Rendered at 05:12:25 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
codazoda 7 hours ago [-]
One down-side to this is that it does require you to run the agent on your Mac instead of in a Sandbox. I do this too and there are lots of problems I can't solve in a sandbox. I know a lot of you are throwing your hands up at the years of security practices we're throwing out the window when we do that.
The fact that xAI uploaded someone's home directory, including their SSH keys, is giving me serious pause at my choices here.
Generally, I don't worry about my machine being "blown up". I don't have a TON of unreproducible stuff on my machine. Everything is backed up, committed to git, and the like. I can restore most of it in a couple hours.
That said, I really, really don't want my .SSH directory sent to an AI agent and it's silly to prompt your way around that. You need to block it at the system level. I'm considering a separate user and then 700 permissions on my home directory.
I feel like we're back to 1990's security here. The double-edged sword is that it's helping us get things done at a pace like never before.
I'm not throwing shade here, I'm among the guilty.
999_cirno 6 hours ago [-]
> require you to run the agent on your Mac instead of in a Sandbox
You don't have to! All recent Macs come with nearly zero perf cost virtualization. You can easily run Mac or Linux VMs assuming same architecture. Use it all the time for development and whatever.
Use Tart [1] or VirtualBuddy [2], both open-source, for a packaged solution. Or in the spirit of this post, vibe code your own wrapper around the OS API [3]
More recently, there are also Apple containers [4]
>> I feel like we're back to 1990's security here.
> vibe code your own wrapper around the OS API
Maybe stick with one of the existing projects? Throwing out all of the edge cases and hardening that went into a security-related project just to burn a bunch of resources to generate a worse one you have to maintain yourself is 90s-level security with 2026-level inefficiency, IMO.
999_cirno 3 hours ago [-]
Of course, if you're not comfortable with reading or designing code, or don't feel like tinkering, you can use an existing project and they work great
But it is to note that the OS APIs do the heavy lifting, the projects are just wrappers
DrewADesign 3 hours ago [-]
Generally, assuming an RYO solution is a reasonable first approach is is a trap beginners fall into.
999_cirno 3 hours ago [-]
Strong StackOverflow "don't do anything new, god forbid you may actually learn something" vibes
On "Hacker" News of all places :)
ben_w 2 hours ago [-]
> don't do anything new, god forbid you may actually learn something
vs
> vibe code your own wrapper around the OS API
999_cirno 2 hours ago [-]
In fact, I suggest reviewing the documentation to assess your own level:
If the below sounds too complex to work with, can review more basics first. Can start with a Swift tutorial
virtualMachine.start(completionHandler: { (result) in
if case let .failure(error) = result {
fatalError("Virtual machine failed to start with \(error)")
}
})
iririririr 2 hours ago [-]
all community projects (specially the ones maintained or opensourced by model owners) will certainly have the security-convenience trade offs set all the way to convenience while advertising all the (off by default) security features
gwking 7 hours ago [-]
I've been working on a wrapper harness that runs claude as a separate user named `agent`. I tried this about a year ago and couldn't get it to work because of OAuth and the keychain, but took another pass recently and claude had enough self-knowledge about recent changes to say we could do it with CLAUDE_CODE_OAUTH_TOKEN. It has required building a some tooling around permissions setup with ACLs but it works on macOS today.
In terms of risk, I see it as halfway between stock claude with the sandbox and full-blown container or machine isolation.
I was recently thinking that as Claude's own sandbox gets better I'm doubting the ROI on my belt-and-suspenders project, but your comment reminds me why I'm doing it.
It is not currently published open source but I'm happy to talk about it with strangers.
aetch 53 minutes ago [-]
They should’ve expected that using xAI
theredleft 6 hours ago [-]
I run my AI headless in a docker container and give it access to git – it can only contribute code - when it needs a secret I put it in a docker container in vault. when it needs infra, it makes me a jira ticket. that's my workflow.
saagarjha 4 hours ago [-]
This is more challenging for macOS.
danielheath 3 hours ago [-]
I've been doing it just fine on macOS for awhile now. What's challenging about it?
mikodin 3 hours ago [-]
I think particularly for iOS development. I was all in on sandboxed approaches...until I went to build an app, and now unfortunately convenience won
0xcrypto 2 hours ago [-]
A question, how are you or anyone else doing this is registering bundle identifiers without opening xcode?
