在iOS 26.4 beta3版本中，当前支付完成，获取的票据是上次支付的票据，在拉起一笔支付成，获取的又是上次支付的票据

Our game application is developed based on StoreKit 1, and an exception occurs on iOS 26.4: after players complete a payment, the finishTransaction method fails to properly remove the transaction from the SKPaymentQueue; as a result, when players restart the app, the system still triggers the retry process for this transaction (reconciliation of unpaid orders). Has anyone encountered this issue? If there is a solution, we would appreciate it if you could share it with us.

I have gotten all necessary entitlements for all my extensions, but screen time still does not work in Testflight. our app blocks social apps for a particular period of time.. This feature works in my Xcode physical device but fails in testflight

<Apple Developer Program许可协议>已更新并需要查阅。若要更新现有App和提交新 App，账户持有人必须登录账户，查看并接受更新后的协议。 apple 会费到期 续费以后 无法获取app内购数据，经排查可能是这个协议没有签署，签署后多久可以重新获取到app内购数据。

<Apple Developer Program许可协议>已更新并需要查阅。若要更新现有App和提交新 App，账户持有人必须登录账户，查看并接受更新后的协议。 app开发者会费 续费以后 app内购获取不到商品了，经排查可能是这个协议需要重新签署，签署以后多久可以重新在沙盒测试中获取到商品信息。

I'm building an app that uses the Family Controls / Screen Time APIs (FamilyControls, ManagedSettings). My app has three targets, each with a distinct Bundle ID: Main App Shield Configuration Extension ShieldAction Extension All three have com.apple.developer.family-controls in their entitlements files, and they share an App Group. My question is about the distribution entitlement request form at developer.apple.com/contact/request/family-controls-distribution: does the form need to be submitted once per Bundle ID, or is a single submission for the main app sufficient to then enable Family Controls (Distribution) for the extension Bundle IDs in the developer portal as well? I've seen conflicting reports in other forum threads — some developers say one submission covers all targets, others say separate submissions are needed per Bundle ID. I've already submitted the main app, but now I am wondering whether I should submit one for each Shield extension. Thanks!

Hi! We’ve had Live Caller ID Lookup in production for a while. We’re seeing backend RPS on our /queries endpoint much higher than our expected incoming call volume. While testing with Console.app during an incoming call, it looks like iOS may still hit our service even when the caller number is already in the user’s Contacts - but I’m not 100% sure from logs alone. Can you confirm: Does iOS invoke Live Caller ID Lookup (i.e. call /queries) for every incoming call, including calls from saved Contacts? If yes, is this simply expected framework behavior? Thanks!

While the recent news says "Developers who are distributing apps in Brazil can use the updated Declared Age Range API to obtain a user’s age category.", the guidance in the API did not mention Brazil. Can we confirm that Should all iOS developers follow that guidance for Brazil compliance? Will IsEligibleForAgeFeatures return true for in scope users in Brazil? (We don't have any explicit confirmation on this, and we cannot test if this is the case today in sandbox)

I want to track down which part of an app contacts a given domain listed in its App Privacy Report. Following the instructions given here I am able to capture a packet trace, but traffic to the domain in question is encrypted using QUIC. Is there a way to insert e.g. mitmproxy into the capture process in order to get hold of the SSLKEYLOGFILE so that I can decrypt the traffic?

