Group Container Names in Sequoia
On both macOS and iOS, sandboxed apps use group container folders to share data between the main app and extensions, such as the Subscribe in Unread share extension and Unread’s widgets.
[…]
On beta releases of Sequoia (macOS 15) using the “group.” prefix results in the customer getting an alert with this text at every launch:
“Unread.app” would like to access data from other apps.
Keeping app data separate makes it easier to manage your privacy and security.
I fixed this by changing the group container identifier.
I don’t like [how] Sequoia restricts how shared group containers can be named. So far I used “group.com.bluebanana-software.iyf”, which leads to a permission dialog each time the app is started. Now it needs to be “<TeamID>. com.bluebanana-software.iyf”.
To migrate to the new container, the user needs to actively give permission to access the old file as now it is outside of the app’s sandbox.
Thankfully it only seems to impact “native” Mac apps built for Sequoia. Existing apps and Catalyst apps (mine anyway, knock on wood) don’t seem to show the popup.
Previously:
- Sequoia Screen Recording Prompts and the Persistent Content Capture Entitlement
- Unread RSS Reader for Mac
- ChatGPT Privacy and Mac Sandbox Containers
Update (2024-09-12): Pedro José Pereira Vieito:
Mac Catalyst apps can use the
group.*
Group Container identifiers because Apple does add that identifier to their provisioning profile (like with iOS apps). Mac App Store apps can also use them as they are signed by Apple.Unfortunately, Apple is not currently adding the App Groups entitlement to the provisioning profiles of native Mac apps, so you will get the permission prompt when developing an app or when distributing it outside the App Store.
Previously:
3 Comments RSS · Twitter · Mastodon
That explains an issue with a Downie Safari Extension that fires off a popup the first time a link is clicked on a fresh Safari window since I've been on the beta (any link, not just clicking on a Downie toolbar button or menu item). Haven't been able to find anyone describe it in the same way. Thanks!
I now have another reason not to upgrade to Sequoia. All of the reasons so far (other than that it will probably be buggier than previous OS releases, at least at first) center around trying to minimize the number of annoying pop-up dialogs in my life.
This is also another good example of how Apple makes life hard for developers. Every time they make these sort of changes, I reminded of this Arthur Dent quote: "You hadn't exactly gone out of your way to call attention to them had you? I mean like actually telling anyone or anything?"
> or when distributing it outside the App Store.
Is it possible that "App Store" refers specifically to Apple's App Store? If so, I wonder if this is to undermine other alternate app stores and mock the EU.