Team-scoped keys introduce the ability to restrict your token authentication keys to either development or production environments. Topic-specific keys in addition to environment isolation allow you to associate each key with a specific Bundle ID streamlining key management. For detailed instructions on accessing these features, read our updated documentation on establishing a token-based connection to APNs.

General: Forums subtopic: App & System Services > Core OS Forums tags: Files and Storage, Foundation, FSKit, File Provider, Finder Sync, Disk Arbitration, APFS Foundation > Files and Data Persistence documentation Low-level file system APIs are documented in UNIX manual pages File System Programming Guide archived documentation About Apple File System documentation Apple File System Guide archived documentation File system changes introduced in iOS 17 forums post On File System Permissions forums post Extended Attributes and Zip Archives forums post Unpacking Apple Archives forums post Creating new file systems: FSKit framework documentation Building a passthrough file system sample code File Provider framework documentation Finder Sync framework documentation App Extension Programming Guide > App Extension Types > Finder Sync archived documentation Managing storage: Disk Arbitration framework documentation Disk Arbitration Programming Guide archived documentation Mass Storage Device Driver Programming Guide archived documentation Device File Access Guide for Storage Devices archived documentation BlockStorageDeviceDriverKit framework documentation Volume format references: Apple File System Reference TN1150 HFS Plus Volume Format Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = "eskimo" + "1" + "@" + "apple.com"

Given that I have enabled System Settings -> General -> Software Update -> Beta Updates -> macOS Tahoe 26 Developer Beta. When I run the following command: softwareupdate --list-full-installers I'm not seeing macOS 26 within the resulting list: ➜ softwareupdate --list-full-installers Finding available software Software Update found the following full installers: * Title: macOS Sequoia, Version: 15.5, Size: 15283299KiB, Build: 24F74, Deferred: NO * Title: macOS Sequoia, Version: 15.4.1, Size: 15244333KiB, Build: 24E263, Deferred: NO * Title: macOS Sequoia, Version: 15.4, Size: 15243957KiB, Build: 24E248, Deferred: NO * Title: macOS Sequoia, Version: 15.3.2, Size: 14890483KiB, Build: 24D81, Deferred: NO * Title: macOS Sequoia, Version: 15.3.1, Size: 14891477KiB, Build: 24D70, Deferred: NO * Title: macOS Sonoma, Version: 14.7.6, Size: 13338327KiB, Build: 23H626, Deferred: NO * Title: macOS Sonoma, Version: 14.7.5, Size: 13337289KiB, Build: 23H527, Deferred: NO * Title: macOS Sonoma, Version: 14.7.4, Size: 13332546KiB, Build: 23H420, Deferred: NO * Title: macOS Ventura, Version: 13.7.6, Size: 11910780KiB, Build: 22H625, Deferred: NO * Title: macOS Ventura, Version: 13.7.5, Size: 11916960KiB, Build: 22H527, Deferred: NO * Title: macOS Ventura, Version: 13.7.4, Size: 11915317KiB, Build: 22H420, Deferred: NO * Title: macOS Monterey, Version: 12.7.4, Size: 12117810KiB, Build: 21H1123, Deferred: NO Is there an issue with the softwareupdate utility?