Hello, We're seeing a high rate of providerDidReset callbacks in production across a large user base (iOS 16, 17, 18, and 26). I'd like to understand both the correct way to handle this delegate method and strategies to reduce its frequency. Background The callback occurs across all iOS versions we support and is not isolated to a specific device or region. The callback can occur in any app state (foreground, background, inactive), however it is most dominant in the background state — particularly during VoIP push notification handling. The callback is more prevalent during long app sessions — for example, when the app has been running continuously for a day or overnight. We do not call CXProvider.invalidate() anywhere in our codebase explicitly. After providerDidReset fires, subsequent transactions fail with CXErrorCodeRequestTransactionErrorUnknownCallUUID (error code 4). Re-initializing the provider via initializeProvider() resolves this error. Our Implementation We use a singleton proxy class (CallKitProxy) that owns the CXProvider. Below is a simplified version — some logging and non-essential parts have been removed for brevity. @objcMembers public final class CallKitProxy: NSObject { private var cxProvider: CXProvider? private let cxCallController: CXCallController private let cxCallObserver: CXCallObserver private override init() { cxCallObserver = CXCallObserver() cxCallController = CXCallController() super.init() initializeProvider() cxCallObserver.setDelegate(self, queue: nil) } private func initializeProvider() { let configuration = providerConfiguration() cxProvider = CXProvider(configuration: configuration) cxProvider?.setDelegate(self, queue: nil) } private func providerConfiguration() -> CXProviderConfiguration { let soundName = SharedUDHelper.shared.string(forKey: .pushNotificationSoundNameForCall) let sound = CallNotificationSounds(name: soundName ?? "ringtoneDefault") let configuration = CXProviderConfiguration() configuration.supportsVideo = true configuration.maximumCallsPerCallGroup = 1 configuration.maximumCallGroups = 1 configuration.supportedHandleTypes = [.phoneNumber, .generic] configuration.iconTemplateImageData = UIImage( named: "callkit_mask", in: .main, compatibleWith: nil )?.pngData() configuration.ringtoneSound = sound.name return configuration } public func requestTransaction( action: CXCallAction, completion: @escaping (Error?) -> Void ) { let transaction = CXTransaction(action: action) cxCallController.request(transaction) { error in completion(error) } } } extension CallKitProxy: CXProviderDelegate { public func providerDidReset(_ provider: CXProvider) { // End any active calls, then re-initialize the provider initializeProvider() } } Questions 1. Is re-initializing the provider inside providerDidReset the correct approach? The documentation states that providerDidReset signals the provider has been reset and all calls should be considered terminated. Should we be calling CXProvider.invalidate() on the old instance before creating a new one? Or is assigning a new CXProvider to cxProvider (which releases the old instance) sufficient? 2. What could be causing providerDidReset to fire so frequently, and how can we reduce it? We're particularly concerned about cases triggered during VoIP push handling in the background and inactive states. Are there known conditions — such as provider configuration changes, app lifecycle events, or system memory pressure — that commonly trigger this callback? And are there any recommended patterns to make the provider more resilient in these scenarios? Thank you.

