I have poked around the web looking for a good example to do this and I haven't found a working example. I need to connect to a USB Device, its multiple ports and supports what looks to be a root port and 4 other ports I am no expert in USB but I do know how to write a kext and client drivers, but thats really not the way to solve this. I need to display the serialized output from these USB ports for a development board. I would rather do this on my Mac than have to cobble up a Linux machine and mess around with Linux. Here is the output from ioreg MCHP-Debug@03100000 <class IOUSBHostDevice, id 0x105f6fdc2, registered, matched, active, busy 0 (20 ms), retain 27> MCHP-Debug@0 <class IOUSBHostInterface, id 0x105f6fdc8, registered, matched, active, busy 0 (13 ms), retain 5> +-o MCHP-Debug@0 <class IOUSBHostInterface, id 0x105f6fdc8, registered, matched, active, busy 0 (13 ms), retain 5> +-o MCHP-Debug@1 <class IOUSBHostInterface, id 0x105f6fdc9, registered, matched, active, busy 0 (11 ms), retain 5> +-o MCHP-Debug@2 <class IOUSBHostInterface, id 0x105f6fdcb, registered, matched, active, busy 0 (9 ms), retain 5> | | | | | +-o MCHP-Debug@3 <class IOUSBHostInterface, id 0x105f6fdcc, registered, matched, active, busy 0 (7 ms), retain 5> I have been able to open a inservice to the device at the top level, but I get an error when I use. usbHostInterface = [[IOUSBHostInterface alloc] initWithIOService:usbDevice options: IOUSBHostObjectInitOptionsNone queue: queue error: &error interestHandler: handler]; Error:Failed to create IOUSBHostInterface. with reason: Unable to obtain configuration descriptor. Assertion failed: (usbHostInterface), function main, file main.m, line 87. I started using DeviceKit but I received signing errors and I shouldn't have to go down that path just to dump data from a USB port? Any suggestions would be great, most of the Apple documentation on USB ports is like 20 years old and the new stuff pushes you towards DeviceKit.

I encountered a concurrency compilation warning when calling the TranslationSession.translations(from: [TranslationSession.Request]) API, and I'm don't know how to resolve it. I reviewed the official demo, but it appears identical.

Dear Apple CS, I’m working with NFC ISO15693 tags using NFCTagReaderSession / NFCISO15693Tag, and I’d like to read these tags in the background if possible. Is there any way to read this tag type without triggering the system NFC popup that iOS normally shows? Please note it will not be a public app, the app is meant for internal use for our employees only. is there an option to submit a special request for this use case? Thank you in advance!

Hi there, First thanks for all the work on BGContinuedProcessingTask! It looks really promising. I have a question / issue around the behavior when a BGContinuedProcessingTask expires. Here is my setup. I have an app who's responsible for uploading large files in the field (AKA wifi is not expected) For a given file, it can likely fail due to network conditions I'm using Multipart upload though so I can retry a file to pick up where it left off. I use one taskIdentifier per file, and when the file fails, I can retry the task and have it continue where it left off (I am reusing the taskIdentifier here for retries, let me know if I shouldn't be doing that) Here is the behavior I am seeing I start an upload, it seems to be uploading normally I turn on airplane mode to simulate expiration of the task the task fails as expected after ~30 seconds, and I see the failure in my home screen. I have callbacks in the task to put my app in the proper state on expiration / failure I turn back on airplane mode and I retry the task, the way I do this is I do NOT re-register, I simply re-submit the task with the same TaskIdentifier. What I would have expected is that the failure task is REPLACED with the new task and new progress. Instead what I see is TWO ContinuedBackgroundProcessingTasks, one in the failure state and one in progress. My question is How can I make retries reuse the same task notification item? OR if that's not possible, how do I programmatically clear the task failure? I've tried cancelTask but that doesn't seem to clear it.

Does FSKit support the ability to get the process information, such as the pid, when a process accesses a resource? Being able have the process context is important for implementing certain access patterns and security logging in some contexts. For instance, we have a system that utilizes (pre-FSKit) a FUSE mount that, depending on the process has different "views" and "access" based on the process id.

Hello to all I have coded in swift a headless app, that launches 3 go microservices and itself. The app listens via unix domain sockets for commands from the microservices and executes different VPN related operations, using the NEVPNManager extension. Because there are certificates and VPN operations, the headless app and two Go microservices must run as root. The app and microservices run perfectly when I run in Xcode launching the swift app as root. However, I have been trying for some weeks already to modify the application so at startup it requests the password and runs as root or something similar, so all forked apps also run as root. I have not succeeded. I have tried many things, the last one was using SMApp but as the swift app is a headless app and not a CLI command app it can not be embedded. And CLI apps can not get the VPN entitlements. Can anybody please give me some pointers how can I launch the app so it requests the password and runs as root in background or what is the ideal framework here? thank you again.

