We are experimenting with FileProvider on MacOS, we want to set ACL policy restriction on a folder and the same policy needs to be applied down to its children. To achieve this currently we are setting corresponding NSFileProviderItemCapabilities on parent folder and recursively iterate over all of its children and set the capability on each individual child items. GOAL: We expect the root's ACL policy to be implicitly percolated down to its children without explicitly being iterated over them and setting it individually. From our research, we couldn't find any policy that can help us achieve the above goal. If there are any such provisions in FileProvider, please guide us to them.

I am getting report of a crash occurring, while doing a NFC HCE CardSession. The swift code is mostly the same as the example from the CardSession docs: @objc func deviceSupportsNFC (_ call: CAPPluginCall) { call.keepAlive = true let supportsNFCCallbackId = call.callbackId! Task() { guard NFCReaderSession.readingAvailable, CardSession.isSupported, // <-- line 86 await CardSession.isEligible else { print(TAG + " HCE not allowed/available") var support = JSObject() support["supported"] = false; let callback = bridge?.savedCall(withID: supportsNFCCallbackId) call.resolve(); callback?.resolve(support); return; } print(TAG + " HCE allowed") var support = JSObject() support["supported"] = true; let callback = bridge?.savedCall(withID: supportsNFCCallbackId) call.resolve(); callback?.resolve(support); } } Calling it from my plugin, to verify if (HCE) NFC is supported: if(await deviceInfoService.isIos()) { if(iosSupportEnabled === false) { console.log("NfcHceService:iOS but disabled"); return; } this.requiresManualTrigger = true; DfsNfcHce.deviceSupportsNFC((supportObj) => { const support = supportObj?.supported ?? false; this.hceSupported = support; }); } else { this.hceSupported = true; } The crash report i get via Crashlytics is below. It's specifying the error occurs at line 86 (marked it in my code above) The error seems to be in the CoreNFC (NFCHardwareManager areFeaturesSupported). # Crashlytics - Stack trace # Application: com.wodanbrothers.dyflexis # Platform: apple # Version: 2025.04.101356 (1744977392) # Issue: c3a293fbfa73c64f59f92c4b4cdfeb83 # Session: 5c64465c452c41e3abb1ba9f970b54c0_DNE_0_v2 # Date: Wed May 07 2025 07:56:11 GMT+0200 (Central European Summer Time) Fatal Exception: NSInvalidArgumentException 0 CoreFoundation 0x11a2ec __exceptionPreprocess 1 libobjc.A.dylib 0x31a7c objc_exception_throw 2 CoreFoundation 0x18467c +[NSObject(NSObject) _copyDescription] 3 CoreFoundation 0x31b84 ___forwarding___ 4 CoreFoundation 0x314f0 _CF_forwarding_prep_0 5 CoreNFC 0x2ac40 -[NFCHardwareManager areFeaturesSupported:outError:] 6 CoreNFC 0x2b184 -[NFCHardwareManager areFeaturesSupported:expiry:completion:] 7 CoreNFC 0x2f9d8 block_destroy_helper.5 8 Dyflexis 0x5c08 closure #1 in DfsNfcHcePlugin.deviceSupportsNFC(_:) + 86 (DfsNfcHcePlugin.swift:86) 9 Dyflexis 0x7f8d <deduplicated_symbol> 10 Dyflexis 0x7725 specialized thunk for @escaping @isolated(any) @callee_guaranteed @async () -> (@out A) (<compiler-generated>) 11 Dyflexis 0x77fd <deduplicated_symbol> 12 libswift_Concurrency.dylib 0x65241 completeTaskWithClosure(swift::AsyncContext*, swift::SwiftError ... Crashed: com.google.firebase.crashlytics.ios.exception 0 FirebaseCrashlytics 0x1b658 FIRCLSProcessRecordAllThreads + 172 1 FirebaseCrashlytics 0x1ba64 FIRCLSProcessRecordAllThreads + 1208 2 FirebaseCrashlytics 0x13adc FIRCLSHandler + 48 3 FirebaseCrashlytics 0xe9d4 __FIRCLSExceptionRecord_block_invoke + 92 4 libdispatch.dylib 0x1b584 _dispatch_client_callout + 16 5 libdispatch.dylib 0x11728 _dispatch_lane_barrier_sync_invoke_and_complete + 56 6 FirebaseCrashlytics 0xe260 FIRCLSExceptionRecord + 204 7 FirebaseCrashlytics 0xe4f8 FIRCLSExceptionRecordNSException + 452 8 FirebaseCrashlytics 0xdeb8 FIRCLSTerminateHandler() + 396 9 libc++abi.dylib 0x158b4 std::__terminate(void (*)()) + 16 10 libc++abi.dylib 0x18e1c __cxa_get_exception_ptr + 86 11 libc++abi.dylib 0x18dc4 __cxxabiv1::failed_throw(__cxxabiv1::__cxa_exception*) + 90 12 libobjc.A.dylib 0x31be4 objc_exception_throw + 448 13 CoreFoundation 0x18467c +[NSObject(NSObject) _copyDescription] + 362 14 CoreFoundation 0x31b84 ___forwarding___ + 1492 15 CoreFoundation 0x314f0 _CF_forwarding_prep_0 + 96 16 CoreNFC 0x2ac40 -[NFCHardwareManager areFeaturesSupported:outError:] + 364 17 CoreNFC 0x2b184 -[NFCHardwareManager areFeaturesSupported:expiry:completion:] + 96 18 CoreNFC 0x2f9d8 block_destroy_helper.5 + 8028 19 Dyflexis 0x5c08 closure #1 in DfsNfcHcePlugin.deviceSupportsNFC(_:) + 86 (DfsNfcHcePlugin.swift:86) 20 libswift_Concurrency.dylib 0x5c134 swift::runJobInEstablishedExecutorContext(swift::Job*) + 292 21 libswift_Concurrency.dylib 0x5d5c8 swift_job_runImpl(swift::Job*, swift::SerialExecutorRef) + 156 22 libdispatch.dylib 0x13db0 _dispatch_root_queue_drain + 364 23 libdispatch.dylib 0x1454c _dispatch_worker_thread2 + 156 24 libsystem_pthread.dylib 0x4624 _pthread_wqthread + 232 25 libsystem_pthread.dylib 0x19f8 start_wqthread + 8 ...

