The documentation for NSURL -URLByAppendingPathComponent: states: "Returns a new URL by appending a path component to the original URL." Path component is singular. But this "works" : NSURL *testURL = [applicationsDirectory URLByAppendingPathComponent:@"Evil/../../" isDirectory:YES]; So my questions are: One) Was it always this way? I can't recall if it was like this before the Foundation rewrite and I just never stumbled across? and Two) Is it intended behavior? The API seems to suggest that you append one path component on the url with this method. But I guess you can append as many as you want?

Hello, In production, a large number of users experience outgoing call reporting fails with the following error: com.apple.CallKit.error.requesttransaction Code=2 The iOS version doesn't matter, errors are present in v15-26 Details My CXProvider held as a global singleton, so it’s unlikely to be deinited. There is no explicit call to CXProvider.invalidate() in the app. If I manually invalidate the CXProvider, I observe the expected failure when trying to create an outgoing call (com.apple.CallKit.error.requesttransaction error 2). However, If I recreate the CXProvider after the error, outgoing calls are reported correctly. Many users trigger the providerDidReset delegate method (CXProviderDelegate) before this error. According to the documentation, providerDidReset can be called by the system, and we are supposed to end all active calls, but the documentation doesn't suggest recreating the CXProvider. Question Should I recreate CXProvider after providerDidReset and forget about that, or could this error be caused by something else?

I'd like to create a small helper app for new students do read/write User default settings. Since it was not possible using the UserDefaults class I decided to use the "/usr/bin/defaults". Unfortuntely it seems not to return anything. Debug output shows "Got data: 0 bytes" Here is a sample code: import SwiftUI func readDefaults(domain : String, key :String) -> String { let cmdPath = "/usr/bin/defaults" //let cmdPath = "/bin/ls" let cmd = Process() let pipe = Pipe() cmd.standardOutput = pipe cmd.standardError = pipe cmd.executableURL = URL(fileURLWithPath: cmdPath, isDirectory: false, relativeTo: nil) cmd.arguments = ["read", domain, key] //cmd.arguments = ["/", "/Library"] print("Shell command: \(cmdPath) \(cmd.arguments?.joined(separator: " ") ?? "")") var d : Data? do { try cmd.run() d = pipe.fileHandleForReading.readDataToEndOfFile() cmd.waitUntilExit() } catch let e as NSError { return "ERROR \(e.code): \(e.localizedDescription)" } catch { return "ERROR: call failed!" } // get pipe output and write is to stdout guard let d else { return "ERROR: Can't get pipe output from command!" } print("Got data: \(d)") if let s = String(data: d, encoding: String.Encoding.utf8) { print("Got result: \(s)") return s } else { return "ERROR: No output from pipe." } } struct ContentView: View { let foo = readDefaults(domain: "com.apple.Finder", key: "ShowHardDrivesOnDesktop") var body: some View { VStack { Text("ShowHardDrivesOnDesktop: \(foo.description)") } .padding() } } #Preview { ContentView() } This code works well e.g. for "ls" when the comments are changed for cmdPath and cmd.arguments. What do I miss in order to get it working with defaults?

Hi everyone, I'm building an iOS app that uses a DeviceActivityMonitor app extension as part of the Screen Time / Family Controls API. Every time I try to upload my IPA to App Store Connect, the validation fails with this error: "Invalid Info.plist value. The value of the NSExtensionPointIdentifier key, com.apple.deviceactivity.monitor, in the Info.plist of 'Alexandria.app/PlugIns/AlexandriaActivityMonitor.appex' is invalid." Error Domain=IrisAPI Code=-19241, iris-code=STATE_ERROR.VALIDATION_ERROR What I have verified (everything looks correct): NSExtensionPointIdentifier = com.apple.deviceactivity.monitor NSExtensionPrincipalClass = AlexandriaActivityMonitor.AlexandriaActivityMonitorExtension (correctly resolved in the compiled binary, verified with plutil -p) The Swift class correctly subclasses DeviceActivityMonitor CFBundleShortVersionString matches the main app Both the main app and extension provisioning profiles explicitly contain com.apple.developer.family-controls = true (verified by inspecting embedded.mobileprovision inside the IPA) The binary code signature itself contains com.apple.developer.family-controls = true (verified with codesign -d --entitlements :-) Family Controls entitlement was requested and approved in the Developer Portal for both App IDs Tested with both Xcode 26.2 (iOS 26 SDK) and Xcode 16.4 (iOS 18 SDK) — same error in both cases The IPA is structurally correct. The error comes purely from Apple's server-side IrisAPI validator and does not correspond to anything I can identify or fix in the code or configuration. Has anyone successfully submitted an app with a DeviceActivityMonitor extension to App Store Connect recently? Is there a backend approval requirement for com.apple.deviceactivity.monitor beyond the standard Family Controls entitlement approval? Could this be a known validator bug for this specific extension type? Any help appreciated.

