I have a watch only app that display an open/close park status and the current temperature with a current condition icon. That's it. On second submission the watch app was rejected due to no WeatherKit attribution. I have a lack of clarity of what's needed. With my single view that display my content I don't want WeatherKit attribution to overwhelm what's being presented to the user. I've tried looking for watch apps in the store that provide attribution and I'm not finding any. Looking for advice on how to meet this requirement without attribution overpowering my content.

Hi everyone, I have a question regarding the intended privacy limits of the DeviceActivityReportExtension. According to the documentation and the WWDC21 session "Meet the Screen Time API", this extension was created specifically to prevent the host application from accessing the user's underlying activity data (websites visited, app usage, screen time, etc). But I have found that my host app is actually able to reconstruct this raw activity data from the activity report. I am able to extract specific visited websites and app usage durations back into the main app. I reported this to Apple Security (Case ID: OE1100504480881 ), assuming it was a sandbox bypass. However, they closed the ticket stating that this is "expected behavior" and requires no fix. My question for Screen Time Engineers: Is the documentation incorrect? If my host app is expected to be able to read this data, is there a formal API we should be using instead of extracting it from the report extension? The current behavior contradicts the privacy limits described in the documentation, so I am confused if I should rely on this data access for my app features or if it will be patched later. Thanks.

Hi everyone, I'm building a task management app that layers on top of EventKit/Reminders. I'm also moderating /r/AppleReminders. I see a confusion around the semantics of dates on both the developer side and on the user side. I'm trying to map the standard productivity mental model to the EKReminder implementation and hitting some walls. In productivity contexts, a task tends to have three distinct dates: Start Date: When the task becomes actionable — Don’t alert the user before this date. Notification: When the device should buzz/ping the user — Meaning that they can get started on the task. Due Date: Hard deadline — If the system works well, tasks are meant to rarely be past-deadline; productivity systems are about meeting deadlines rather than about missing them. The EventKit Reality Here is what I’m seeing in practice, and I’m hoping someone can correct me if I’m wrong: Field Description In Practice (Reminders App) startDateComponents Docs say "start date of the task" Seemingly unused? I can set it via API, but the Reminders app UI ignores it. It doesn't seem to trigger visibility in "Today" or Smart Lists. dueDateComponents Docs say "date by which reminder should be completed" Conflated. Acts as the "Date" you see in the list. It functions as the Start Date (shows in Today), Due Date (turns red tomorrow), AND Notification time (unless early alerts are set). alarms Inherited from EKCalendarItem seems to be used for the actual notifications, including "Early Reminders," but tightly coupled to the due date in the UI. My Questions: Is startDateComponents effectively a dead field? Is there any native behavior (Smart List filtering, sorting, visibility) that respects this field, or is it purely for metadata storage for third-party apps? Smart List Logic: I was hoping to create a Smart List that shows "Actionable" items (i.e., Start Date <= Today). However, the Smart List filters only offer a generic "Date" field, which maps to dueDateComponents. Has anyone successfully filtered by startDateComponents in a native Smart List? Conflation: Is there any "blessed" way to set a Due Date that is distinct from the Notification time without fighting the system? (e.g. Due Friday, but remind me Wednesday). Any insight into the intended semantics here would be huge. I'm trying to avoid fighting the framework, but the "One Date to Rule Them All" approach in the Reminders app is making it tricky to support separate Start/Due dates. Thanks!

[MTAgeRangeService requestEligibility:^(BOOL eligible) { if (eligible) { //您应用程序的用户所在的地区，需要执行特定年龄相关义务 [MTAgeRangeService requestAgeRangeWithAgeGates:18 in:[ViewU getCurrentVC] completion:^(enum ARResponseType responseType, ARAgeRange * _Nullable ageRange, NSError * _Nullable error) { [weakself.ageRangeLoadingView dissmiss]; self->_ageRangeLoadingView = nil; if (responseType == ARResponseTypeSharing) { //用户同意并分享了年龄范围 if ([ageRange.lowerBound intValue] >= 18) { //满18岁可以注册 }else{ //不到18岁不能注册，提示一下 } }else{ //用户拒绝或者其他未知错误，需要提示 }else{ } } }] ; }else{ }];

I'm facing a problem where notification permissions are working fine in the main app, but failing in the Device Activity Report Extension on iOS 26. This issue wasn’t present in earlier iOS versions. Despite having notification permissions granted in the main app, the extension fails to get authorization. iOS 26: " Before iOS 26:

Hello, Regarding EKEventStore, the WWDC session mentions that “you should only have one of these for your application.” In my app, I need to use the instance on both the main thread and a background thread, and I would like to share a single instance across them. However, EKEventStore is a non-sendable type, so it cannot be shared across different isolation domains. I would like to know what the recommended best practice is for this situation. Also, do I need to protect the instance from data races by using a lock? Thank you.

In iOS 26.1, after my app answers a VoIP call on the lock screen, tapping the bottom-left "More" button doesn't bring up the app icon to jump to the app. The same scenario works normally on iOS 26. How can I resolve this issue?