I am currently developing an auto-renewal subscription in-app purchase for my app. Currently, the subscription items have already been approved in appStoreConnect, and the .store file is synced with appStoreConnect, so the subscription items are displayed well and the test is also progressing well. However, when I build without using the .store file to perform sandbox testing, the subscription items do not appear and response.invalidProductIdentifiers appears. Is there anything I need to do additionally so that the subscription items can appear in response.products? ps. The bank account item in the contract is in 'processing' status, and the paid app contract status is 'waiting for user information'.

sending the following POST request: ---- HTTP REQUEST ---- POST https://appleid.apple.com/auth/token Headers: Content-Type: application/x-www-form-urlencoded Body: client_id=au.com.thejlrguy.businesschat&client_secret=eyJhbGciOiJFUzI1NiIsImtpZCI6IktLUDc4MkhGVTcifQ.eyJ...QeDn7ug&grant_type=client_credentials&scope=https%3A%2F%2Fappleid.apple.com Getting the below error: {"error":"invalid_client"} The private key used to sign the JWT was created 24 hours ago.

I can't access the CloudKit Console. It started to be unresponsive for hours today. It looks like sync'ing is still working, but I would like to reset the environment during my development! Is it possible to control CloudKit Console using the command line?

I am using CLLocationUpdate.liveUpdates() to build a location sharing app. Most of the time it works fine, including in the background, giving acceptably frequent updates. However, soon after the user puts their phone away for the night, the updates stop coming. I've checked all the instance properties (.stationary, .locationUnavailable, etc.) but none of them are ever set to true, even for the last update before updates end. Is there some way to keep the updates coming through the night? I've included some relevant parts of my code here: func startLocationUpdates() { if self.manager.authorizationStatus == .notDetermined { self.manager.requestWhenInUseAuthorization() } Task { do { self.background = CLBackgroundActivitySession() self.session = CLServiceSession(authorization: CLServiceSession.AuthorizationRequirement.always) let updates = CLLocationUpdate.liveUpdates() for try await update in updates { if let loc = update.location { BackgroundServiceKt.onLocationUpdate(arg: loc) } // check all the instance properties } } catch { // error } return } } class AppDelegate: NSObject, UIApplicationDelegate { func application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey : Any]? = nil) -> Bool { LocationsHandler.shared.startLocationUpdates() return true } }

Hi I am implement my app with Core NFC , I found the module have their own UI , can I implement without the UI? we want the NFC scanning in background , not blocking the UI.

I have a 4-input, 4-output hardware device and an 8-input, 8-output virtual device, which I combine into an aggregate device. I am using the SimplyCoreAudio library to get the channel count. The code is as follows: aggregationDevice!.channels(scope: .input) =>> 12 aggregationDevice!.channels(scope: .output) =>> 12 When the program's MicrophoneMode is set to standard, the channel count is correct. However, when I set the MicrophoneMode to voiceIsolation, the channel count is incorrect: aggregationDevice!.channels(scope: .input) =>> 4 aggregationDevice!.channels(scope: .output) =>> 12 Below is the code for creating the aggregate device： func createAggregateDevice(mainDevice: AudioDevice, secondDevice: AudioDevice?, named name: String, uid: String) -> AudioDevice? { guard let mainDeviceUID = mainDevice.uid else { return nil } var deviceList: [[String: Any]] = [ [ kAudioSubDeviceUIDKey: mainDeviceUID, kAudioSubDeviceDriftCompensationKey:1 ] ] // make sure same device isn't added twice if let secondDeviceUID = secondDevice?.uid, secondDeviceUID != mainDeviceUID { deviceList.append([ kAudioSubDeviceUIDKey: secondDeviceUID, kAudioSubDeviceDriftCompensationKey:1, kAudioSubDeviceInputChannelsKey:8 ]) } let desc: [String: Any] = [ kAudioAggregateDeviceNameKey: name, kAudioAggregateDeviceUIDKey: uid, kAudioAggregateDeviceSubDeviceListKey: deviceList, kAudioAggregateDeviceMainSubDeviceKey: mainDeviceUID, kAudioAggregateDeviceIsPrivateKey:false, ] var deviceID: AudioDeviceID = 0 let error = AudioHardwareCreateAggregateDevice(desc as CFDictionary, &deviceID) guard error == noErr else { return nil } return AudioDevice.lookup(by: deviceID) } I hope someone can tell me the reason Thank you！

I'm experiencing issues with didRegisterForRemoteNotificationsWithDeviceToken not being called on iOS 18.1.1. Here's what I've tried: Basic Setup: Properly configured UNUserNotificationCenter Requested permissions with requestAuthorization(options:) Registered for remote notifications with registerForRemoteNotifications() Environment: Xcode 16.3 iOS 18.1.1 (physical device) Firebase (tried with and without it) Troubleshooting: Verified provisioning profile includes Push Notifications Confirmed APNs certificate is valid Disabled Firebase's method swizzling Tested on a clean project (works fine) Checked device logs (no relevant errors) Code Snippet: // In AppDelegate.swift public func application(_ application: UIApplication, didRegisterForRemoteNotificationsWithDeviceToken deviceToken: Data) { let tokenParts = deviceToken.map { data in String(format: "%02.2hhx", data) } let tokenString = tokenParts.joined() print("📱 Device Token: \(tokenString)") // Store the token for your backend UserDefaults.standard.set(tokenString, forKey: "deviceToken") // Send to backend Task { do { try await APIService.shared.setDeviceToken(tokenString) } catch { print("❌ [AppDelegate] Failed to send device token to backend: \(error)") } } } public func application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey: Any]? = nil) -> Bool { // IMPORTANT: First handle push notification registration UNUserNotificationCenter.current().delegate = self // Request notification permissions self.requestNotificationPermissions() // Register for remote notifications DispatchQueue.main.async { UIApplication.shared.registerForRemoteNotifications() } return true } private func requestNotificationPermissions() { UNUserNotificationCenter.current().requestAuthorization(options: [.alert, .badge, .sound]) { granted, error in guard granted else { print("❌ Notification permission not granted") return } print("✅ Notification permission granted") } }