Is there a way to ensure a kernel extension in the Auxiliary Kernel Collection loads (and runs its start routines) before launchd? I'm emitting logs via os_log_t created with an os_log_create (custom subsystem/category) in both my KMOD's start function and the IOService::start() function. Those messages-- which both say "I've been run"-- inconsistently show up in log show --predicate 'subsystem == "com.bluefalconhd.pandora"' --last boot, which makes me think they are running very early. However, I also record timestamps (using mach_absolute_time, etc.) and expose them to user space through an IOExternalMethod. The results (for the most recent boot): hayes@fortis Pandora/tests main % build/pdtest Pandora Metadata: kmod_start_time: Time: 2025-07-22 14:11:32.233 Mach time: 245612546 Nanos since boot: 10233856083 (10.23 seconds) io_service_start_time: Time: 2025-07-22 14:11:32.233 Mach time: 245613641 Nanos since boot: 10233901708 (10.23 seconds) user_client_init_time: Time: 2025-07-22 14:21:42.561 Mach time: 14893478355 Nanos since boot: 620561598125 (620.56 seconds) hayes@fortis Pandora/tests main % ps -p 1 -o lstart= Tue Jul 22 14:11:27 2025 Everything in the kernel extension appears to be loading after launchd (PID 1) starts. Also, the kext isn't doing anything crazy which could cause that kind of delay. For reference, here's the Info.plist: <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>CFBundleExecutable</key> <string>Pandora</string> <key>CFBundleIdentifier</key> <string>com.bluefalconhd.Pandora</string> <key>CFBundleName</key> <string>Pandora</string> <key>CFBundlePackageType</key> <string>KEXT</string> <key>CFBundleVersion</key> <string>1.0.7</string> <key>IOKitPersonalities</key> <dict> <key>Pandora</key> <dict> <key>CFBundleIdentifier</key> <string>com.bluefalconhd.Pandora</string> <key>IOClass</key> <string>Pandora</string> <key>IOMatchCategory</key> <string>Pandora</string> <key>IOProviderClass</key> <string>IOResources</string> <key>IOResourceMatch</key> <string>IOKit</string> <key>IOUserClientClass</key> <string>PandoraUserClient</string> </dict> </dict> <key>OSBundleLibraries</key> <dict> <key>com.apple.kpi.dsep</key> <string>24.2.0</string> <key>com.apple.kpi.iokit</key> <string>24.2.0</string> <key>com.apple.kpi.libkern</key> <string>24.2.0</string> <key>com.apple.kpi.mach</key> <string>24.2.0</string> </dict> </dict> </plist> My questions are: A. Why don't the early logs (from KMOD's start function and IOService::start) consistently appear in the unified log, while logs later in IOExternalMethods do? B. How can I force this kext to load earlier-- ideally before launchd? Thanks in advance for any guidance!

While playing around with AppShortcuts I've been encountering some problems around getting the invocation phrase detected and/or the parameter get recognized after invocation phrase via Siri. I've found some solutions or explanations here in other posts (Siri not recognizing the parameter in the phrase & Inform iOS about AppShortcutsProvider), but I still have one issue and it's about consistency. For context, I've defined the parameter to be an AppEntity with it's respective query conforming to the EntityStringQuery Protocol in order to be able to fetch entities with the string given by Siri struct AnIntent: AppIntent { // other parts hidden for clarity @Parameter var entity: ModelEntity } For an invocation phrase akin to "Do something with in ", if the user uses the phrase with a entity previously donated via suggestedEntities() the AppShortcut get executed without problems. If the user uses a phrase with no parameter, like "do something with ", if the user gets asked to input the missing parameter and inputs one, it may or may not get recognized and be asked to input a parameter again, like in a loop. This happens even if the parameter given is one that was donated. I've found that when this happens the entities(matching string: String) function in the EntityQuery doesn't get called. The input can be of one word or sometimes two and it will not be called. So in other words entities(matching string: String) does not get called on every user parameter input Is this behavior correct? Do parameters have some restrictions on length or anything? Does Siri shows the user suggested entities when asked for entity input? It doesn't on my end. Additional question related to AppShortcuts: On AppShortcut definition, where the summary inside the parameter presentation is used? I see that it was defined in the AppIntentsSampleApp for the GetTrailInfo Intent but didn't find where it was used

Hello? Does anyone have a program to "Create Shortcuts" in Swift? With: Program Name: Program Path: Program Image:

I’m testing FinanceKit with Apple Cash and noticed that transfers don’t include any counterparty information. Here’s an example transaction I fetched: Transaction( id: 5A96EA49-B7C9-4481-949D-88247210C1D7, accountID: 28D7C0E2-DC2A-4138-B105-BCE5EE00B705, transactionAmount: 30 USD, creditDebitIndicator: .credit, transactionDescription: "Transfer", originalTransactionDescription: "", merchantCategoryCode: nil, merchantName: nil, transactionType: .transfer, status: .booked, transactionDate: 2025-08-19 21:57:54 +0000, postedDate: 2025-08-19 21:57:55 +0000 ) As you can see: transactionDescription is just "Transfer" originalTransactionDescription is empty merchantName is nil No counterparty details are exposed In contrast, the Wallet app clearly shows the other person’s name and avatar for Apple Cash transfers, making it easy to understand who the payment was with. In FinanceKit, there’s no way to distinguish between transfers with different people — every transfer looks identical. Questions Is there a hidden or planned field for Apple Cash counterparty information? Can FinanceKit provide at least minimal metadata (e.g., contact name, initials, or a privacy-preserving identifier)? Is there any workaround today to correlate Apple Cash transfers with contacts? Feature request: Please expose counterparty information for Apple Cash transfers. Even something as simple as a stable identifier or name string would enable developers to build Wallet-quality transaction detail screens. Thanks!

I’m creating an app with the Screen Time API and I would like to know how to make the app show a parental control editing view for parents and a view for child accounts that shows which apps are blocked. How can I do this?

I'm sitting at my house and trying to sign my test device out of my apple ID so I can sign into a Sandbox user, but now I have an hour to kill because of this terribly broken "security" feature that thinks it's in an unfamiliar location, despite being at the only location it's ever known. Looks like I'll just be disabling this feature all together. Especially as a device with Developer Mode enabled, which gets reset regularly, there should be additional options here. Come on!

Hello Shortcuts community! I want to obtain a list of my notes, and well, update them, delete them if needed, and so on. These are simple actions that I can already do. For this, I saw that shortcuts was pretty simple, and I could get what I wanted and pipe it through the terminal. However, even though I'm a programmer, there's a lot that I'm missing since I cannot pipe anything to the terminal. I made a simple shortcut to give me some text, and I could obtain it via -shortcuts run "Example" | cat-, which well, gave me the output but with a %. aaa**%** Now, I guess this works, the important thing is for me to obtain something from shortcuts so that I can configure simple things like obtaining a note, a mail, run some javascript in the browser and so on while obtaining some output via the terminal. So, I configured something like this: While I do get a dictionary (only in the shortcuts app, not in the terminal) like: { "Title": "Some title" } And actually a list of them, I don't have them in an array that I would have for my command. And for some reason I've only been able to obtain either the name or the body. Now, I put them into a text with get text from Repeated results, but I don't think I have a valid Dictionary (JSON) array that I can use, since the terminal doesn't obtain nothing. So far I've tried: echo $(shortcuts run "Find Notes") echo $(shortcuts run "Find Notes" --output-type public.utf8-plain-text -o -) shortcuts run "Find Notes" | xargs I wonder what am I missing. I'm not creating the array of dictionaries like I'd like, nor outputting it. On the other hand, I have some AppleScripts that work, however, given that I cannot find munch information about the support status of AppleScript, I though to update to Shortcuts which is obtaining updates, and then I'm trying to do this simple example on shortcuts. Thanks for taking a look!

I have noticed that there are no new kdk builds since mid December Is everything ok at apple I am aware of NXUs but the kernel version has changed much since then

I’m looking into activating my gate (has a dedicated app to it) while getting near home. i thought that a combination of Car bluetooth connection/Carplay connection as well as a 50 meter radius from home location would be nice to trigger the gate app. However, I find it hard to set these 2 parallel conditions in Shortcuts. I managed to set connection to car’s Bluetooth, but next screen would suggest the “do” action rather than offer additional conditions. i couldn‘t handle the “if” option. would like some help.