I followed the method outlined in Apple's documentation to test "Revocation of Consent." Our server received the notification sent by Apple, but the parsed data only contains the following content (some data has been modified for privacy, but the fields remain unchanged): { "receiptType": "Sandbox", "bundleId": "com.xxx.xxxxx", "receiptCreationDate": 1764932591296, "requestDate": 1764932591296, "originalPurchaseDate": 1375340400000, "originalApplicationVersion": "1.0", "appTransactionId": "705020051250081000", "originalPlatform": "iOS" } How can we identify that "a parent/guardian has revoked authorization for a specific user"? We are unable to determine which minor user should be restricted from using certain features of our app. I hope to receive a prompt response from Apple's technical experts!

I’m trying to fully understand the purpose of the ageGates parameter in the AgeRangeService.requestAgeRange API. The official documentation includes the following statement: “The system may return geo-specific age ranges that override your provided age gates based on the person’s location and applicable regulations. When geo-specific ranges are required, the returned age range reflects regulatory requirements rather than the bounds of your age gates.” Based on this, it seems that even if my app provides specific age thresholds through the ageGates parameter, the system may override those boundaries depending on regional laws or regulations, and return a completely different lowerBound / upperBound than what my age gates would suggest. My current understanding is: ageGates indicates the thresholds my app uses to define its internal feature tiers, but the actual age range returned by the OS is determined by legal or regional requirements (e.g., COPPA, GDPR-K, AADC, SB2420), meaning the returned age range may not align with the age ranges implied by my ageGates values. I’d like to confirm whether this interpretation is correct. Additionally, if different regions may produce different lowerBound / upperBound values due to regulatory requirements, then it seems that: developers shouldn’t rely on fixed age buckets, and instead must implement feature gating logic dynamically based on whatever age range the OS returns. So my questions are: Is my understanding correct that ageGates is simply a hint that describes my app’s tier thresholds, and the OS may override those boundaries to comply with local regulations? If lowerBound / upperBound can vary across regions, what is the recommended way for developers to design their feature-gating logic? Should we avoid hardcoded age buckets and instead build flexible logic that adapts to whatever range the OS returns? I’d appreciate clarification so I can design our age-based policies appropriately and in a regulation-compliant way.

I followed the method outlined in Apple's documentation to test "Revocation of Consent." Our server received the notification sent by Apple, but the parsed data only contains the following content (some data has been modified for privacy, but the fields remain unchanged): { "receiptType": "Sandbox", "bundleId": "com.xxx.xxxxx", "receiptCreationDate": 1764932591296, "requestDate": 1764932591296, "originalPurchaseDate": 1375340400000, "originalApplicationVersion": "1.0", "appTransactionId": "705020051250081000", "originalPlatform": "iOS" } How can we identify that "a parent/guardian has revoked authorization for a specific user"? We are unable to determine which minor user should be restricted from using certain features of our app. I hope to receive a prompt response from Apple's technical experts! Thanks A Lot ！

In my case, when I try to block calls on iOS 26, the blocking doesn't occur; the scenarios seem intermittent. If I create two CallDirectory extensions, the first blocks the numbers, but the second doesn't. Interestingly, the extension marks the number as suspicious. There's also a case where, on iOS 26 on an iPhone 16 Pro, the functionality doesn't work at all. I'd like to know if there have been any changes to the use of CallKit in iOS 26, because users of my app on iOS 18 and below report successful blocking.

Hello! I am experiencing some strange bugs around DeviceActivityEvents: When creating a DeviceActivityEvent we can assign a threshold and applicationTokens. The idea is, that after the user has spent said threshold on said apps, eventDidReachThreshold is called. includesPastActivity is set to false. On iOS 26 however, it happens (quite reliably after updating to a new beta seed) quite often that eventDidReachThreshold is called immediately (after a couple of seconds) instead of waiting for the threshold to be met. Is anyone else seeing similar issues on iOS 26? Only workaround I have found is to ask users to re-grant Screen Time permissions. This only holds for about two weeks though or at most until the next iOS 26 beta update is installed. Feedback filed under: FB18061981 FB18927456

Is it possible to develop for TelephonyMessagingKit on iOS 26 outside of the EU? If so, how is this accomplished? I have added the 'Default Carrier Messaging App' entitlement to my project, but I do not see an option to set my app as a default option in settings on my device. I am not located inside of the EU, but would like to test this functionality.

On macOS 26, I've run into a situation when a user “customizes” a folder icon with Finder by assigning/changing an SF Symbol or an emoji, QLThumbnailGenerator keeps returning the stale initially retrieved folder icon (no matter whether it had been customized or not) until my app quits. After the app is re-launched, the icon is correctly retrieved once again. let generator = QLThumbnailGenerator.shared let size: CGSize = CGSize(width: 64, height: 64) let request = QLThumbnailGenerator.Request(fileAt: url, size: size, scale: NSScreen.main!.backingScaleFactor, representationTypes: .icon) request.iconMode = true do { let thumb = try await generator.generateBestRepresentation(for: request) thumb.nsImage.size = size return thumb.nsImage } catch { print("generateThumbnail: \(error)") return nil } It seems like the QuickLook Thumbnailing cache does not invalidate automatically upon folder customization. Is there any way to manually invalidate the QuickLook Thumbnailing cache?