Hello, I am the developer of an app called one sec which helps users to spend less time on social media: https://one-sec.app Therefore, we make heavy use of the Screen Time API, and thus ManagedSettings and ShieldActionDelegate. One feature of one sec is the so-called “Doom Scroll Emergency Brake”. This blocks a target app after a certain usage threshold (e.g. 5 minutes) and requires going through an intervention (e.g. breathing exercise) to unlock more time. That added friction makes it very effective in reducing time spent on apps. One thing that is confusing for our users is the way they are prompted to unlock more time, if they want to. They have to: Have Push Notifications enabled for one sec Exempt one sec’s notifications from being delayed by AI prioritization (otherwise they are delayed by ca. 10s) Ensure that push notifications can be delivered during foci. Understand that they have to tap on the notification, which is not very straight-forward because it does not make sense from the user’s UX perspective. This is an artificial limitation of Apple’s screen time framework which has no reason (no security / privacy implications here…). Screenshots of the current flow attached. If would be much more reasonable if there was a new ShieldActionResponse.openParentApp value that can be returned from the completion handler of the ShieldActionDelegate.handle(…) callback. We have seen different apps use private API to achieve this, but we are afraid to do the same to avoid getting banned from the App Store. It would be fair if Apple would level the playground for all apps and offer such an API officially. – Frederik PS: Tracked under FB22347946, FB18846650, FB15500681, FB15079668, FB10393561 (all without responses so far…)

When I launch the Quick Look Preview Extension target in Xcode, an app called Quick Look Simulator opens with an almost empty window: Online I read that the Terminal command qlmanage allows to test Quick Look plugins (which I think were an older format for creating Quick Look extensions), but running qlmanage -p /path/to/previewed/file -c public.text -g /path/to/QuickLookPreviewExtension.appex (where QuickLookPreviewExtension.appex is generated by the Xcode build and is located in the DerivedData folder) gives an error Can't get generator at QuickLookPreviewExtension.appex How can I debug a Quick Look Preview Extension?

The Numbers.app reopens the last edited document when the app launches. If the document was moved to another folder in the Files.app while the app was not running, Numbers.app correctly tracks the file and reopens it. However, if the document was deleted in the Files.app and moved to Recently Deleted, Numbers.app does not reopen the document when the app launches. Question : How does Numbers.app detect that a document has been moved to Recently Deleted? Can third-party apps implement the same behavior? What I tested : If a file is moved while the app is not running, resolving a bookmark successfully tracks the moved file. Files that are deleted via the Files.app appear in Recently Deleted, but those files are actually moved to the following directories: iCloud Drive /var/mobile/Library/Mobile Documents/.Trash/ On My iPad /var/mobile/Containers/Shared/AppGroup/{UUID}/File Provider Storage/.Trash/ App sandbox Documents directory ([On My iPad]/[Any App]) /var/mobile/Containers/Data/Application/{UUID}/Documents/.Trash/ When resolving the bookmark after deletion, the bookmark still resolves successfully and returns the new file URL inside the .Trash directory. I tried the following checks on the resolved URL: Checking file existence Checking read/write accessibility Inspecting bookmark resolution results Using APIs related to NSTrashDirectory See https://developer.apple.com/forums/thread/813329#813329021 All of these behaved the same as when the file was moved to a normal directory. None of these checks allowed me to detect that the file had been deleted. Additional experiment: I suspected that the app might simply check whether the path contains ".Trash", so I performed the following experiment. If a .numbers file is moved to /var/mobile/Containers/Data/Application/{UUID}/Documents/.Trash/ then The file appears in Recently Deleted in Files.app Numbers.app does not reopen the document when the app launches However, if the same file is moved to Documents/Trash Documents/.Trashed Documents/Any Folder/.Trash then The file does not appear in Recently Deleted in Files Numbers does reopen the document when launched This suggests that Numbers.app is not simply checking whether the path contains ".Trash".

