I tried mounting a disk image using the MyFS extesnion, but my system wouldn't run that either. Is there something about the system configuration I should be aware of to enable File System Extensions? I have my MFS extension showing up and enabled, but I'm not sure if there's something I'm missing that I still have to do. Is there a capability or signing requirement I didn't list that's required for the extension to run? The documentation doesn't specify anything about the entitlements, signing capabilities, or Info.plist keys, so I'm not sure what I should be looking for. I'm running macOS Sequoia 15.6.1 on an M2 Max MacBook Pro, and I'm building my project with Xcode 26 beta 6.

Hi everyone! I'd like to create an application for system monitoring using the Endpoint Security framework. I already have a working prototype and now I am trying to expand its capabilities to capture more event types. Started looking at filesystem-related events as one of the most important ones for my use case. These seem to be supported fairly well by the framework (ES_EVENT_TYPE_NOTIFY_OPEN/CLOSE/CREATE/WRITE etc.) However, the "READ FILE" event seems to be absent… Am I missing something here, or Endpoint Security framework does not provide this kind of information? If it doesn't, what is the reason behind this? Capturing this type of events seems quite relevant for security-related software. Thanks & Best regards, Roman

AppleScript for the Music app no longer supports the current track event. Before macOS Tahoe, running the following script in Script Editor would return the current track information: tell application "Music" return name of current track end tell However, when I run this script on a device with macOS 26 Tahoe, I receive this error: "Result: error "Music got an error: Can’t get name of current track." number -1728 from name of current track” I've tested this extensively, and here are my findings: Going to the “songs” tab and playing something from there makes everything work. Playing any song directly will make it work with current track UNLESS this song is NOT in your Music library (either added through Apple Music or uploaded). If you play a song not in your library, current track is not updated even if you clicked on it specifically. Playing an album (in your library obviously) makes all the tracks within it appear in current track until autoplay takes over. Any autoplayed track won’t appear in current track even if in your library (unless: see the last bulletpoint) Music played through the “songs” tab all appear in current track even if autoplay kicks in. I assume this is because this tab is an iTunes legacy (visually and under the hood) and doesn’t use the modern autoplay. This tab also won’t play non-library songs unlike the “albums” tab which seems to use the correct autoplay and suffers the same symptoms as the “recently added”, “home”, “radio”, etc… tabs. Is this a bug, or has Apple simply deprecated this functionality?

hi, in my app, i have created and pushed CKRecords to the public database. others using the app have pushed CKRecords as well. is there any way i can query iCloud for "all the CKRecords that i created?" thanks, DMG

We are testing BLE connectivity between a custom device (nRF52832, nRF5 SDK) and the latest iPad A16. Setup: Peripheral: nRF52832 running Nordic’s SoftDevice (nRF5 SDK v13) . Central: iPad A16 (Latest iPadOS 18.6.2). Issue: During the connection procedure, the iPad sends a Link Layer Control PDU with Opcode 0xFF. This is a vendor-specific LL control opcode. Our peripheral does not respond, since the Nordic SoftDevice does not implement handling for 0xFF. As a result, the link stability is affected (connection may drop / negotiation fails). Observations: With older iPads and iPhones (A14/A15 chips), no such control opcode is sent — connection and notifications work fine. Only the iPad A16 sends this vendor-specific opcode. Nordic’s SoftDevice responds to standard LL control opcodes, but ignores vendor-specific ones. Questions: Is this 0xFF LL control PDU expected behavior on A16 devices? Should peripherals ignore vendor-specific LL opcodes, or is a response required for stable connection? Are there known changes in BLE Link Layer negotiation with iPad A16?

We are working with Saferpay. And integrating Applepay Server to Server. But we are having token generation issue. It does not give a valid test card information. We have created a tester account as India country. Is that an issue?

