Hi, I work at OneSignal, a third-party SDK, and have the following two crash reports submitted by a client for the same issue. Because the crash originates from our SDK, even if the root cause may be elsewhere, the onus is on our team to try to resolve this crash. Additionally, my information is limited as this is not our own crash report. I'm trying to figure out why this crash happens and how we can address it within our SDK. Crash Reported: Fatal Exception: NSInvalidArgumentException [NSMutableDictionary __addObject:forKey:]: object cannot be nil Context: Our SDK makes a call to [NSUserDefaults(NSUserDefaults) objectForKey:] on the standardUserDefaults and passes in a non-null key. It appears further up the call stack, a null value is being added to a dictionary. I assume this is the innards of how the search list is generated. Additional Information: The client states that it seems to happen only once per user and the scale is not extremely high but it is increasing. They are unsure what happened and when. They don't have much information about the devices except it has happened on iOS 18. Log 1: 0 CoreFoundation 0x2d5fc __exceptionPreprocess 1 libobjc.A.dylib 0x31244 objc_exception_throw 2 CoreFoundation 0x15548 -[NSMutableDictionary __addObject:forKey:] 3 CoreFoundation 0x20850 -[__NSDictionaryM __apply:context:] 4 CoreFoundation 0x54700 ___CFPrefsDeliverPendingKVONotificationsGuts_block_invoke 5 CoreFoundation 0x52988 __CFDictionaryApplyFunction_block_invoke 6 CoreFoundation 0x52524 CFBasicHashApply 7 CoreFoundation 0x21040 CFDictionaryApplyFunction 8 CoreFoundation 0x7a6b0 _CFPrefsDeliverPendingKVONotificationsGuts 9 CoreFoundation 0x777d0 -[_CFXPreferences _deliverPendingKVONotifications] 10 CoreFoundation 0x776ac __108-[_CFXPreferences(SearchListAdditions) withSearchListForIdentifier:container:cloudConfigurationURL:perform:]_block_invoke 11 CoreFoundation 0x5cf24 normalizeQuintuplet 12 CoreFoundation 0x5cd60 -[_CFXPreferences withSearchListForIdentifier:container:cloudConfigurationURL:perform:] 13 CoreFoundation 0x5cc60 -[_CFXPreferences copyAppValueForKey:identifier:container:configurationURL:] 14 CoreFoundation 0x5c8bc _CFPreferencesCopyAppValueWithContainerAndConfiguration 15 Foundation 0xf0dcc -[NSUserDefaults(NSUserDefaults) objectForKey:] 16 OneSignalCore 0xc7c8 -[OneSignalUserDefaults keyExists:] + 61 (OneSignalUserDefaults.m:61) 17 OneSignalCore 0xc8b0 -[OneSignalUserDefaults getSavedBoolForKey:defaultValue:] + 70 (OneSignalUserDefaults.m:70) 18 OneSignalCore 0xbb10 +[OSPrivacyConsentController requiresUserPrivacyConsent] + 59 (OSPrivacyConsentController.m:59) 19 OneSignalCore 0xbc30 +[OSPrivacyConsentController shouldLogMissingPrivacyConsentErrorWithMethodName:] + 75 (OSPrivacyConsentController.m:75) 20 OneSignalCore 0x4418 +[OneSignalConfigManager shouldAwaitAppIdAndLogMissingPrivacyConsentForMethod:] + 50 (OneSignalConfigManager.m:50) 21 OneSignalOSCore 0x537c OSOperationRepo.flushDeltaQueue(inBackground:) + 