当用户开启App自动更新后，自动更新App后，App有些功能会错乱。 1.有的会触发旧App代码功能，如旧版本有个选择框，在新版本选择框从界面移除了，但自动更新看，有的用户会还会触旧版本选择框的功能 2.数据错乱，如App录入数字6，发送到服务端变成5.4 现在发现这些问题。都是要把App删除，重新下载就可以。 请问要如何避免这样的问题。 App是有Objective-C，会不会与开启 BITCODE有关？

Connect with ios in android

Hi everyone, I'm looking for a way to programmatically set the left/right audio balance to perfect center (50/50) using either a Terminal command or AppleScript. Background: The audio balance slider in System Settings &gt; Sound &gt; Output &amp; Input works functionally, but I have difficulty determining when it's positioned at the exact center point. The visual nature of the slider makes it challenging for me to achieve the precision I need, and I end up adjusting it repeatedly trying to get it perfectly centered. What I'm looking for: A Terminal command that can set the audio balance to exact center An AppleScript that accomplishes the same thing Any other programmatic method to ensure perfect 50/50 balance I've tried searching through the defaults command documentation and Core Audio frameworks but haven't found the right approach yet. Has anyone successfully automated this setting before? Any help would be greatly appreciated! Thanks in advance, Dylan

From some moment of time, Universal Links stopped working for our app. As per my understanding, application reinstall or update caused system to fetch AASA file from CDN, which started to reply with 404 for our domain (https://app-site-association.cdn-apple.com/a/v1/app.link.digidentity.eu). In the meantime, nothing has changed inside our app or on our BE (https://app.link.digidentity.eu/.well-known/apple-app-site-association). Executing "curl -v https://app-site-association.cdn-apple.com/a/v1/app.link.digidentity.eu" returns following result * IPv6: (none) * IPv4: 17.253.15.197, 17.253.29.202, 17.253.37.203, 17.253.37.208, 17.253.57.197, 17.253.57.208, 17.253.29.196 * Trying 17.253.15.197:443... * Connected to app-site-association.cdn-apple.com (17.253.15.197) port 443 * ALPN: curl offers h2,http/1.1 * (304) (OUT), TLS handshake, Client hello (1): * CAfile: /etc/ssl/cert.pem * CApath: none * (304) (IN), TLS handshake, Server hello (2): * (304) (IN), TLS handshake, Unknown (8): * (304) (IN), TLS handshake, Certificate (11): * (304) (IN), TLS handshake, CERT verify (15): * (304) (IN), TLS handshake, Finished (20): * (304) (OUT), TLS handshake, Finished (20): * SSL connection using TLSv1.3 / AEAD-CHACHA20-POLY1305-SHA256 / [blank] / UNDEF * ALPN: server accepted http/1.1 * Server certificate: * subject: C=US; ST=California; O=Apple Inc.; CN=app-site-association.cdn-apple.com * start date: Jul 7 00:05:26 2025 GMT * expire date: Sep 30 19:08:48 2025 GMT * subjectAltName: host "app-site-association.cdn-apple.com" matched cert's "app-site-association.cdn-apple.com" * issuer: CN=Apple Public Server ECC CA 11 - G1; O=Apple Inc.; ST=California; C=US * SSL certificate verify ok. * using HTTP/1.x > GET /a/v1/app.link.digidentity.eu HTTP/1.1 > Host: app-site-association.cdn-apple.com > User-Agent: curl/8.7.1 > Accept: */* > * Request completely sent off < HTTP/1.1 404 Not Found < Apple-Failure-Details: {"cause":"dial tcp: lookup app.link.digidentity.eu on 10.100.53.53:53: dial tcp 10.100.53.53:53: connect: connection refused"} < Apple-Failure-Reason: SWCERR00302 Network error (temporary) < Apple-From: https://app.link.digidentity.eu/.well-known/apple-app-site-association < Apple-Try-Direct: true < Cache-Control: max-age=3600,public < Content-Length: 10 < Content-Type: text/plain; charset=utf-8 < Date: Thu, 21 Aug 2025 10:36:47 GMT < Vary: Accept-Encoding < Expires: Thu, 21 Aug 2025 10:36:57 GMT < Age: 2952 < Via: http/1.1 uklon5-vp-vst-011.ts.apple.com (acdn/1.16221), https/1.1 uklon5-vp-vfe-007.ts.apple.com (acdn/4.16219), http/1.1 defra1-edge-lx-005.ts.apple.com (acdn/260.16276), http/1.1 defra1-edge-bx-006.ts.apple.com (acdn/260.16276) < X-Cache: hit-fresh, hit-stale, hit-fresh, hit-fresh < CDNUUID: e06b4b03-f97d-48f8-97bb-774359a39fa2-4464142837 < Connection: keep-alive < Not Found * Connection #0 to host app-site-association.cdn-apple.com left intact On our end, we did not find any reason why it can be not available for Apple to fetch. Is SWCERR00302 an indication of problem on our end? Any help is appreciated