Similar Issue to FB13556935: On iOS 26.3.1, deviceactivityd produces zero log output and never wakes a DeviceActivityMonitor extension at the scheduled time, even when the schedule is successfully registered. The extension's intervalDidStart(for:) method is never called. Steps to Reproduce: Create an app with a DeviceActivityMonitor extension subclass Add the com.apple.developer.family-controls entitlement to both the main app and extension targets Add a shared App Group entitlement to both targets In the main app, call: let center = DeviceActivityCenter() center.stopMonitoring([.myActivity]) let schedule = DeviceActivitySchedule( intervalStart: DateComponents(hour: 17, minute: 30), intervalEnd: DateComponents(hour: 17, minute: 45), repeats: true ) try center.startMonitoring(.myActivity, during: schedule) Verify registration succeeds: DeviceActivityCenter().activities.contains(.myActivity) returns true Background the app completely and wait for the intervalStart time (5:30 PM in this example) Expected Result: intervalDidStart(for:) is called in the extension process at 5:30 PM. ManagedSettings shields are applied without any user interaction. Actual Result: intervalDidStart(for:) is never called. No extension process is launched. Filtering Console.app for deviceactivityd on the device returns 0 messages — the daemon produces no logs whatsoever despite an active registered schedule. Shields are never applied. Additional Evidence: Third-party apps using DeviceActivity (e.g. Prayer Lock) successfully apply shields at scheduled times on the same device and OS version, confirming the framework is not universally broken Filtering Console.app for the app's bundle ID at the trigger time shows the main app process applying shields via a UNCalendarNotificationTrigger fallback — but no extension process activity DeviceActivityCenter().activities correctly lists the registered activity before and after the trigger time, confirming the schedule registration API is functional Environment: iOS 26.3.1 Physical device (required for FamilyControls) Development-signed build with com.apple.developer.family-controls entitlement provisioned App Group shared between main app and extension targets

We have an application which is written in Swift, which activates Transparent Proxy network extension. We are using Jamf MDM profile for deployment. To avoid the user deleting / disabling the extension from General -> LogIn Items & Extension -> Network Extensions screen, we are using "Non-removable system extensions from UI" attribute under Allowed System Extensions and Teams IDs section. In new Mac OS 26 (Tahoe), user can also enable/disable the extension from General -> LogIn Items & Extension -> Apps tab. The "Non-removable system extensions from UI" attribute set in Jamf MDM profile does not apply to this tab. Same attribute is working for General -> LogIn Items & Extension -> Extensions tab and there the slider is greyed out and Remove option is not available under more menu. Is there any new key/configuration defined to disable the slider from General -> LogIn Items & Extension -> Apps tab? Created https://feedbackassistant.apple.com/feedback/18198031 - FB18198031 feedback assistant ticket as well.

I'd like to set my macOS app written in Swift as default app when opening .mp4 file. I think I can do it with setDefaultApplication(at:toOpen:completion:). https://developer.apple.com/documentation/appkit/nsworkspace/3753002-setdefaultapplication However, permission error occurs when I use it. The error is: Error Domain=NSCocoaErrorDomain Code=256 "The file couldn’t be opened." UserInfo={NSUnderlyingError=0x6000031d0150 {Error Domain=NSOSStatusErrorDomain Code=-54 "permErr: permissions error (on file open)"}} I tried to give my app full-disk access, but it didn't work. I also tried to use setDefaultApplication(at:toOpenFileAt:completion:), then it works with no error, but it effects on only one file. What I want to do is to set my app as default app of all .mp4 files. How do I achieve this? My code is like below: let bundleUrl = Bundle.main.bundleURL NSWorkspace.shared.setDefaultApplication(at: bundleUrl, toOpen: .mpeg4Movie) { error in print(error) } Thank you.