ghjnut 7 hours ago [-]
I've been running my agents in a docker sandbox that automatically mounts the current directory. It's been a bit of a pain to figure out and maintain the set of tools I provision into the sandbox- but it's fun to watch codex go to the ends of the earth trying to figure out solutions using nodejs (the only runtime).
arianvanp 6 hours ago [-]
okay but that doesn't help a single bit with the OPs point. Your xcode tools do not run inside a docker container
pianopatrick 7 hours ago [-]
You could move your SSH keys onto a password encrypted usb drive that you physically remove from the computer.
wrxd 7 hours ago [-]
An alternative is to use ssh keys stored in the Secure Enclave with tools like https://secretive.dev/
pianopatrick 6 hours ago [-]
Seems to me a tool like that would stop the agent from sending those specific keys elsewhere. But a tool like that would not stop the agent who is acting as you from using the SSH keys via the CLI. You would want to combine that with other tactics like having the agent run as some other user.
samhclark 6 hours ago [-]
Secretive (and the similar built-in functionality [1]) both allow you to require TouchID too. I found an okay balance using two SSH keys: one for commit signing (w/o TouchID) and one for everything else (requires TouchID, or PIN on Linux)
So, the actions that I really don't want the agent to take (establishing an SSH connection, pushing to a git remote) always require my manual intervention.
... you're getting the agent to sign commits for you without manual intervention?
colechristensen 7 hours ago [-]
Your sandbox can be a separate Mac user account.
You can also use native Mac VMs.
Many people have created Mac VM projects to do exactly this, I was working on one but was stalled too often because before I started using claude I bought a new laptop with what I KNEW was enough disk space.
The 100 GB or so I need to comfortably do the VM stuff just isn't available on my mac.
fragmede 7 hours ago [-]
On a Mac. Just get a Mac mini. It doesn't have to be a crazy big beefy one, and if you're selling apps, it's a justifiable business expense.
kxxx 9 hours ago [-]
I've been building and testing my iOS app just for fun via Linux only.
You do not need to upload to TestFlight or the App Store; you can just install the app locally to your iPhone via usb -- even from Linux!
When in doubt, just ask your coding agent of choice to help you create and upload a Hello World iOS app. It's really easy.
sdicker 8 hours ago [-]
I’ve been doing the same except that my linux installation is via WSL on Windows. I’ve been using sideloadly to move my IPA over to my phone. Works great.
timcobb 5 hours ago [-]
Woah thanks for sharing will have to check this out.
GaryBluto 8 hours ago [-]
Does the iPhone need to remain tethered if it is transferred via USB?
drakythe 8 hours ago [-]
Dev apps need to be re-loaded every week (or two?) last time I did sideloading. The idea behind a dev app, in Apple's mind, is that it is for limited testing, so they have an expiration when not signed/installed through the App store.
judge2020 3 hours ago [-]
That is specifically for apps installed with a personal signing certificate, when you haven't paid for a developer account. If you pay the $99 program fee, you get 365 days of validity.
amelius 6 hours ago [-]
Do the coding agents know about this tool?
Yiin 6 hours ago [-]
just link it?
thephyber 5 hours ago [-]
“Just link it” is like telling an intern to “use this program”. It will take a while (and each LLM user will burn tokens while learning).
This is the perfect use case for a skill: one person takes the hit to create the skill and then anyone else who wants the tool can use the skill.
CharlesW 10 hours ago [-]
If it's okay to mention my own complementary open source project, Axiom¹ does a good job of helping coding harnesses know how to do this effectively for Apple OS development.
In addition to a deep roster of skills and agencts, Axiom includes several for-LLM tools². xclog, xcprof, xcsym, and xcui are designed to be used by LLMs, and expose capabilities in a token-efficient way. These tools are equally helpful for non-Axiom skills/agents.
Silly question, but do you reckon it'll function decently in a Kotlin multiplatform codebase? There's swift native code, but I'm not sure how it would perform with some logic being shared.
CharlesW 7 hours ago [-]
Not silly at all. For Compose Multiplatform, Axiom won't do much for code review or generation. It might be useful for operations on the built app: console capture, crash symbolication, simulator UI/accessibility driving, CPU profiling, plus the whole shipping layer (signing, privacy manifests, submission).
semiquaver 10 hours ago [-]
Axiom is excellent, thanks for making it!