Hello, we are experiencing issues with adding VISA cards via In-App Provisioning on iOS using PassKit. The same flow works correctly with Mastercard, but for VISA cards the Apple broker endpoint returns HTTP 500. Details Device: iPhone15,3 (iPhone 15 Pro), iOS 18.6.1 (22G90) Region: CZ App: [REDACTED] (version 0.4.3) Issuer ID: [REDACTED] Merchant ID and entitlements are configured and validated. SEID: [REDACTED] Request flow GET /broker/v4/devices/{SEID}/issuerProvisioningCertificates?encryptionVersion=EV_ECC_v2 Request ID: B61363A8-0BFF-4CD6-92BC-52C461DFFAAD Response: 200 OK Conversation ID: e12c64c9a0b54981adfad8d00800d836 Returned nonce: [REDACTED] Timestamp: 2025.08.21_14-01-46+0200 POST /broker/v4/devices/{SEID}/cards Request ID: F29B73CA-CDDE-4C0C-9F40-B87AE006FDDD Payload fields present (values redacted): encryptedCardData [REDACTED], ephemeralPublicKey [REDACTED], publicKeyHash [REDACTED], nonce [REDACTED], issuerIdentifier [REDACTED], encryptionVersion=EV_ECC_v2 Response: 500 Internal Server Error (latency ~0.41s) Timestamp: 2025.08.21_14-01-47+0200 Observation Provisioning succeeds with Mastercard but consistently fails with VISA. The GET issuerProvisioningCertificates succeeds; the POST …/cards returns 500. Request Could you please: Provide internal error details for Request ID F29B73CA-CDDE-4C0C-9F40-B87AE006FDDD (and/or Conversation ID e12c64c9a0b54981adfad8d00800d836), Confirm whether the 500 originates before or after the broker’s call to VTS (Visa Token Service), and Validate that our app/merchant/issuer configuration is fully enabled for VISA push provisioning in our region. Attached privately: sysdiagnose with full traces (can share via secure channel upon request). Kind regards, Martin

Hello, we have problem. Kind regards, -Martin

Description: While testing Core NFC functionality on iOS 26 beta, when the NFC switch is turned off, the system automatically displays an alert. The alert contains two buttons: “Cancel” and “Settings”. Expected Behavior: When the user taps the “Settings” button, the system should navigate to the system settings page where the NFC switch can be turned on. Actual Behavior: The alert appears as expected Tapping the “Settings” button does not navigate to the system settings page No callback is triggered in the app’s NFC session Steps to Reproduce: Turn off the NFC switch on an iOS 26 beta device Trigger Core NFC functionality (e.g., NFCNDEFReaderSession or NFCTagReaderSession) The system alert appears indicating NFC is turned off Tap the “Settings” button Impact: Users cannot directly navigate to enable NFC from the system alert, making NFC features in the app unusable and negatively affecting user experience. Device Information: iOS Version: iOS 26 beta Device Model: iPhone 14pro App uses Core NFC APIs to trigger NFC sessions

I have created a sample app which read/write from a network file. When the file was attempted to open (using open Linux API), connection to network file was lost. The thread which was stuck on the open method, returns after a long time. It was observed that for macOS, the maximum return time of the thread was around 10 mins, whereas in Windows and Linux, the maximum timeout was 60 sec and 90 sec. macOS has a very large timeout before returning the thread with a network failure error. Is this by designed and expected? With a large timeout as 10mins, it's difficult to respond swiftly back to the user.

I am debugging ImageCaptureCore to communicate with external cameras. When I called the PTP function below to send a command and add data, the response timed out for more than 5 seconds. After waiting for a period of time, I obtained the response. However, the response callback function obtained responsivData.length as zero and ptpResponseData.length as zero too. (void)requestSendPTPCommand:(NSData *)ptpCommand outData:(NSData *)ptpData completion:(void (^)(NSData *responseData, NSData *ptpResponseData, NSError *error))completion; data is below: Wrote 1 = 0x1 bytes PTP：send data: (hexdump of 1 bytes) [ ] I/PTP (14564): 0000 01 - .