Hi Team, I’ve successfully implemented the subscription flow for my app. However, I’m currently facing challenges related to testing the cancellation behavior for auto-renewable subscriptions. Specifically: I’m unable to locate the correct payload structure for the following test endpoint: https://api.storekit-sandbox.itunes.apple.com/inApps/v1/notifications/test I’m also unclear on how to simulate or complete the full lifecycle of a subscription (including cancellation) using Apple’s sandbox environment or APIs. Could you please guide me on how to: Retrieve or construct the proper payload for the test notification API? Simulate a cancellation flow end-to-end in the sandbox for auto-renewable subscriptions?

Say I want to sync a toggle in my app with SMAppService's .status property. If the status changes from my app I can track it. But if user toggles it from System Settings, I don't see a notification so then the UI in my app is out of date. The status property is not key value observable and there doesn't appear to be a SMAppServiceStatusDidChangeNotification ? I can re-read it every time my app will become active but feels kind of wrong to do it this way.

I wrote a simple program to hide the build-in camera by entitlement restriction as DTS suggested in the post: https://developer.apple.com/forums//thread/784511?answerId=839753022#839753022 But the program failed as the error message: Fail to open service: 0xe00002e6: Caller is not entitled to connect to EndpointSecurity. How can I apply for the entitlement to run the program? Is there any other solution to resolve hide build-in camera?