140 (OSOperationRepo.swift:140) 22 OneSignalOSCore 0x4868 closure #1 in OSOperationRepo.pollFlushQueue() + 84 (OSOperationRepo.swift:84) 23 OneSignalOSCore 0x5078 thunk for @escaping @callee_guaranteed @Sendable () -> () 24 libdispatch.dylib 0x3fa8 _dispatch_client_callout 25 libdispatch.dylib 0x745c _dispatch_continuation_pop 26 libdispatch.dylib 0x1b620 _dispatch_source_latch_and_call 27 libdispatch.dylib 0x1a1e8 _dispatch_source_invoke 28 libdispatch.dylib 0xb42c _dispatch_lane_serial_drain 29 libdispatch.dylib 0xc124 _dispatch_lane_invoke 30 libdispatch.dylib 0x1738c _dispatch_root_queue_drain_deferred_wlh 31 libdispatch.dylib 0x16bd8 _dispatch_workloop_worker_thread 32 libsystem_pthread.dylib 0x3680 _pthread_wqthread 33 libsystem_pthread.dylib 0x1474 start_wqthread Log 2: Fatal Exception: NSInvalidArgumentException 0 CoreFoundation 0x2d5fc __exceptionPreprocess 1 libobjc.A.dylib 0x31244 objc_exception_throw 2 CoreFoundation 0x15548 -[NSMutableDictionary __addObject:forKey:] 3 CoreFoundation 0x168f0 __72-[CFPrefsSource mergeIntoDictionary:sourceDictionary:cloudKeyEvaluator:]_block_invoke 4 CoreFoundation 0x23ecc -[__NSFrozenDictionaryM __apply:context:] 5 CoreFoundation 0x4f82c -[CFPrefsSource mergeIntoDictionary:sourceDictionary:cloudKeyEvaluator:] 6 CoreFoundation 0x783b8 -[CFPrefsSearchListSource alreadylocked_getDictionary:] 7 CoreFoundation 0x77dfc -[CFPrefsSearchListSource alreadylocked_copyValueForKey:] 8 CoreFoundation 0x77d30 -[CFPrefsSource copyValueForKey:] 9 CoreFoundation 0x77ce4 __76-[_CFXPreferences copyAppValueForKey:identifier:container:configurationURL:]_block_invoke 10 CoreFoundation 0x77690 __108-[_CFXPreferences(SearchListAdditions) withSearchListForIdentifier:container:cloudConfigurationURL:perform:]_block_invoke 11 CoreFoundation 0x5cf24 normalizeQuintuplet 12 CoreFoundation 0x5cd60 -[_CFXPreferences withSearchListForIdentifier:container:cloudConfigurationURL:perform:] 13 CoreFoundation 0x5cc60 -[_CFXPreferences copyAppValueForKey:identifier:container:configurationURL:] 14 CoreFoundation 0x5c8bc _CFPreferencesCopyAppValueWithContainerAndConfiguration 15 Foundation 0xf0dcc -[NSUserDefaults(NSUserDefaults) objectForKey:] 16 OneSignalCore 0xc7c8 -[OneSignalUserDefaults keyExists:] + 61 (OneSignalUserDefaults.m:61) 17 OneSignalCore 0xcbd8 -[OneSignalUserDefaults getSavedDoubleForKey:defaultValue:] + 107 (OneSignalUserDefaults.m:107) 18 OneSignalFramework 0x8964 +[OneSignal shouldStartNewSession] + 350 (OneSignal.m:350) 19 OneSignalFramework 0xc968 +[OneSignalTracker applicationBecameActive] + 83 (OneSignalTracker.m:83) 20 OneSignalFramework 0xb894 -[OneSignalLifecycleObserver didBecomeActive] + 84 (OneSignalLifecycleObserver.m:84) ...... 55 UIKitCore 0x3ee674 -[UIApplication _run] 56 UIKitCore 0x14e88 UIApplicationMain 57 UnityFramework 0x399aef0 -[UnityFramework runUIApplicationMainWithArgc:argv:] + 96 (main.mm:96) 58 ClientsApp 0x412c main + 28 (main.mm:28)