CharlesW 7 hours ago [-]
I'm glad that it's been valuable for you!
smashah 7 hours ago [-]
Use axiom all the time thanks for your work. The next frontier in iOS app tooling is self-hostable Linux based build server. Thoughts?
CharlesW 6 hours ago [-]
Sounds very intriguing! Please reach out (see my profile) when you're ready to share more.
I've been using agents to develop Mac and iOS apps for over a year now and I would say this post is bad advice, particularly because the excellent Xcode MCP requires Xcode to be running. The MCP tool gives you faster, better access to a number of functions for which xcodebuild is much slower and much chattier and a number of others (like the #Preview generation and rendering) that aren't possible at all while Xcode is closed. Also, in Xcode 27, the MCP & built-in agents are able to drive simulators with DeviceHub extremely well. (If you haven't been following, DeviceHub replaces Simulator.app and as far as I can tell, it's actually scrutable by agents without relying on hacking at the accessibility APIs with tools like axe.)
Xcode MCP is not perfect, by any stretch (stupidly, it issues a permission prompt on every single agent launch—something I defeated with a Keyboard Maestro hack to auto-accept it), but Xcode 27 is such a huge leap forward in the ergonomics of vibe coding with Xcode that I've actually stopped dealing with the MCP and (after an afternoon of futzing) have started using the app's own agent UI for driving Codex because that harness better steers the model to take advantage of the tools available.
All of this redounds to two things: faster feedback and more robust verification. The two things that matter most.
dostick 57 minutes ago [-]
There’s Xcode-mcp-proxy that proxies Xcode’s mcp and adds clicking dialog and reconnects.
How do you deal with macOS app testing? Do you use Peekaboo or plain screenshotting automation?
leo150 47 minutes ago [-]
I would suggest trying out xcode mcp by Sentry, it’s much more comprehensive and doesn’t need running Xcode
Tiberium 10 hours ago [-]
It's kind of funny to be reading this:
> I had Claude Code create mine: I told Claude, more or less: I want to archive, Developer ID-sign, notarize, staple, and install this app to /Applications without ever opening Xcode. Write me a script that does the whole chain and fails loudly if any step breaks.
Even though the text we're reading is Claude talking to us as well :)
Also it was weird to see the mention of "ask your LLM" at almost every stage in the blog post:
> point Claude Code or your LLM coding tool of choice to this blog post, and let it figure it out
> When in doubt, ask your LLM of choice about them and have it help you get set up. It’s the one that’s going to be using Xcode for you anyway.
> The whole point of using the LLM in the first place is to avoid doing things manually that you don’t want to do.
> Again, if in doubt, ask Claude Code or your LLM of choice to create this for you.
> Again, this is why you talk to your LLM, tell it what you want, and have it help build your workflow.
ryandrake 10 hours ago [-]
Claude telling us to point Claude to a web site written by Claude so that we can use Claude to create a build environment...
ericol 9 hours ago [-]
yo dawg
natpalmer1776 9 hours ago [-]
I heard you liked Claude, so I put extra Claude in your Claude so you can do more Claude.
lossyalgo 7 hours ago [-]
I suppose it's easier to turn everyone into unwitting tokenmaxxers than it is to raise prices again.
7 hours ago [-]
frollogaston 3 hours ago [-]
Claudius Claudianus (aka Claudian)
theParadox42 9 hours ago [-]
… that Claude can use, because Claude can’t use the XCode gui very efficiently.
carimura 8 hours ago [-]
"Claude was the only LLM to survive the LLM Wars."
throwaway613746 7 hours ago [-]
[dead]
quasarj 7 hours ago [-]
The mistakes in the text made me doubt it was AI, but who knows, maybe it's doing that on purpose now
ImaCake 6 hours ago [-]
It seems too concise to be AI. My (conscious) heuristic for AI writing is how much context is squeezed into a sentence. LLMs seem to be pretty bad at the kind of elegant compression of meaning humans can do when they have done a lot of writing practice.
If I had to guess, I would say this is the human summarised conversation(s) with a bot.
chrisvenum 34 minutes ago [-]
React Native + Expo is also a good option if you want to touch the iOS/Android IDEs as little as possible.