Sorry if topic is not exact. I write Ainu in various Roman Latin scripts on English GUI Catalina ,Text Edit. The Ainu words are similar to English ex. 'an' in Ainu is 'exist' ,Ainu Language exists 'Ne Ainu itak an ',so spell checker will not red dot many words also some Ainu words look like other foreign words. I open LocalDictionary and find it blank ,so I open TextEdit and open show spelling grammar 100 words out of 200 are red dotted !the others are not learned, so I press' learn' and it skips to some words not Allan after 100 it stops ,then I go to LocalDictionary and see all those words alphabetical order ,! great ! but what about the rest ? why does select half of the words and /part/ of a phrase/ 'Itak a-e-yay-/han-nok-kar-a' = to study language by oneself.

Hi I'm trying to build a screen time app and the Apple docs and APIs really leave something to be desired. I want to block apps on a schedule. That's it. To do this I need my DeviceActivityMonitorExt to know which apps to block. I need to somehow pass a DeviceActivitySelection from the main app into this DeviceActivityMonitorExt. How can I do this?

I am creating scripts to automatically switch the wallpapers on my multiple displays. System Events exposes almost all of the options accessible in the Wallpapers pane of system settings, but not the option to "Show on all Spaces". I want to add that option to the following script: tell application "System Events" set intervalSeconds to 900.0 set wpDir to POSIX file "/Path/to/Folder/" set picture rotation of every desktop to 1 set random order of every desktop to true set pictures folder of every desktop to wpDir set change interval of every desktop to intervalSeconds do shell script ("killall Dock") end tell Also, the foregoing script does not seem to successfully set the interval value, although it does not throw an error. Not sure why that does not work. Any thoughts or insights would be welcome. Thank you

I'm encountering what appears to be a specific precedence behavior with ManagedSettingsStore.shield and would appreciate some further clarification. My current understanding is that category-level shields take precedence over individual app allowances. My test involved... Using FamilyActivityPicker to select a single target application (e.g., "Calculator," which falls under the "Utilities" category). Using FamilyActivityPicker again to select the category of that target application. I applied shields using ManagedSettingsStore (named .individual): store.shield.applicationCategories = .specific(Set([utilitiesCategoryToken])) store.shield.applications = Set([calculatorApplicationToken]) Result: The calculator app remains shielded, suggesting that the category-level shield on Utilities overrides the attempt to allow the individual app. I also tried this using a single picker, but received only the category token instead of all application tokens in that category. Is this observed precedence (where store.shield.applicationCategories effectively overrides store.shield.applications for apps within the shielded category) the intended behavior? If so, are there any mechanisms available within the main app's capabilities (potentially using a Device Activity Report Extension or Shield Extension) to allow a specific ApplicationToken if its corresponding ActivityCategoryToken is part of the store.shield.applicationCategories set? Essentially, can store.shield.applications be used to create "allow exceptions" for individual apps that fall into an otherwise shielded category? Additionally, I mentioned that selecting an entire category in the picker only returns the opaque category token, not any application tokens. Is there any way in which I could return both the category and all application tokens by just selecting the category? Any insights or pointers would be greatly appreciated!

When establishing a Bluetooth connection and subscribing to feature values, the log shows a subscription failure with the error: did fail to update notification state: The handle is invalid.