I'm new to the Screen Time API and trying to block custom websites, but I can't get WebDomain tokens to work. When I create a WebDomain like WebDomain(domain: "reddit.com"), the token property is always nil. I have proper authorization and the app works fine for blocking apps, but website blocking just won't work. I'm confused because I see apps like JOMO that let users type in any website domain and successfully block it using Screen Time API. They have the same 49 domain limit and only ask for Screen Time permission, so they must be using the same API I am. But somehow their WebDomain tokens work and mine don't. I've tried creating the tokens right after getting authorization and during the FamilyActivityPicker session, but still get nil. Am I missing some setup step or API call that makes WebDomain tokens valid? Any help would be really appreciated since I'm stuck on this.

Hi Team, We’re encountering a device-specific issue with our SMS Message Filter extension. The extension works as expected on an iPhone 11 running iOS 16.6, but it does not trigger on an iPhone 12 Pro running iOS 16.7. Key Observations: The extension is implemented using ILMessageFilterExtension and calls messageFilterOffline(appGroupIdentifier:for:) from our shared library. The App Group is properly configured and accessible across the app and extension. The extension is enabled under Settings > Messages > Unknown & Spam. There are no crashes or error logs reported on the affected device. The issue is consistently reproducible — it works on one device but not the other. We’re wondering if this could be a regression or a device-specific behavior change introduced in iOS 16.7. Has anyone encountered similar inconsistencies in Message Filter extensions across different iOS versions or device models? Any guidance or suggestions would be greatly appreciated. Thanks in advance!

can i block number on my app with callkit if the number already exists as a contact? Or i can only block number that are not on the contact list ?

Hi Apple Developers, I am currently working on a message filtering application and facing issues specifically with filtering RCS (Rich Communication Services) messages. To debug this, I created a sample app that consistently categorizes all incoming messages as "junk." However, the filtering behaviour is inconsistent and not functioning as expected. Here are the key issues observed during testing on iOS versions 18.2.1 and 18.3: Inconsistent Filtering Behavior: When a message is received from an unknown number, it sometimes gets moved to the Junk folder momentarily but is then immediately moved back to the main Messages inbox. In some cases, the message does not get moved to the Junk folder at all, despite the app returning the verdict as "junk." Duplicate Contact Tiles: The Messages app displays two separate conversation tiles for the same mobile number, which is unexpected behavior. I have attached both a sample app and a screen recording that clearly demonstrates the issue. The recording shows that the app categorizes messages as junk, yet they still end up in the main Messages inbox. For reference, my carrier partner is T-Mobile. Please let me know if you need any additional information to investigate this issue further. Looking forward to your insights and guidance. Best regards, Rijul Singhal

When the iPhone is set to 12-hour time format, obtaining a timestamp similar to "2025-07-18 16:29:00" fails

Hi, I have developed iOS app using Cordova platform, now I am trying to open the upi app which is not happening. Can anyone guide me how to do this. From my app i am hitting the below URL location.href='phonepe://'

I'd like to allow users to select apps to shield from a DeviceActivityReport (similar to how Apple's Screen Time Settings activity report allows a user to "add limits" to a selected app in the report. What I need to do is pass an appToken from the DeviceActivityReportExtension to my app. I realize the extension is sandboxed and doesn't allow "private" data to be seen outside of the sandbox. The docs state: To protect the user’s privacy, your extension runs in a sandbox. This sandbox prevents your extension from making network requests or moving sensitive content outside the extension’s address space. However, tokens aren't "sensitive". I want to pass a token set out of the sandboxed extension so users can select certain apps from the report that my app can use for setting limits, etc. I thought using App Groups and saving data with UserDefaults with a suiteName for my app group would do it, but it doesn't appear to allow me to pass the token data. Yes I'm using the same KEY for both as I set a config enum to ensure it's the same and I can pass tokens successfully between other extensions/apps in the app group, but not the report extension. It seems the app and the extension have their own stores as the report extension can write to and read from a store but despite being the same suiteName, other apps in the app group don't get or send data to the Report Extension. I realize this is probably due to the design with the sandbox to protect user privacy, however it seems an exception should be made for passing tokens (or even better allow passing through another method like a callback, etc). Is there ay way to accomplish passing a token from the sandboxed report extension to my app?

We are planning to use our internal IdP (PingFederate) for authentication of end users in their iOS apps using ASWebAuthenticationSession. Initial tests are successful, but the user is prompted for every login (and logouts) with a consent dialogue box: “AppName” wants to use “internal domain-name” to Sign In This allows the app and website to share information about you. Cancel Continue” Let’s say that our top-level domain is “company.no”, where our IdP is placed at “idp.company.com”. I have seen examples where the Associated domains entitlement points to the idp as a webserver for serving the JSON output AASA file. In this case that would be: authsrv: idp.company.com Anyone with experience implementing this structure with the IdP as webserver for serving the JSON output? Our problem is that trying to use the IdP as webserver for this purpose is that it is very complicated to modify the IdP’s webserver configuration. Also, this modification needs to be re-done every time we need to upgrade the IdP. My question is therefore also related to the options of which webserver to install the AASA file on. Has anyone installed the file on a generic webserver on the toplevel domain like “webserver.company.com” ?