We are currently implementing a custom iCloud sync for our macOS and iOS apps using CloudKit. Syncing works fine as long as the number of record sends is relatively small. But when we test with a large number of changes ( 80,000+ CKRecords ) we start running into problems. Our sending strategy is very conservative to avoid rate limits: We send records sequentially in batches of 250 records With about 2 seconds pause between operations Records are small and contain no assets (assets are uploaded separately) At some point we start receiving: “Database commit size exceeds limit” After that, CloudKit begins returning rate-limit errors with retryAfter-Information in the error. We wait for the retry time and try again, but from this moment on, nothing progresses anymore. Every subsequent attempt fails. We could not find anything in the official documentation regarding such a “commit size” limit or what triggers this failure state. So my questions are: Are there undocumented limits on the total number of records that can exist in an iCloud database (private or shared)? Is there a maximum volume of record modifications a container can accept within a certain timeframe, even if operations are split into small batches with pauses? Is it possible that sending large numbers of records in a row can temporarily or permanently “stall” a CloudKit container? Any insights or experiences would be greatly appreciated. Thank you!

Hi, I played around the last days with the new NetworkConnection API from Network framework that supports structured concurrency. I discovered a behavior, which is unexpected from my understanding. Let's say you have a dead endpoint or something that does not exist. Something where you receive a noSuchRecord error. When I then try to send data, I would expect that the send function throws an error but this does not happen. The function now suspends indefinitely which is well not a great behavior. Example simplified: func send() async { let connection = NetworkConnection(to: .hostPort(host: "apple.co.com", port: 8080)) { TCP() } do { try await connection.send("Hello World!".raw) } catch { print(error) } } I'm not sure if this is the intended behavior or how this should be handled. Thanks and best regards, Vinz

The current stable macOS version, 26.1 (build 25B78) is missing a corresponding Kernel Debug Kit (KDK) on the developer downloads page. This means I can't do any kernel-level development tasks currently. For example, if I try to build a new kernel collection with kmutil I get the message Missing Developer Kit: As of macOS 13.0, you will need to install a KDK matching your build 25B78 to rebuild kernel collections. but there is no build 25B78 KDK available to download. The latest 26.1 KDK on the download page is 25B5062e (from a beta I believe) and the final stable KDK for build 25B78 (which kernel development tools require) was never published. Is there any workaround for this to correctly do kernel-level development targeting the latest stable release, or a timeline for when the KDK will release? Thanks!

We are developing an enterprise app that connects to a local server. It uses simple URLSessions. There is a view in the app where you enter the server url (IP address) and a connection check is made. iOS asks for permission to access the local network. Everything works. If the server is reachable, the connection info is saved. Recently we encountered a very strange issue: We also have a beta version of this app. If we first install the normal version on a device, enter the server IP, save, and then install the beta version and do the same there: It does not get a connection (it waits for the timeout). The strange part is: If I try to configure the connection in the normal version again, it also does not work, it just waits for the timeout. The really strange part: When I delete the beta version, while the normal version is waiting for its connection, the connection succeeds immediately. Both versions have a different display name, bundle id. I also tried using a device that is not in our MDM: same problem. Even the iOS version seems to have no impact: I tried on iOS 15, 18 and 26. Is there an explanation and hopefully also a solution to this problem?