Mounting NFS to the application's own container directory using NetFSMountURLSync failed. Mounted to /Users/li/Library/Containers/com.xxxxx.navm.MyNavm/Data/Documents/NFSMount Do sandbox applications not allow mounting NFS cloud storage? code: // 1. NFS 服务器 URL（指定 NFSv3） let urlString = "nfs://192.168.64.4/seaweed?vers=3&resvport&nolocks&locallocks&soft&intr&timeo=600" guard let nfsURL = URL(string: urlString) else { os_log("❌ 无效的 URL: %@", log: netfsLog, type: .error, urlString) return } // 2. 挂载点（必须在沙盒容器内） let fileManager = FileManager.default guard let documentsURL = fileManager.urls(for: .documentDirectory, in: .userDomainMask).first else { os_log("❌ 无法获取 Documents 目录", log: netfsLog, type: .error) return } let mountPointURL = documentsURL.appendingPathComponent("NFSMount", isDirectory: true) // 创建挂载点目录 do { try fileManager.createDirectory(at: mountPointURL, withIntermediateDirectories: true, attributes: nil) os_log("✅ 挂载点目录已准备: %@", log: netfsLog, type: .info, mountPointURL.path) } catch { os_log("❌ 创建挂载点目录失败: %@", log: netfsLog, type: .error, error.localizedDescription) return } // 3. 挂载选项（使用 NSMutableDictionary 以匹配 CFMutableDictionary） let mountOptions = NSMutableDictionary() // 如果需要，可以添加选项，例如： // mountOptions[kNetFSNoUserAuthenticationKey as String] = true // 4. 调用 NetFSMountURLSync var mountPoints: Unmanaged<CFArray>? = nil let status = NetFSMountURLSync( nfsURL as CFURL, mountPointURL as CFURL, nil, // user nil, // password nil, // open_options mountOptions, // 直接传递 NSMutableDictionary，自动桥接为 CFMutableDictionary &mountPoints ) log: 0 sandboxd: (TCC) [com.apple.TCC:cache] REMOVE: (kTCCServiceSystemPolicyAppData, <Credential (0x7ed0b4230) | Audit Token, 42834.109774/501>) 2026-03-03 21:38:27.656702+0800 0x2de8d8 Info 0x867e9d 408 0 sandboxd: (TCC) [com.apple.TCC:cache] SET: (kTCCServiceSystemPolicyAppData, <Credential (0x7ed0b4230) | Audit Token, 42834.109774/501>) -> <Authorization Record (0x7ecca8180) | Service: kTCCServiceSystemPolicyAppData, AuthRight: Unknown, Reason: None, Version: 1, Session pid: 42832, Session pid version: 109769, Boot UUID: 7DDB03FC-132C-4E56-BA65-5C858D2CC8DD, > 2026-03-03 21:38:27.656753+0800 0x2de8d8 Default 0x867e9d 408 0 sandboxd: (libxpc.dylib) [com.apple.xpc:connection] [0x7ecc88640] invalidated after the last release of the connection object 2026-03-03 21:38:27.656772+0800 0x2de8d8 Debug 0x867e9b 408 0 sandboxd: (TCC) [com.apple.TCC:access] disposing: 0x7ecc3aa80(OS_tcc_message_options) 2026-03-03 21:38:27.656779+0800 0x2de8d8 Debug 0x867e9b 408 0 sandboxd: (TCC) [com.apple.TCC:access] disposing: 0x7ecc44820(OS_tcc_server) 2026-03-03 21:38:27.656788+0800 0x2de8d8 Info 0x867e9b 408 0 sandboxd: [com.apple.sandbox:sandcastle] kTCCServiceSystemPolicyAppData would require prompt by TCC for mount_nfs

Hello, I am working on a cross-platform application where IPC between a LaunchDaemon and a LaunchAgent is implemented via Unix domain sockets. On macOS, the socket path length is restricted to 104 characters. What is the Apple-recommended directory for these sockets to ensure the path remains under the limit while allowing a non-sandboxed agent to communicate with a root daemon? Standard paths like $TMPDIR are often too long for this purpose. Thank you in advance!

Hi, I am submitting auto-renewable subscriptions for the first time for a brand new iOS app (never approved before). Setup: App ID has In-App Purchase capability enabled Subscriptions created under a subscription group All metadata (pricing, localization, availability) completed Subscriptions currently show In Review Testing via TestFlight build Bundle ID matches App Store Connect Using react-native-iap (StoreKit under the hood) When calling: await getSubscriptions({ skus }) I consistently get: products fetched: 0 ProductsUnavailableError Also, the app version page does not show the “In-App Purchases and Subscriptions” section. Question: For a brand new app, will StoreKit return empty products while the first subscriptions are in review? Do the first subscriptions need to be approved and/or attached to a new app version before they become available in TestFlight sandbox? Thanks for any clarification.

We have an iOS/iPadOS (mixed use of UIKit/SwiftUI) app on the App Store since a couple of years. Over the last month or so, we are receiving many user reports complaining about app freezing and behaving very bad generally. The common denominator for all of these users (~10) is that they are using iPad Pro M4, 13 inch, and they are on at least iPadOS 26.2 - some have updated to 26.2.1, 26.3 etc but the problems remain. Some of the users say that they were using our app normally, until the release of 26.2, or perhaps 26.2.1, from when the problems seem to have started. Some report the problems that go away when they "use another WiFi", or when they hold the device in portrait mode (it seems that many complaints seem to suggest that the problem is in when holding the device in landscape). Other say the app works fine if they start it without network enabled, and after enabling network, continue in the app. While we currently do not have an iPad Pro M4 13 inch to test with, we haven't been able to reproduce the problem on any other device. We haven't heard of any similar problems from users of other devices. While we have no idea what is causing these problems, my feeling is that there might be a possibility that there is some kind of problem with iPad Pro M4 and the recent iPadOS versions. Just reaching out to see if anyone else have seen anything similar.

https://developer.apple.com/feedback-assistant/profiles-and-logs/ There is no iOS profile in this link.