You use Xcode and Android studio to install the device sims and then expos tool chain handles the rest, even for deploying to stores.
If you are on a windows computer and can’t install Xcode, you can even run your iOS app directly on an iPhone with their managed app.
I don't see the point of this, if you use Claude or whatever frontier LLM you like, you need Xcode only to start emulators / install app on phones or to upload a binary.
WhitneyLand 6 hours ago [-]
Everyone will still need to use Xcode for at least some debugging, no way around that.
As for the builds, your agent probably already knows how to do a lot of this from the command line, although explicit suggestions can help it build faster for different situations.
As for XcodeGen, you may find it unnecessary overhead if you're already using Xcode file system synced groups.
With this not only do you not need Xcode all the time, you also don't even need to be near a MacBook.
Just make changes via Codex on your iPhone, the tell asc to build and upload to TestFlight, download and run the new version, iterate.
bobthebob 2 hours ago [-]
I’m chiming in here to say I did pretty much build an entire iOS app with agents, and it launched it on the App Store for me, along with a social push.
I only used Xcode to preview the builds on my device and then guide the prompts more
dvduval 4 hours ago [-]
What continues to bother me is just that developers who don’t have the budget are pretty much pushed out of iOS development because they can’t afford a Mac. And every time that Apple increases the price of their products, more people are blocked from being able to develop on them.
geraneum 38 minutes ago [-]
People not having access to tech is bothersome, but nowadays Apple offers affordable machines compared to the same/worse specs from competitors. For example a MacBook Air with Apple Silicon and a moderate amount of memory.
landseer100 14 minutes ago [-]
we are building revyl.com for exactly this. You should check out our CLI: https://github.com/RevylAI/revyl-cli, it lets your agents xcode build and spin up multiple simulators in parallel (all in the cloud). Would love your feedback!
mvkel 8 hours ago [-]
In my experience, the better long-term choice if you're going to vibe code an app is to use Expo.
Its basis is React, so the code output quality is much higher than Swift because there is much more React code in LLM training data.
Everything is in the command line, and debugging is a breeze because it's a web view. But once it's compiled to native iOS, it feels like any other native app.
Expo + Fastlane = fully automated iOS submission and deployment. I issue one command and see a new version in the App Store.
hetspookjee 8 hours ago [-]
Some parts when creating a new app cannot be automated right? Eg registering the app itself for example.
fragmede 7 hours ago [-]
You can have your AI agent use computer-use to click around on in a browser open on developer.apple.com if that's counts as automated to you.
Our code broke
It looks like there was an error we need to look at. Sorry about the inconvenience.
cobbzilla 5 hours ago [-]
HN hug of death? seems to be back now.
fwiw, expo seems solid; the uptime of expo.dev won't affect an app built with it.
octavore 5 hours ago [-]
Shameless plug: I've been working on strudel [0], a CLI that uses a lot of the same ideas in this post and allows you to build/sign/notarize Mac (and iOS) apps without touching Xcode. It has a dry run mode so you can see the actual commands being run, which was important to me to have so there's no mystery about what's happening.
I should blog about more this, but I also went to some effort to add support free iOS provisioning with just an Apple ID (using internal APIs); and creating a nice DMGs for macOS app distribution (reverse engineered .DS_store files for this). And there's also a built-in command to install skills for coding agents, which was fun.
This [1] is an example app I built with it, a simple utility to manage macOS file extension handling.
This is cool but also makes me worried about the tendency with llms for all of us to make bespoke solutions rather than building a better community tool or extending an existing tool to solve the problem. fastlane exists to solve exactly this problem in the mobile space.
ryandrake 10 hours ago [-]
Also, shell scripts as part of a build are usually a little worrying. I'd at least want the build steps to be all integrated into my Makefile or CMakeLists.txt
doug_durham 9 hours ago [-]
The llm is the better community tool. The important change is that you don't have to settle with someone developing a monolithic tool that happens to do what you need it to do. That was the way things used to need to be done because of the cost.
vl 9 hours ago [-]
Bespoke solutions are better in many cases. They do exact things required for the project without taking extra dependency. Reducing dependencies is beneficial, because dependencies require management. So with llms economy of taking dependency shifted.