We are implementing a camera intercom calling feature using VoIP Push notifications (PushKit) and LiveCommunicationKit (iOS 17.4+). The app works correctly when running in foreground or background, but fails when the app is completely terminated (killed by user or system). After accepting the call from the system call UI, the app launches but gets stuck on the launch screen and cannot navigate to our custom intercom interface. Environment iOS Version: iOS 17.4+ (testing on latest iOS versions) Xcode Version: Latest version Device: iPhone (tested on multiple devices) Programming Languages: Objective-C + Swift (mixed project) Frameworks Used: PushKit, LiveCommunicationKit (iOS 17.4+) App State When Issue Occurs: Completely terminated/killed Problem Description Expected vs Actual Behavior App State Behavior Foreground ✅ VoIP push → System call UI → User accepts → Navigate to intercom → Works Background ✅ VoIP push → System call UI → User accepts → Navigate to intercom → Works Terminated ❌ VoIP push → System call UI → User accepts → App launches but stuck on splash screen → Cannot navigate Root Issues When app is terminated and user accepts the call: Data Loss: pendingNotificationData stored in memory is lost when app is killed and relaunched Timing Issue: conversationManager(_:perform:) delegate method is called before homeViewController is initialized Lifecycle Confusion: App initialization sequence when launched from terminated state via VoIP push is unclear Code Flow VoIP Push Received (app terminated): func pushRegistry(_ registry: PKPushRegistry, didReceiveIncomingPushWith payload: PKPushPayload, for type: PKPushType, completion: @escaping () -> Void) { let notificationDict = NotificationDataDecode.dataDecode(payloadDict) as? [AnyHashable: Any] let isAppActive = UIApplication.shared.applicationState == .active // Store in memory (PROBLEM: lost when app is killed) pendingNotificationData = isAppActive ? nil : notificationDict if !isAppActive { // Report to LCK try await conversationManager.reportNewIncomingConversation(uuid: uuid, update: update) } completion() } User Accepts Call: func conversationManager(_ manager: ConversationManager, perform action: ConversationAction) { if let joinAction = action as? JoinConversationAction { // PROBLEM: pendingNotificationData is nil (lost) // PROBLEM: homeViewController might not be initialized yet if let pendingData = pendingNotificationData { ModelManager.share().homeViewController.gotoCallNotificationView(pendingData) } joinAction.fulfill(dateConnected: Date()) } } Note: When user taps "Accept" on system UI, LiveCommunicationKit calls conversationManager(_:perform:) delegate method, NOT a manual acceptCall method. Questions for Apple Support App Lifecycle: When VoIP push is received and app is terminated, what is the exact lifecycle? Does app launch in background first, then transition to foreground when user accepts? What is the timing of application:didFinishLaunchingWithOptions: vs pushRegistry:didReceiveIncomingPushWith: vs conversationManager(_:perform:)? State Persistence: What is the recommended way to persist VoIP push data when app is terminated? Should we use UserDefaults, NSKeyedArchiver, or another mechanism? Is there a recommended pattern for this scenario? Initialization Timing: When conversationManager(_:perform:) is called with JoinConversationAction after app launch from terminated state, what is the timing relative to app initialization? Is homeViewController guaranteed to be ready, or should we implement a waiting/retry mechanism? Navigation Pattern: What is the recommended way to navigate to a specific view controller when app is launched from terminated state? Should we: Handle it in application:didFinishLaunchingWithOptions: with launch options? Handle it in conversationManager(_:perform:) delegate method? Use a notification/observer pattern to wait for initialization? Completion Handler: In pushRegistry:didReceiveIncomingPushWith, we call completion() immediately after starting async reportNewIncomingConversation task. Is this correct, or should we wait for the task to complete when app is terminated? Best Practices: Is there a recommended pattern or sample code for integrating LiveCommunicationKit with VoIP push when app is terminated? What are the best practices for handling app state persistence and navigation in this scenario? Attempted Solutions Storing pendingNotificationData in memory → Failed: Data lost when app is killed Checking UIApplication.shared.applicationState → Failed: Doesn't reflect true state during launch Calling gotoCallNotificationView in conversationManager(_:perform:) → Failed: homeViewController not ready Additional Information Singleton pattern: LCKCallManagerSwift, ModelManager homeViewController accessed via ModelManager.share().homeViewController Mixed Objective-C and Swift architecture conversationManager(_:perform:) is called synchronously and must call joinAction.fulfill() or joinAction.fail() Requested Help We need guidance on: Correct app lifecycle handling when VoIP push is received in terminated state How to persist VoIP push data across app launches How to ensure app initialization is complete before navigating Best practices for integrating LiveCommunicationKit with VoIP push when app is terminated Thank you for your assistance!

StoreKit ask to buy should have more data in pending state. When user try to purchase ask to buy, we should get at least transactionID, product itself, and time that user start the request. So we can keep track of the whole transaction flow jwsRepresentation should always available for every state, actually even failing state. And should attach state inside of it. Instead of only available after verified purchase. So we can use transactionID and everything relate to transaction for both waiting for purchase and clearing up the cancel or invalid purchase Currently we only have jwsRepresentation after complete purchase, which is very limited its usage