I found that in iOS 18.5, DeviceActivityCenter startMonitoring cannot start multiple monitors, even if their names and periods are different, and restarting the phone cannot solve it. My app uses DeviceActivityCenter, which makes the entire function unusable. (I have less than 20 monitors)

where can we find documentation on the following fields included in payloads? They're not listed alongside the other fields in the documentation linked below: https://developer.apple.com/documentation/weatherkitrestapi/hourweatherconditions precipitationIntensity snowfallAmount Or if we can get the data type, unit used, and description here that would be great

I’m developing an app with audio calling functionality, and I’d like to take advantage of Picture-in-Picture (PiP) so that when the user moves the app to the background, the ongoing call can remain minimized on the Home screen. Based on my research, it seems possible to display a view in PiP mode and have it play, and I haven’t found any documentation stating that this is prohibited. Could you please confirm if this is allowed?

Hello, We're facing an issue with app links failing and falling back to browser website journeys. Our apple-app-site-association file is hosted publicly and the app to app journeys have been working correctly up to very recently - we are trying to identify any potential network infra changes that could have impacted the Apple CDN being able to retrieve the apple-app-site-association file. We can see in the iPhone OS logs that the links cannot be verified by the swcd process, and using the app-site-association.cdn-apple.com/a/v1 api via curl can also see the CDN has no record of the AASA file. Due to the traffic being SSL and to a high volume enterprise site it is difficult for use to trace activity through anything other that the source IPs - we cannot filter on user-agent for "AASA-Bot/1.0.0" as breaking the SSL would be impactful due to the load. Is it possible to get a network range used by the Apple CDN to retrieve the AASA file as this would help us identify potential blocking behaviour? Thank you.

Hello everyone, I’m developing an app using the FamilyControls framework, I distributed through TestFlight the other day using the “Family Controls” distribution (not Development). Everything works as expected in dev builds — but for external TestFlight testers, nothing in the FamilyControls framework seems to function. I'm using the correct Family Controls capability in Xcode (added via Signing & Capabilities). The com.apple.developer.family-controls entitlement is present in my .entitlements file. All the users who reported the issue had correctly given screen time permissions to the app. Would really appreciate some help regarding where the issue could come from.

I want to monitor again from the bellow function of DeviceActivityMonitorExtension. I have the function of startMonitoring like this. override func eventDidReachThreshold(_ event: DeviceActivityEvent.Name, activity: DeviceActivityName) { super.eventDidReachThreshold(event, activity: activity) startMonitoring() } public func startMonitoring() { let startTime = DateComponents(hour: 0, minute: 0, second: 0) let endTime = DateComponents(hour: 23, minute: 59, second: 59)//DateComponents(hour: 11, minute: 0, second: 0)// let schedule = DeviceActivitySchedule( intervalStart: startTime,//DateComponents(hour: 0, minute: 0, second: 0), intervalEnd: endTime, repeats: true //warningTime: DateComponents(minute:1) ) let selection: FamilyActivitySelection = savedSelection() ?? FamilyActivitySelection() let center = DeviceActivityCenter() let selections = self.savedSelection() ?? FamilyActivitySelection() let applications = selections.applicationTokens let categories = selections.categoryTokens let webCategories = selections.webDomainTokens let store = ManagedSettingsStore() store.shield.applicationCategories = ShieldSettings.ActivityCategoryPolicy.specific(categories, except: Set()) store.shield.applications = applications store.shield.webDomains = webCategories let scheduleHard = DeviceActivitySchedule( intervalStart: startTime,//DateComponents(hour: 0, minute: 0, second: 0), intervalEnd: endTime, repeats: true //warningTime: DateComponents(minute:1) ) let event = DeviceActivityEvent( applications: selection.applicationTokens, categories: selection.categoryTokens, webDomains: selection.webDomainTokens, threshold: DateComponents(minute: 0)//timeLimitToUseApp i.e for 15 mins ) do { try center.startMonitoring( .weekend, during: scheduleHard, events: [ .weekend: event, ] ) print("ScreenTime Monitoring Started") } catch let error { print(error.localizedDescription) } } Please provide us with a solution about starting monitoring from DeviceActivityMonitoringExtension's eventDidReachThreshold function or if there is any other way.