Hello Devs, I'm encountering a persistent INTERNAL_ERROR (HTTP 500) when making Server-to-Server API calls to CloudKit, specifically when trying to hit the /users/current endpoint, even after meticulously verifying all client-side components. I'm hoping someone might have insight into what could cause this. Context: Goal: Authenticate to CloudKit from a Vercel Serverless Function (Node.js) to perform operations like record queries. Problem Endpoint: POST https://api.apple-cloudkit.com/database/1/iCloud.com.dannybaseball.Danny-Baseball/production/public/users/current Key Generation Method: Using the CloudKit Dashboard's "Tokens &amp; Keys" -&gt; "New Server-to-Server Key" flow, where I generate the private key using openssl ecparam -name prime256v1 -genkey -noout -out mykey.pem, then extract the public key using openssl ec -in mykey.pem -pubout, and paste the public key material (between BEGIN/END markers) into the dashboard. The private key was then converted to PKCS#8 format using openssl pkcs8 -topk8 -nocrypt -in mykey.pem -out mykey_pkcs8.pem. Current Setup Being Tested (in a Vercel Node.js function): CLOUDKIT_CONTAINER: iCloud.com.dannybaseball.Danny-Baseball CLOUDKIT_KEY_ID: 9368dddf141ce9bc0da743b9f69bc3eda132b9bb3e62a4167e428d4f320b656e (This is the Key ID generated from the CloudKit Dashboard for the public key I provided). CLOUDKIT_P8_KEY (Environment Variable): Contains the base64 encoded string of the entire content of my PKCS#8 formatted private key file. Key Processing in Code: const p8Base64 = process.env.CLOUDKIT_P8_KEY; const privateKeyPEM = Buffer.from(p8Base64, 'base64').toString('utf8'); // This privateKeyPEM string starts with "-----BEGIN PRIVATE KEY-----" and ends with "-----END PRIVATE KEY-----" const privateKey = crypto.createPrivateKey({ key: privateKeyPEM, format: 'pem' }); // This line SUCCEEDS without DECODER errors in my Vercel function logs. Use code with caution. JavaScript Request Body for /users/current: "{}" Signing String (message = Date:BodyHash:Path): Date: Correct ISO8601 format (e.g., "2025-05-21T19:38:11.886Z") BodyHash: Correct SHA256 hash of "{}", then Base64 encoded (e.g., "RBNvo1WzZ4oRRq0W9+hknpT7T8If536DEMBg9hyq/4o=") Path: Exactly /database/1/iCloud.com.dannybaseball.Danny-Baseball/production/public/users/current Headers: X-Apple-CloudKit-Request-KeyID: Set to the correct Key ID. X-Apple-CloudKit-Request-ISO8601Date: Set to the date used in the signature. X-Apple-CloudKit-Request-SignatureV1: Set to the generated signature. X-Apple-CloudKit-Environment: "production" Content-Type: "application/json" Observed Behavior &amp; Logs: The Node.js crypto.createPrivateKey call successfully parses the decoded PEM key in my Vercel function. The request is sent to CloudKit. CloudKit responds with HTTP 500 and the following JSON body (UUID varies per request): { "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", "serverErrorCode": "INTERNAL_ERROR" } Use code with caution. Json This happens consistently. Previously, with other key pairs or different P8 processing attempts, I was getting AUTHENTICATION_FAILED (401) or local DECODER errors. Now that the key parsing is successful on my end with this current key pair and setup, I'm hitting this INTERNAL_ERROR. Troubleshooting Done: Verified Key ID (9368dddf...) is correct and corresponds to the key generated via CloudKit Dashboard. Verified Container ID (iCloud.com.dannybaseball.Danny-Baseball) is correct. Successfully parsed the private key from the environment variable (after base64 decoding) within the Vercel function. Meticulously checked the signing string components (Date, BodyHash, Path) against Apple's documentation. Path format is /database/1////. Ensured all required headers are present with correct values. Local Node.js tests (bypassing Vercel but using the same key data and signing logic) also result in this INTERNAL_ERROR. Question: What could cause CloudKit to return an INTERNAL_ERROR (500) for a /users/current request when the client-side key parsing is successful and all request components (path, body hash for signature, date, headers) appear to conform exactly to the Server-to-Server Web Services Reference? Are there any known subtle issues with EC keys generated via openssl ecparam (and then converted to PKCS#8) that might lead to this, even if crypto.createPrivateKey parses them in Node.js? Could there be an issue with my specific Key ID or container that would manifest this way, requiring Apple intervention? Any insights or suggestions would be greatly appreciated. I can provide more detailed logs of the request components if needed. Thank you!

I am writing regarding an issue I have encountered while attempting to complete a payment using test users created within the Sandbox environment of Apple Pay. The problem persists specifically when trying to make payments through the demo page at https://applepaydemo.apple.com/. Problem Description: When initiating a payment process with either of the following test user accounts. The flow proceeds as follows: The Apple Pay window appears correctly. Processing begins but does not conclude successfully. After processing concludes, there is no prompt for 'Pay with Touch ID'. Additional Information: Device & OS Version: MacOS 15.3.2 Browser & Version: Safari 18.3.1 Real Device or Simulator: Real device used First Occurrence: Before January 1st, 2025 Custom Configurations or Backend Used: No custom configurations or backend modifications are being utilized during interaction with the demo page. Could you please provide assistance in resolving this issue?