We feel like we're at the end of the long and treacherous process of migrating to StoreKit2. But we've hit a small snag. When testing in the sandbox environment, we've found that if we don't finish a transactions, no subsequent purchase (invoked via call to purchase or the other purchase) will produce the confirmation sheet. Is this the expected behavior? The behavior is observed on iOS26 and 18. Our app will only attempt to finish the transaction if it successfully uploads the receipt to our API. If it fails to do so for whatever reason, the transaction is left unfinished. Whilst the user is informed about this, users will commonly try again. Our concern is that since the confirmation sheet will not be shown again, users will not know they are actually paying again - most certainly not the UX we want to have. We'd much rather have our users be fully aware when they're paying us money. The reason we're choosing not to finish the transaction until our backend has received it and confirmed the receipt to be valid is that the only way the user can get their product is if the server side is aware of this and add more time to the users account. When finishing the transaction via finish immediately after the purchase() call, the confirmation sheet is shown every time after subsequent calls to purchase(). Again, is this the expected behavior both in the sandbox and the production environments? Are we doing something wrong or misusing the product API? We are somewhat stumped because technically, we could get the first confirmation for a product purchase, and then finish it only after an arbitrary amount of calls to purchase() have been made - the user will believe they will have paid only once, but we will receive however much money we can drain from their account - most certainly not the kind of app we want to develop. Please advise and best regards, Emīls

I want to implement a feature on macOS using FileProvider: only grant the allowsTrashing permission to files that have already been downloaded, while not granting it to dataless files. However, the system will automatically drain and clear the content. How can this be detected (and how to determine whether a file is dataless)

I've noticed that if a call to startVPNTunnel() is made while no network interface is active on the system, the call "succeeds" (i.e., doesn't throw), but the VPN connection state goes straight from NEVPNStatus.disconnecting to NEVPNStatus.disconnected. The docs for startVPNTunnel() state: In Swift, this method returns Void and is marked with the throws keyword to indicate that it throws an error in cases of failure. Additionally, there is an NEVPNConnectionError enum that contains a noNetworkAvailable case. However, this isn't thrown in this case, when startVPNTunnel() is called. I just wanted to ask under what circumstances startVPNTunnel() does throw, and should this be one of them? Additionally, to catch such errors, would it be better to call fetchLastDisconnectError() in the .NEVPNStatusDidChange handler?

Dear Apple Developer Support, I would like to request a technical escalation to the engineering team regarding an ongoing issue with Apple Pay domain verification. Error returned by Apple Even though Apple’s request to our domain returns HTTP 200, the verification still fails with: resultCode: 13014 resultString: "Domain verification failed. Review your TLS Certificate configuration to confirm that the certificate is accessible and a supported TLS Cipher Suite is used." requestUrl: https://developer.apple.com/services-account/QH65B2/account/ios/identifiers/verifyDomain TLS Certificate Validation We performed a full TLS analysis: Certificate issued by Sectigo Public Server Authentication CA DV E36 (public trusted CA) Full and correct certificate chain No handshake errors Configuration fully valid SSL Labs rating: A From our side, the TLS configuration is confirmed to be correct. Accessibility of the .well-known file The file is publicly and accessible It returns 200 OK and the content is exactly identical to the file downloaded from the Apple Developer Portal, without any modification. Our network team confirmed that Apple’s verification request also receives HTTP 200 when pressing “Verify” in the Apple Developer Console. Network-side findings We monitored Apple’s request in real time. Findings: TLS handshake succeeds No cipher mismatch File delivered correctly Status: 200 OK No redirect or transformation applied Despite this, Apple still returns error 13014. Request for engineering review We kindly request that an Apple engineer verify the following: The actual TLS handshake performed by Apple's verification service (cipher suite, protocol negotiation, SNI, trust chain). Whether the Sectigo issuing CA is fully trusted and supported by your domain-verification backend. If there is an internal reason behind error 13014—since the external message does not provide actionable details. Whether the response is rejected for reasons other than TLS, given that the file is accessible and the request returns 200. The exact condition that leads Apple to report “TLS Certificate configuration is incorrect” in this case. This issue is blocking an urgent deployment and must be resolved as soon as possible. Existing case reference Case ID: 102760005987 We are fully available to provide: full response headers packet captures (PCAP) SSL/TLS diagnostics file integrity checks server configuration details or join a technical call (Teams / WebEx) Thank you in advance for the escalation. Andrea