Hi, Apple recently announced DL-TDoA (Downlink TDoA) support on iOS26. This API is currently marked as Beta. We are working on integrating this functionality into our app, already added the APIs and tried to configure a new DL-TDoA session using NIDLTDOAConfiguration (the only parameter it takes is networkIdentifer). The session is configured but automatically invalidated by the OS. When is DL-TDoA expected to be fully supported by phones? Can we expect a detailed documentation or specification explaining how to arrange the session with the DT-Anchors (channel, ranging duration, ...)? Do we need Bluetooth LE connection with the anchors while running DL-TDoA? We already have the 4 DT-Anchors (1 initiator and 3 responders) ready, looking forward to be able to test this new exciting feature and get DL-TDoA measurements to trilaterate the phone position within a map. Regards.

Hey! I'm trying to create an XPC messaging feature between my daemon and main application. I'm trying to use the new Swift low-level API available from macOS 14.0. The documentation is extremely confusing when looking at it from Swift: The xpc_listener_t type Seems to be something I shouldn't use in the Swift API, and would rather have to use XPCListener. Also, it appears to have no public API other than the xpc_listener_set_peer_code_signing_requirement function. Which would make it impossible to create this type. However, when going into xpc.h, one can see that there is an API in fact: API_AVAILABLE(macos(14.0), macCatalyst(17.0)) API_UNAVAILABLE(ios, tvos, watchos) XPC_EXPORT XPC_SWIFT_NOEXPORT XPC_RETURNS_RETAINED XPC_WARN_RESULT xpc_listener_t _Nullable xpc_listener_create(const char * service, dispatch_queue_t _Nullable target_queue, xpc_listener_create_flags_t flags, xpc_listener_incoming_session_handler_t incoming_session_handler, xpc_rich_error_t _Nullable * _Nullable error_out); which is a very unusual declaration - the first parameter for example shows up as Int8 type in Swift. Not to mention I haven't been able to create the next parameter, xpc_listener_create_flags_t at all, even though it seems to be a UInt64-based flag based on the C declaration, but passing UInt64(0) throws a compiler error. It really seems like something I shouldn't use from Swift. But then again, the extremely important security-related API mentioned above, xpc_listener_set_peer_code_signing_requirement can only take an xpc_listener_t object as a parameter, not an XPCListener type. There seems to be no conversion available between the two. However the documentation in the XPC framework seems to be telling the story of these two types being very equal, because of the following: The xpc_session_t type seemingly again has only deprecated methods mostly, the important one staying behind is xpc_session_set_peer_code_signing_requirement. However, this would again require the creation of an xpc_session_t object, for which in the XPC framework one will find declarations like: @available(macOS, introduced: 13.0, deprecated: 14.0, renamed: "XPCSession") @available(macCatalyst, introduced: 16.0, deprecated: 17.0, renamed: "XPCSession") @available(iOS, unavailable) @available(tvOS, unavailable) @available(watchOS, unavailable) public typealias xpc_session_t = OS_xpc_object plus basically all API of XPCSession being originally declared as xpc_session_* APIs and all of them having deprecated: 14.0, renamed: * marks. This is telling me xpc_session_t and XPCSession are in fact the same/same-ish. But again, there is seemingly no conversion between these two types. Which brings me to again being unable to create a code signing requirement for the XPCSession object. I've read some older forum posts, and I saw Apple Engineers admitting the code signing requirement APIs are missing from the new Swift APIs, however they seem to have been added in macOS 14.4 - although it appears to have been mistakenly added to the C-family functions, which have not been exposed to Swift correctly, because they still use the deprecated xpc_listener_t and xpc_session_t types. So my question is: what is going on here? :) Making XPC connections without a code signing requirement in 2025 seems like a no-go, so do I have to still stick with C - even though this new API seems to be focused on Swift?

Hello, I noticed the new entitlement in iOS 26 under LiveCommunicationKit: Preparing your app to be the default dialer app. My question is about eligibility: If a developer account is registered in the EU, can any app add the Default Dialer capability, or is it restricted only to apps that provide real calling/communication functionality (e.g., WhatsApp, Telegram, Skype)? If granted, does this capability allow the app to make/receive cellular calls and access call history, or is it limited only to VoIP-style scenarios through CallKit integration? What are the minimum functionalities required to support this feature (e.g., having a dial pad, call history screen, etc.)? Why must the developer account be registered in the EU to use this entitlement? Thanks in advance for the clarification!