Hi everyone, I recently migrated my individual Apple Developer account to an Organization account for my company "". My Team ID remained the same. I'm now facing persistent issues with code signing and push notifications for my iOS app (Bundle ID: com.).
 Current Problems:
 "Untitled" Certificates in Xcode: When I go to Xcode -> Settings -> Accounts -> [My Apple ID] -> Select "" Team -> "Manage Certificates...", a number of my newly created Apple Development and Apple Distribution certificates are listed древ "Untitled". Some older ones are "Revoked". (See attached screenshot if possible).
 "No App ID" for Push Notifications Console: In my app target's "Signing & Capabilities" tab, I've added the "Push Notifications" capability. However, when I click the info button to open the "Push Notifications Console", it states: "no app IDs: Register an App ID with the Push Notifications capability enabled to use the Push Notifications console." This is despite the fact that the Push Notifications capability IS enabled for my App ID com. in the Developer Portal, and I've configured an APNs Auth Key (.p8) for it.
 Push Notifications Not Received (from Backend): While I can successfully send a test push notification directly from the Firebase Console to my device's FCM token, notifications triggered by my backend (Firebase Cloud Functions writing to a Firestore collection, which then triggers another function to send via FCM) are not being delivered to iOS devices. (Android seems to be working more reliably now).
 Setup: Using an APNs Authentication Key (.p8) linked to my Organization Team ID in Firebase Cloud Messaging. Main App ID com. has "Push Notifications" capability enabled. Notification Service Extension com..ImageNotification also has its App ID and Provisioning Profile set up for the Organization team. Created new Development and Distribution certificates and Provisioning Profiles specifically for the Organization team. Using "Automatically manage signing" in Xcode with the Organization team selected for both the main app target and the extension target.
 Troubleshooting Done: Revoked old/problematic certificates and profiles. Recreated CSRs and new Development/Distribution certificates under the Organization team multiple times. Recreated Provisioning Profiles. Cleaned Derived Data in Xcode. Ensured Bundle Identifiers are consistent. Verified APNs Auth Key details (Key ID, Team ID) in Firebase.
 I suspect there's a fundamental issue with how Xcode is recognizing or linking the signing assets for my Organization team after the account type change, despite the Team ID being the same. The "Untitled" certificates are a major red flag.
 Has anyone encountered similar issues, particularly the "Untitled" certificates or the "No App ID" message for the Push Console, after an account migration or when working with Organization accounts? Any insights on how to resolve this would be greatly appreciated.
 Thanks,
Benni

For this code: let status = try await container.accountStatus() Seeing this error: 2025-05-08 15:32:00.945731-0500 localhost myAgent[2661]: (myDaemon.debug.dylib) [com.myDaemon.cli:networking] Error Domain=CKErrorDomain Code=6 "Error connecting to CloudKit daemon. This could happen for many reasons, for example a daemon exit, a device reboot, a race with the connection inactivity monitor, invalid entitlements, and more. Check the logs around this time to investigate the cause of this error." UserInfo={NSLocalizedDescription=Error connecting to CloudKit daemon. This could happen for many reasons, for example a daemon exit, a device reboot, a race with the connection inactivity monitor, invalid entitlements, and more. Check the logs around this time to investigate the cause of this error., CKRetryAfter=5, CKErrorDescription=Error connecting to CloudKit daemon. This could happen for many reasons, for example a daemon exit, a device reboot, a race with the connection inactivity monitor, invalid entitlements, and more. Check the logs around this time to investigate the cause of this error., NSUnderlyingError=0x600001bfc270 {Error Domain=NSCocoaErrorDomain Code=4099 UserInfo={NSDebugDescription= I initially started the this process as System Daemon to see what would happen (which obviously does not have CloudKit features). Then moved it back to /Library/LaunchAgents/ and can't get rid of that error. I see also following message from CloudKit daemon: Ignoring failed attempt to get container proxy for &lt;private&gt;: Error Domain=NSCocoaErrorDomain Code=4099 UserInfo={NSDebugDescription=&lt;private&gt;} Automatically retrying getting container proxy due to error for &lt;private&gt;: Error Domain=NSCocoaErrorDomain Code=4099 UserInfo={NSDebugDescription=&lt;private&gt;} XPC connection interrupted for &lt;private&gt; And this error for xpc service: [0x130e074b0] failed to do a bootstrap look-up: xpc_error=[3: No such process] If I start the same cli process directly from XCode, then it works just fine.

