Xcode 8 disables the ability to run 3rd party plugins (such as Alcatraz), in favor of providing an official extensions API. From what I’ve heard, it sounds like the Xcode engineers are open to community feedback and want to provide the extension points that the community needs. This is great for security and for preventing the next XcodeGhost 👻, however, only the source editor extension is available right now, which means that some of our favorite community plugins are disabled after upgrading to Xcode 8.

These plugins are prevented from running because Xcode 8 is signed to prevent any unsigned code from being injected and executed (which is how community plugins work). We can enable plugins again by unsigning Xcode, but once Xcode is unsigned, we lose the security benefits that come with Apple’s changes. So, what can we do?

The plugins that I use are things that I want to have while I am actively developing, and the security benefits I only really care about when I am building deployment builds for a beta or public release.

In light of this, I’ve created xcunsign. This is a small tool that unsigns (and later restores) an installation of Xcode. With it, I can unsign while I’m actively coding and debugging, and then restore to the signed binary before I build a deployment. Even better, I can integrate xcrestore into my fastlane configuration, so that I know that all deployment builds will be built with the signed Xcode binary.

Setup

Download the repo from github and optionally include the scripts in your PATH.

xcunsign

To unsign, call the script, passing in the version of Xcode that you want to unsign. The script will find the copy of Xcode in the /Applications directory with that version, and unsign it. It will keep a copy of the original, signed binary as Xcode.signed next to the unsigned binary as Xcode.app/Contents/MacOS/Xcode.signed.

xcunsign 8.0

This will also update your Xcode installation’s icon, to indicate that Xcode is currently in an unsigned state.

xcrestore

To restore the signed binary, the original copy of the Xcode binary will replace the unsigned copy, restoring your Xcode installation to its original, “official” state.

xcrestore 8.0

This will also restore Xcode’s icon to the standard icon, to indicate that you are again running a signed copy of Xcode.

Automating

If you are doing your deployments from a CI machine, you should keep that installation always signed. If you ever need to do a deployemnt locally though, you’ll want to verify that you are building with a signed copy of Xcode. Fastlane has an action called verify_xcode which can be used to fail the build if Xcode is currently unsigned. Just add this action to your Fastfile to guarantee that you are shipping with a signed copy.

You could also call xcrestore from the Fastfile’s before_all and call xcunsign from the after_all so that your development environment is restored after a build is completed. I’m planning to wrap this into a fastlane plugin, and will put up a new post when that is ready.