We are developing a DriverKit driver on Apple M1. We use the following code to prepare DMA buffer: IODMACommandSpecification dmaSpecification; bzero(&dmaSpecification, sizeof(dmaSpecification)); dmaSpecification.options = kIODMACommandSpecificationNoOptions; dmaSpecification.maxAddressBits = p_dma_mgr->maxAddressBits; kret = IODMACommand::Create(p_dma_mgr->device, kIODMACommandCreateNoOptions, &dmaSpecification, &impl->dma_cmd ); if (kret != kIOReturnSuccess) { os_log(OS_LOG_DEFAULT, "Error: IODMACommand::Create failed! ret=0x%x\n", kret); impl->user_mem.reset(); IOFree(impl, sizeof(*impl)); return ret; } uint64_t flags = 0; uint32_t segmentsCount = 32; IOAddressSegment segments[32]; kret = impl->dma_cmd->PrepareForDMA(kIODMACommandPrepareForDMANoOptions, impl->user_mem.get(), 0, 0, // 0 for entire memory &flags, &segmentsCount, segments ); if (kret != kIOReturnSuccess) { OSSafeReleaseNULL(impl->dma_cmd); impl->user_mem.reset(); IOFree(impl, sizeof(*impl)); os_log(OS_LOG_DEFAULT, "Error: PrepareForDMA failed! ret=0x%x\n", kret); return kret; } I allocated several 8K BGRA video frames, each with a size of 141557760 bytes, and prepared the DMA according to the method mentioned above. The process was successful when the number of frames was 15 or fewer. However, issues arose when allocating 16 frames: Error: PrepareForDMA failed! ret=0xe00002bd By calculating, I found that the total size of 16 video frames exceeds 2GB. Is there such a limitation in DriverKit that the total DMA size cannot exceed 2GB? Are there any methods that would allow me to bypass this restriction so I can use more video frame buffers?

最近我们有个应用要对接App 内购买项目，有什么好的资料或者demo提供一下吗？

i'm trying to understand which entitlements i need to ask for in order to be able to read the credit card via NFC. I work for the bank and i'd like the read our card in order to verify there are the bank's credit card. The goal is to be able to use the card as a physical token to verify the user identity. on android we manage to do this without limitation if (await NfcManager.isSupported()) { await NfcManager.requestTechnology(NfcTech.IsoDep) const tag = await NfcManager.getTag() if (tag) toast.success("NFC Tag read successfully", { cancel: undefined, description: tag.id, id }) else toast.error("No NFC Tag found", { cancel: undefined, id }) const ppse = await NfcManager.isoDepHandler.transceive([ 0x00, 0xa4, 0x04, 0x00, 0x0e, 0x32, 0x50, 0x41, 0x59, 0x2e, 0x53, 0x59, 0x53, 0x2e, 0x44, 0x44, 0x46, 0x30, 0x31, 0x00, ]) logger.info("PPSE", ppse.map((c) => fromBase10ToHex(c, 2)).join(" ")) const select = await NfcManager.isoDepHandler.transceive([ 0x00, 0xa4, 0x04, 0x00, 0x07, 0xa0, 0x00, 0x00, 0x00, 0x04, 0x10, 0x10, 0x00, ]) logger.info("Select AID", select.map((c) => fromBase10ToHex(c, 2)).join(" ")) const gpo = await NfcManager.isoDepHandler.transceive([0x80, 0xa8, 0x00, 0x00, 0x02, 0x83, 0x00, 0x00]) logger.info("GPO", gpo.map((c) => fromBase10ToHex(c, 2)).join(" ")) const record = await NfcManager.isoDepHandler.transceive([0x00, 0xb2, 0x01, 0x14, 0x00]) logger.info("record: ", record.map((c) => fromBase10ToHex(c, 2)).join(" ")) logger.info("PAN", findTag(record, [0x5a])) logger.info("expiry", findTag(record, [0x5f, 0x24])?.reverse()) } but on ios we have restricted access and the ppse doesn't work but i can't find which entitlement i need to ask for, since HCE is to make the iphone into a nfc tag himself and the tap to pay is to pay with the iphone, both of those doesn't match my needs and i wouldn't be able to valid the requirement to get them into production. So i am wondering which entitlement i needs to ask for in order to be able to scan the card inside the bank app. We only care about our card

I've developed a custom FSKit module which all seems to work OK when tested with a dummy test FSResource. However, the end goal is to mount a user's entire home directory via my FSKit module. I obviously need the mount to occur before that user logs in for the first time, since that is when their home directory will be first populated. I also have to perform the mount as the user in question since their home directory must be owned by them. I have written a LaunchDaemon module to call /sbin/mount, running as that user, however I notice that whether FSKit modules are enabled or disabled seems to be a per-user setting. If I enable my FSKit module as User A in 'System Settings > Login Items and Extensions' and then log in as User B and go into Login Items and Extensions, the module shows as disabled. Is there a way to enable my FSKit module globally so that it is enabled for all users without each user having to go into System Settings and manually enable it? Or a way of enabling it via command line that I can run with "sudo -u" ? And would this enable me to mount a filesystem before any user has logged in?