We have a setup where the system uses proxy settings configured via a PAC file. We are investigating how NWConnection behaves inside a Network Extension (NETransparentProxyProvider) with a transparent proxy configuration based on this PAC file. Scenario: The browser makes a connection which the PAC file resolves as "DIRECT" (bypassing the proxy) Our Network Extension intercepts this traffic for analysis The extension creates a new connection using NWConnection to the original remote address. The issue: despite the PAC file’s "DIRECT" decision, NWConnection still respects the system proxy settings and routes the connection through the proxy. Our questions: Is it correct that NWConnection always uses the system proxy if configured ? Does setting preferNoProxies = true guarantee bypassing the system proxy? Additionally: Whitelisting IPs in the Network Extension to avoid interception is not a viable solution because IPs may correspond to multiple services, and the extension only sees IP addresses, not domains (e.g., we want to skip scanning meet.google.com traffic but still scan other Google services on the same IP range). Are there any recommended approaches or best practices to ensure that connections initiated from a Network Extension can truly bypass the proxy (for example, for specific IP ranges or domains)?

I am reaching out to seek clarification on the usage of exit(0) within an iOS application under specific circumstances, as I have not been able to find concrete guidance on this in the App Store Review Guidelines Context of Our Application: We are developing a mobile game using Cocos2d-JS (Cocos2d-x JavaScript bindings). The game is built in C++ with JavaScript used for game logic, and it runs on both Android and iOS. Occasionally, due to an unrecoverable fatal JavaScript error (e.g., corrupted state or unexpected runtime crash), the game’s screen goes completely black. When this occurs, the rendering engine halts, user interaction becomes impossible, and the app enters a non-functional state. From this point, the only way to return to a working state is to manually terminate and relaunch the app. We are exploring a user-friendly solution where, upon detecting such a critical failure, we present a native UIAlertController to the user explaining the issue and informing them that the app needs to restart. Upon confirmation (i.e., tapping “OK”), we call exit(0) to gracefully close the app, so the user can relaunch it in a working state. Our Question: Is it acceptable to use exit(0) in this very limited and clearly explained context? The intention is to improve the user experience during unrecoverable fatal states that cannot be handled through standard UI or engine resets. I understand that the use of exit(0) is generally discouraged, but in our case: The user explicitly initiates the exit via a native prompt. The app is not quitting on its own or in response to a policy violation. We are not using exit(0) to bypass App Review or circumvent system behavior. There is no mention in the App Review Guidelines explicitly stating whether or not exit(0) is disallowed in such edge cases. Please confirm whether this approach aligns with Apple's policies, or suggest an alternative method for cleanly handling such irrecoverable errors on iOS? Looking forward to your guidance.

アプリ内課金を実装しようとしていますが、サーバサイドのセキュリティに関してについて質問です。 StoreKit２を使えばアプリとApp Store Connect間のレシート検証は不要だが、 購入情報をサーバーで管理する場合は アプリからサーバーに購入情報を渡す際にレシート検証する必要があると考えるがその認識であっているか教えていただきたいです。

Hi, We're in the process of following Apple’s guidance on transitioning away from Packet Filter (pf) and migrating to a Network Extension-based solution that functions as a firewall. During this transition, we've encountered several limitations with the current Content Filter API and wanted to share our findings. Our VPN client relies on firewall functionality to enforce strict adherence to split tunneling rules defined via the routing table. This ensures that no traffic leaks outside the VPN tunnel, which is critical for our users for a variety of reasons. To enforce this, our product currently uses interface-scoped rules to block all non-VPN traffic outside the tunnel. Replicating this behavior with the Content Filter API (NEFilterDataProvider) appears to be infeasible today. The key limitation we've encountered is that the current Content Filter API does not expose information about the network interface associated with a flow. As a workaround, we considered using the flow’s local endpoint IP to infer the interface, but this data is not available until after returning a verdict to peek into the flow’s data—at which point the connection has already been established. This can result in connection metadata leaking outside the tunnel, which may contain sensitive information depending on the connection. What is the recommended approach for this use case? NEFilterPacketProvider? This may work, but it has a negative impact on network performance. Using a Packet Tunnel Provider and purely relying on enforceRoutes? Would this indeed ensure that no traffic can leak by targeting a specific interface or by using a second VPN extension? And more broadly—especially if no such approach is currently feasible with the existing APIs—we're interpreting TN3165 as a signal that pf should be considered deprecated and may not be available in the next major macOS release. Is that a reasonable interpretation?