If you’re paying the $100/year to publish to the store you also get access to Xcode cloud, which you can point at a repo and it will build snd archive for you to distribute to testflight. I opened xcode to test locally in simulator the first time but haven’t had to since.
Using godot iOS export.
For regular old native ios dev replacing Xcode i don’t think i would do it.
gnachman 1 hours ago [-]
Not using Xcode is the greatest improvement in quality of life I have known aside from recovering from a debilitating back injury. So good.
gwking 6 hours ago [-]
I have one weird trick for people who are exploring this vein. I last opened an Xcode project about five years ago so I could be way behind the times.
Having spent many years fighting with Xcode professionally, I was thrilled when swift build came out, and then appalled at how badly Xcode adopted it. Eventually I realized that you can set up your entire app as a swift package, and then the Xcode project with a single main source file that calls some `app_main()` (or whatever you want to call it) function in your package.
I cannot remember exactly but there was something annoying about setting up a new project; I think by default Xcode assumes that you want a swift package to be treated as a dependency that is checked out from git, but there was a way to drag and drop a local dependency in the same project directory and then it worked.
What this buys you is that files are no longer tracked by Xcode, so renames/merges no longer trigger project.pbxproj surgery. Instead you specify the swift package directories and are done.
I used this for some large personal projects and was very happy with it.
At one point I also wrote my own build tool that imitated all of the steps that Xcode took so that I could truly be Xcode-free. That also worked (and was not even that hard) but I went back to Xcode because the debugger UI was better than what I could get out of VS Code at the time, and especially because I was playing around with the Metal debugger.
scosman 49 minutes ago [-]
small issue: xcodebuild will just randomly fail sometimes. And the solution is to... open and close Xcode. I wish this wasn't true, but it is.
notimetorelax 47 minutes ago [-]
Can LLM do this too? If yes, then it’s annoying but is not a blocker.
21-DOT-DEV 3 hours ago [-]
The comments here clearly point out that building and shipping have been the automatable parts (and for some time now).
To anyone who's chased a crash that only reproduces on a physical device knows the fix was never more log statements added by ai but rather a breakpoint, the debugger, and thirty unglamorous minutes of stepping through code line-by-line (terminal lldb technically counts, but barely).
hyzyla 9 hours ago [-]
Check also Sweetpad CLI. It’s basically wrapper around xcodebuild, but humans and agents. It’s my next project after Sweetpad VSCode extension for developing iOS/Swift applications in VSCode. Cli is still in beta, but I see on my own project that it’s already quite pleasant to use
Regardless of the vibe coding aspect, there's good information here for anyone new to the mac/ios build/distribution workflows.
theraven 8 hours ago [-]
Interesting this is coming across as novel. This is how CI build machines for Apple’s platforms have been setup in perpetuity.
frollogaston 5 hours ago [-]
True, but it'd take me a while / forever to figure out how. Reminds me of when I yelled at Gemini until it'd make me a Minecraft Bukkit plugin without installing anything besides the JDK, way easier task but it was still insisting on Gradle for a while.
Schiendelman 10 hours ago [-]
I've been using essentially this process (with Claude Code) for about six months. There are a couple of places where I've opened xcode; mostly to update the simulators for new betas of xcode 27, and once to add a target for Apple Watch (and I think something for HealthKit).
Interestingly, since about Opus 4.6, Claude has been able to reason its way into this process on its own. It was clunky until 4.7, and in 4.8 it's managed to find its way around every reason I had to open xcode myself.
mulmboy 8 hours ago [-]
I went to build an open source app from GitHub and was pretty surprised that it requires Xcode and that Xcode can't really be installed without an apple id. I do not want to make one and I certainly will not sign my computer into one.