Hi all, I'm trying to set up universal links for my app but it's not working. What I want: cogover.com → Safari (website) - NOT my app *.cogover.com (any subdomain like abc.cogover.com) → My app What I did: Added applinks:*.cogover.com in Xcode Put AASA files on all subdomains They work fine (checked with curl) Problem: All links still open in Safari, not my app. I do not put AASA on my root domain cogover.com because I don't want open my app with root domain. I have checked TN3155: Debugging universal links | Apple Developer Documentation but it only say about universal link works with both root domain and subdomains. Weird thing I found: I checked how Salesforce does it - their *.force.com subdomains work perfectly. But when I tried to check their setup, (https://force.com/.well-known/apple-app-site-association) doesn't seem to exist either! So how does theirs work? Even stranger - Apple's CDN has their file cached at (https://app-site-association.cdn-apple.com/a/v1/force.com) but the actual domain doesn't serve it. Can Apple's CDN have a file cached even if it's not on the website anymore? Thanks for any help!

We developed a "Default Translation App" following the guide: https://developer.apple.com/documentation/translationuiprovider/preparing-your-app-to-be-the-default-translation-app. I have already configured everything that needs to be configured according to the document, but there is still this problem

I am developing an app that can help users disable selected apps at a specified time, so that users can get away from their phones and enjoy real life. Here is my data structure: extension ActivityModel { @NSManaged public var id: UUID @NSManaged public var name: String @NSManaged public var weeks: Data @NSManaged public var weekDates: Data @NSManaged public var appTokens: Data } Among them, weeks is of [Bool] type, indicating which weeks from Sunday to Saturday are effective; weekDates is of [[Date,Date]] type, indicating the effective time period; appTokens is of Set type, indicating the selected apps。 At the beginning, I will open a main monitor: let deviceActivityCenter = DeviceActivityCenter() do{ try deviceActivityCenter.startMonitoring( DeviceActivityName(activityModel.id), during: DeviceActivitySchedule( intervalStart: DateComponents(hour: 0,minute: 0,second: 0), intervalEnd: DateComponents(hour: 23,minute: 59,second: 59), repeats: true ) ) }catch { return false } Since the time range may be different every day, I will start the sub-monitoring of the day every time the main monitoring starts： override func intervalDidStart(for activity: DeviceActivityName) { super.intervalDidStart(for: activity) if activity.rawValue.hasPrefix("Sub-") { ActivityModelManager.disableApps( Tools.getUUIDFromString(activity.rawValue) ) return } let weekIndex = Calendar.current.component(.weekday, from: .now) let weeks = ActivityModelManager.getWeeks(activity.rawValue) if weeks[weekIndex] { let weekDates = ActivityModelManager.getWeekDates(activity.rawValue) let deviceActivityCenter = DeviceActivityCenter() do{ try deviceActivityCenter.startMonitoring( DeviceActivityName("Sub-" + activityModel.id), during: DeviceActivitySchedule( intervalStart: getHourAndMinute(weekDates[weekIndex][0]), intervalEnd: getHourAndMinute(weekDates[weekIndex][1]), repeats: false ) ) }catch { return } }esle { return } } I will judge whether it is main monitoring or sub monitoring based on the different activity names. When the sub-monitor starts, I will get the bound application and then disable it: static func disableApps(_ id : UUID){ let appTokens = ActivityModelManager.getLimitAppById(id) let name = ManagedSettingsStore.Name(id.uuidString) let store = ManagedSettingsStore(named: name) store.shield.applications = appTokens return } When the child monitoring is finished, I resume the application: static func enableApps(_ id : UUID){ let name = ManagedSettingsStore.Name(id.uuidString) let store = ManagedSettingsStore(named: name) store.shield.applications = [] } The above is my code logic. When using DeviceActivityMonitorExtension, I found the following problems: intervalDidStart may be called multiple times, resulting in several sub-monitors being started. After a period of time, the monitoring is turned off. The static methods enableApps and disableApps are sometimes not called

I have an app I want to get on the App Store but when I was putting in the build version slot, I accidentally deleted it by clicking backspace and tried everything to get it working again but I can't. Is there anyway for me to retrieve the slot so it works?

Hello, I'm working on implementing Live Caller ID Lookup, but I noticed that https://github.com/apple/live-caller-id-lookup-example redirects to https://github.com/apple/pir-service-example. Could you please clarify why this redirection occurs?