I created my app with the wrong name and deleted it 3 days ago. When I want to create a new app, I can't use the old app's bundle id, even though I removed it. I opened a support case 2 days ago, but so far nothing changed.

My son uses an iPhone XS running iOS 18.7.2. He is able to bypass all Screen Time app limits by manually changing the date under Settings → General → Date & Time. When he sets the date/time forward or backward, the configured Screen Time restrictions no longer apply. Please make it possible on iOS 18.7.2 (and future versions) to prevent manual date and time changes when Screen Time is enabled, so that children cannot use this method to circumvent app limits.

Hello fellow developers...first time posting. I wrote a small app that I'm currently testing. However, I inadvertently built the Swift code using my "free" account and did not use my "paid" account. Aside from the restrictions of a free account, I want to migrate the project to the paid developer account. Is there an easy way to do this short of rebuilding from scratch??? Thanks in advance. s

I'd like to set my macOS app written in Swift as default app when opening .mp4 file. I think I can do it with setDefaultApplication(at:toOpen:completion:). https://developer.apple.com/documentation/appkit/nsworkspace/3753002-setdefaultapplication However, permission error occurs when I use it. The error is: Error Domain=NSCocoaErrorDomain Code=256 "The file couldn’t be opened." UserInfo={NSUnderlyingError=0x6000031d0150 {Error Domain=NSOSStatusErrorDomain Code=-54 "permErr: permissions error (on file open)"}} I tried to give my app full-disk access, but it didn't work. I also tried to use setDefaultApplication(at:toOpenFileAt:completion:), then it works with no error, but it effects on only one file. What I want to do is to set my app as default app of all .mp4 files. How do I achieve this? My code is like below: let bundleUrl = Bundle.main.bundleURL NSWorkspace.shared.setDefaultApplication(at: bundleUrl, toOpen: .mpeg4Movie) { error in print(error) } Thank you.

I encountered a concurrency compilation warning when calling the TranslationSession.translations(from: [TranslationSession.Request]) API, and I'm don't know how to resolve it. I reviewed the official demo, but it appears identical.

I'm working on a multi-process macOS application (based on Chromium/Electron) that uses Mach ports for inter-process communication between the main app and its helper processes. Background I have an MAS build working successfully via TestFlight for internal testing. However, public TestFlight testing requires Apple review, and while waiting for that review, I wanted to provide a directly distributable build for external testers. I attempted to create a Developer ID signed build with App Sandbox enabled, expecting it to behave similarly to the MAS build. The Problem With App Sandbox enabled (com.apple.security.app-sandbox) and identical entitlements, I observe different behavior depending on the signing certificate: Apple Distribution certificate: App launches successfully, mach-register and mach-lookup work Developer ID certificate: App crashes at launch, mach-register is denied by sandbox The Console shows this sandbox violation for the Developer ID build: Sandbox: MyApp(13605) deny(1) mach-register XXXXXXXXXX.com.mycompany.myapp.MachPortRendezvousServer.13605 The crash occurs when the app calls bootstrap_check_in() to register a Mach service for child process communication. What I've tried Adding com.apple.security.temporary-exception.mach-register.global-name with wildcard pattern XXXXXXXXXX.com.mycompany.myapp.MachPortRendezvousServer.* to the main app's entitlements - this resolved the mach-register denial. However, helper processes then fail with mach-lookup denial. Adding com.apple.security.temporary-exception.mach-lookup.global-name with the same wildcard pattern to the main app's entitlements (for inheritance) does not work. Analysis of /System/Library/Sandbox/Profiles/application.sb I examined macOS's App Sandbox profile and found that mach-register.global-name supports wildcard patterns via select-mach-filter: (sandbox-array-entitlement "com.apple.security.temporary-exception.mach-register.global-name" (lambda (name) ... (let ((mach-filter (select-mach-filter name global-name-prefix global-name))) (allow mach-register mach-filter)))) But mach-lookup.global-name does not - it only accepts exact names: (sandbox-array-entitlement "com.apple.security.temporary-exception.mach-lookup.global-name" (lambda (name) (allow mach-lookup (global-name name)))) Since the Mach service name includes the PID (e.g., ...MachPortRendezvousServer.13605), it's impossible to specify exact names in entitlements. I also verified that com.apple.security.application-groups grants mach-register and mach-lookup only for service names prefixed with the group ID (e.g., group.com.mycompany.myapp.), which doesn't match the TEAMID.bundleid. prefix used by Chromium's MachPortRendezvousServer. My questions What mechanism allows Apple Distribution signed apps to use mach-register and mach-lookup for these service names without temporary exceptions? I don't see any certificate-based logic in application.sb. Is there a way to achieve the same behavior with Developer ID signing for testing purposes? Related threads https://developer.apple.com/forums/thread/747005 https://developer.apple.com/forums/thread/685601 https://developer.apple.com/forums/thread/128714 (confirms temporary-exception can be used freely for Developer ID apps) Environment macOS 15.6 (Sequoia) Xcode 16.4 Both certificates from the same Apple Developer account