We now know the IsEligibleForAgeFeatures API is NOT returning True in Brazil at least 2 days past compliance date, and we don't know if that's the right API, or how it behaves. Folks here: Is there anyone here from Brazil who has tested out this 26.4 API? Has anyone tested out the regulatory feature API? Does it return something like declaredAgeRangeRequired? I don't know how to test it in Brazil without sandbox/physically in Brazil. Much appreciated!!

From the Feb 24 news, I understand that for all Apple users in Brazil with iOS26.2 and newer, isEligibleForAgeFeatures will eventually return true. Brazil is a "nonregulated region", and developers will need to handle all three situations of ask first/always share/never share. Please correct me if I'm wrong above. A few questions follow on the eligibility check: What's the return value of IsEligibleForAgeFeatures for a Brazilian user who has NOT touched the age range feature at all, thus hasn't picked one of the three options? How can we test these cases? From the updated sandbox doc, there's more information on declined/approved, will those the same behaviors as a future Brazilian user? The doc used to say Texas, now it doesn't say any region. On which date will Apple START to return true for IsEligibleForAgeFeatures for Brazilian users? I cannot find the exact date anywhere. Will ALL of Brazil return true overnight, or is there some ramp up that developers need to be aware of? Thanks a lot for sharing the guidance, and thanks in advance for more guidance to come!

Summary I'm using Background Assets to download Apple-hosted Asset Packs(downloadPolicy = onDemand). The first download cancellation succeeds, but on the second and subsequent downloads, progress.cancel() fails to work and the download completes to the end. Environment iOS 26.0 – 26.3 RC (all produce the same result) Xcode Version 26.2 (17C52) Using Apple-hosted Asset Packs Steps to Reproduce Start downloading an Asset Pack Call progress.cancel() during download → Succeeds Start downloading the same Asset Pack again Call progress.cancel() during download → Fails (download completes to the end) Observed Error Logs After 1st cancellation: A download with the ID "X-XXXXXXXX-XXX" failed: Error Domain=NSURLErrorDomain Code=-999 "cancelled" ↑ This is expected (cancellation succeeded) The fact that version 0 of the asset pack with the ID "X-XXXXXX-XXX" finished being downloaded couldn't be reported: Error Domain=NSCocoaErrorDomain Code=3851 "Property list invalid for format: 200 (property lists cannot contain objects of type 'CFError')" ↑ Problem: Unable to serialize CFError to plist 2nd cancellation attempt: The download with the ID "X-XXXXXX-XXX" couldn't be canceled: Error Domain=BAErrorDomain Code=113 "The requested download operation failed because the download object did not exist." ↑ The download object we're trying to cancel supposedly doesn't exist Implementation Code // Cancel implementation func cancel(tag: String) async { let statusUpdates = AssetPackManager.shared.statusUpdates(forAssetPackWithID: tag) for await statusUpdate in statusUpdates { if case .downloading(_, let progress) = statusUpdate, progress.isCancellable { progress.cancel() } } } Analysis It appears that when the first cancellation occurs, the system internally tries to save the cancellation state to a plist, but fails to serialize the CFError object. This seems to cause an inconsistent internal state, preventing the system from correctly recognizing the download object on subsequent downloads. Questions Is there a workaround? Is there a planned fix for a future iOS version?

Hi community. It's my first time trying WatchConnectivity kit. When I attempt to send ApplicationContext from phone, my debug print indicates that updateApplicationContext is working correctly. However, I'm having trouble receiving it form the paired watch simulator as nothing is shown on that end. Here are the code for the Phone Extension:     func sendDataToWatch(data: String) {         state.append(data)         do {             NSLog("sent by phone")             try WCSession.default.updateApplicationContext(["currentstate": state])         }         catch {             print(error)         }     } Here are the code for watch: func session(_ session: WCSession, didReceiveApplicationContext applicationContext: [String: Any]) {         print("Hello")         if let getState = applicationContext["currentstate"] as? [String]{             print("\(getState)")             self.state = getState[0]         }     } Any suggestion would be appreciated!