Several of my users are reporting on at lest recent and current versions of iOS the value from one characteristic can be swapped with another. Originally I thought this was a library issue but it doesn't happen on Android and now a user with two iPhones using the exact same app and iOS 26.3 on both has the issue on one phone but not the other. I've gone into more detail here which also includes a little data dumping to prove the values between characteristics can be mixed up. https://github.com/dotintent/react-native-ble-plx/issues/1316 One user reported cycling Bluetooth on/off fixed the issue but the latest user says it does not. For the peripheral the services can only change if the device enters firmware update mode (in which case the service UUID is different). Otherwise the characteristics on a service never change. This would make it a strange one to be caching related since the cache should always be correct.

'Guideline 2.1 - Performance - App Completeness' - "...could not be found in the submitted binary." I have checked with internal and external testers and my devices and simulators, everyone sees the in app purchases but I just had my submitted rejected for the second time with the comment that these in-app none-consumable purchases cannot be found with the submitted binary. I even attached a slow step by step screen recording for the review reply after the first rejection showing how to reach the purchasable packs by navigating through only 3 buttons: "How to access the purchase flow: Launch the app Tap the bottom-center Settings button (icon: switch.2) Tap “Customisation gallery” Scroll to find any pack listed above Tap the pack price chip Tap “Buy pack – [price]” to start the StoreKit purchase flow" I also attached a clear image along with detailed instruction (same as above) for the Review Information. and the second rejection was received today for the same reason. I'm being guided to the localization 'Developer Action Needed'. I'm not sure what more can be done? I feel like my review replies aren't even looked at.

Is there an FSKit sample available? I have tried sample code from https://github.com/KhaosT/FSKitSample on macOS Tahoe 26. I am able to compile the code, with signed/unsigned code, the mount always hangs on Apple Silicon macOS Tahoe 26. Here is the mount script: mkfile -n 100m dummy // create a dummy file hdiutil attach -imagekey diskimage-class=CRawDiskImage -nomount dummy // mount the newly created file as a raw block device mkdir /tmp/TestVol mount -F -t MyFS diskX /tmp/TestVol Any idea why the mount hangs.

A macOS privileged helper tool that uses SubProcess crashes on intel Macs (running macOS 13 - 15: unable to test on macOS 26 on intel) with the error that libswiftCompatibilitySpan.dylib cannot be loaded when built with XCode 26.3. The same helper tool works as expected with XCode 26.2. The helper is installed using SMAppService. When I remove the dependency for SubProcess, the crash no longer occurs (but important functionality is also disabled).

I set the value of NSURLHasHiddenExtensionKey. I provide a textfield to rename a file and I set this flag based on whether the user has deleted or left on the path extension. So -setResourceValue:forKey:error: returns YES, does not populate the error, but does not honor the value I just set it to. I'm always setting it off the main thread on the same serial queue. Works the first time I rename the file then it just starts failing (silently). For example: NSError *setError = nil; if ([theURL setResourceValue:@(NO) forKey:NSURLHasHiddenExtensionKey error:&setError]) { [theURL removeAllCachedResourceValues]; NSNumber *freshRead = nil; NSError *getError = nil; if ([theURL getResourceValue:&freshRead forKey:NSURLHasHiddenExtensionKey error:&getError]) { if (freshRead.boolValue) { NSLog(@"it is yes when it should be NO."); } } if (getError != nil) { NSLog(@"Get error: %@",getError); } } if (setError != nil) { NSLog(@"Set error: %@",setError); } While I get that it is possible for there to be other apps setting this value at the same time as my app, doesn't really seem possible in my local environment right now. No errors log out but "it is yes when it should be NO." does log out.