I decode an object with NSKeyedArchiver (SecureCoding): typealias BoolArray = Array<Array<Bool>> let val = decoder.decodeObject(of: NSArray.self, forKey: someKey) as? BoolArray I get the following log: *** -[NSKeyedUnarchiver validateAllowedClass:forKey:] allowed unarchiving safe plist type ''NSNumber' (0x204cdbeb8) [/System/Library/Frameworks/Foundation.framework]' for key 'NS.objects', even though it was not explicitly included in the client allowed classes set: '{( "'NSArray' (0x204cd5598) [/System/Library/Frameworks/CoreFoundation.framework]" )}'. This will be disallowed in the future. I changed by adding NSNumber.self in the list : let val = decoder.decodeObject(of: [NSArray.self, NSNumber.self], forKey: someKey) as? BoolArray No more warning in log. Is there a reason for this ?

Hello, We are using a Message Filter Extension (ILMessageFilterExtension) to classify SMS/iMessage content (junk vs allow) in our app. After testing on iOS 26.1, we want to confirm whether there are any behavioral, performance, or API-level changes that impact message filtering, such as: Changes in how often the filter extension is invoked Differences in classification accuracy or system overrides New privacy, entitlement, or permission-related restrictions Execution time limits or memory constraints Any changes specific to iMessage vs SMS filtering We did not find any explicit mention of Message Filter Extensions in the iOS 26.1 release notes and would like to confirm whether the existing behavior from previous iOS versions remains unchanged. Has Apple introduced any known or undocumented changes in iOS 26.1 that developers should be aware of when supporting Message Filter Extensions? Sometime I also found unpredictable behaviour on iOS version 18.5 or below, like sometime it works but sometimes starts working. Thanks in advance for any guidance.

Hello, I have noticed that the ShieldConfiguration is only requested when opening a target app, and never when the application token is moved to a different shield while the target app remains in foreground. This causes problems because many times the wrong ShieldConfiguration is displayed (recycled) instead of requesting a new ShieldConfiguration. This bug has been around since the introduction of the Screen Time API in 2020 and is has not been addressed. Bug reports: FB14237883 FB17902392 Please fix asap!! Not acceptable to have bugs not being addressed for more than 5 years. Most concerning: This is still reproducing on iOS 26 beta 7!! Thanks a lot for your help.

How to programmatically check if ApplicationToken or ActivityCategoryToken is expired in FamilyActivityPicker? I'm building a Screen Time-based parental control app using FamilyControls and ManagedSettings. We use FamilyActivityPicker to allow the user to select apps and categories to restrict, and we apply the shield using: store.shield.applications = .specific(selection.applicationTokens) store.shield.applicationCategories = .specific(selection.categoryTokens) Sometimes, we observe that the shield silently fails to apply — no error is thrown, but the restrictions aren't enforced. I suspect this may be due to expired or invalid tokens, possibly if the app was removed or the selection became stale. My Questions: Can ApplicationToken or ActivityCategoryToken expire or become invalid over time? If yes, is there a supported or recommended way to detect whether a token is still valid before applying it to the shield? Is comparing the current shield values (store.shield.applications and store.shield.applicationCategories) after applying them a reliable validation method? What's the best practice to handle expired tokens (e.g. re-prompt the FamilyActivityPicker, or show a fallback)? What Is the Expiration Duration of Tokens from FamilyActivityPicker? Any guidance or insight from the Screen Time/FamilyControls team would be greatly appreciated! Thank you!

There are many units which are inverse of standard units, e.g. wave period vs Hz, pace vs speed, Siemens vs Ohms, ... Dimension can be subclassed to create the custom units. How to extend Measurement.converted( to: )? I was looking at somehow using UnitConverter and subclass to something like UnitConverterInverse. Thoughts?

Is there a way to enumerate all files within a folder of an asset pack or just all files in general? My application is using the Apple demo code to load a file from an Apple hosted asset pack: let descriptor = try AssetPackManager.shared.descriptor(for: "NAV/NavData.db3") defer { try descriptor.close() } if let path = path(for: descriptor) { self.database = try Database(path: path) } As my "Navigation Data" is updated each month with an updated asset pack I would like to have the name of the .db3 file reflect the current data cycle (e.g. NAV2601.db3, NAV2602.db3, ...) Ideally I would like to iterate over all files within the NAV folder of the current asset pack and pick the most recent one. Unfortunately, neither the AssetPackManager nor the AssetPack object seem to include an API for this. It would be cool to have something like: let files = try AssetPackManager.shared.files(for: "NAV/") for file in files { //Check and load }