I did end up somehow installing Xcode via some shady download and was on my way. But the whole ordeal left a very sour taste.
everfrustrated 8 hours ago [-]
Heck you can't even compile against many of the Mac APIs without a cert unlocked by a paid developer account.
swiftcoder 8 hours ago [-]
Running a Mac without an Apple ID feels like an exercise in masochism. I wasn’t aware one could even still it through first run without
xyzzy_plugh 7 hours ago [-]
Why do you need one?
balder1991 4 hours ago [-]
I think because the only places you can download it from are either from the App Store or logging into Apple’s developer’s website.
sneak 8 hours ago [-]
Though the primary way of installing Xcode is via MAS (requiring Apple ID login), Xcode can be downloaded from the Apple Developer website without an ADP membership, though you do have to log in to the website with an Apple ID. You don’t have to log into the Mac with an Apple ID though, you can then install and use it on a Mac without an Apple ID (though you will need one inside Xcode to sign apps to get them to run on an iOS device).
schainks 10 hours ago [-]
I just set up my pipeline to do this exact thing for both the Apple and Android ecosystems, dispatching loads to my mac studio or Linux box accordingly. I moved the runners off GitHub because uptime for GitHub actions has been trash lately, and the Apple Silicon runners are pricey.
Claude was great at figuring out what was broken when and either fixing it, or clicking as far as it could until it needed me.
You could say I'm mostly just IRL hands for the AI now.
Making your app buildable from the CLI is not something I do personally to use on my Mac but it is very useful when you're automating your CI. If you have GitHub Actions set up to build your app, so can Claude, assuming you have the right signing setup on your machine.
myHNAccount123 4 hours ago [-]
Xcode 27 beta 3 has been the most stable release I've ever used. The type checking improvements were understated so I gotta laugh at this xcode avoidance.
Areas they could improve - what ever the heck is going on in their diffing ui for source control.
recsv-heredoc 10 hours ago [-]
Having to have Xcode installed is more than half the problem. It makes Visual Studio look lightweight.
ryandrake 10 hours ago [-]
Xcode does have (or had, haven't checked for a while) a lightweight "command line tools only" installer. Unfortunately, that installer omits a lot of the actual useful command line tools, like the notary and stapler tools. I also recall that the command line tool only installer leaves out things like the metal compiler, too. Not sure what the point of it is.
dylan604 10 hours ago [-]
> Not sure what the point of it is.
My only familiarity with it is because it's needed by brew. I honestly never looked into exactly what is in the package, but I assumed things like what is installed with -devel packages of yum/apt-get/dnf/etc. Lots of repos have common list of things to install like gcc/make/etc. Again, just guessing, but it's one of the first things I've always run on a new Mac to get it usable for CLI usage.
saagarjha 10 hours ago [-]
It lets you build basic UNIX-like tools.
gumby 10 hours ago [-]
It’s mostly all the emulators and platform APIs.
I’m not defending Xcode (I hate it), just clarifying.
zitterbewegung 5 hours ago [-]
Xcode 27 which is in beta ships a much better codex integration. There are problems in Xcode that are frustrating . Also, git integrations are a nice touch that allow you to force push too. Would be interesting to find out how well this works in a team based setting.
stephenhuey 10 hours ago [-]
Thought this was going to be about the new Ruby Native!
“From bundle install to your phone in minutes. To the App Store and Google Play without a line of native code.“
zuzululu 10 hours ago [-]
holy hell $299/app is wild
incanus77 9 hours ago [-]
One time?! That's amazing.
stephenhuey 9 hours ago [-]
Per year, but still amazing. I'd like to think of myself who knows what he is doing, but I just launched a Rails-based platform for a client on web, iOS and Android, and had to spend an annoying amount of time in Google Play and App Store Connect. $299 would be a tiny fraction of the billable hours I'd have to spend messing around in there, and that's not counting mobile app dev time at all, so I'm on the lookout for a good candidate project to try Ruby Native on!
chrisweekly 9 hours ago [-]
per app per year
pzo 8 hours ago [-]
You can as well make it simpler and use those skills:
both callstack and swmansion are mostly react native shops but those should work even in native ios/android as well
waynecochran 7 hours ago [-]
The main iPhone app I maintain for work is 100% claude edited now ... I don't touch the code anymore ... I do occasionally look at it. It does a way better job than I could. I do have Xcode open as claude does its thing ... and I occasionally sign and deploy with Xcode. No coding though.
isodev 8 hours ago [-]
In addition to the challenged Xcode, just using Swift seems to require a lot more tokens for both coding and dealing with build/platform quirks. Probably not super significant on indie scale but for anything more robust, it builds up quickly.
React Native and Flutter seem to be much more predictable for the bots (and more fun for humans, since they have actual hot reload).
tomaskafka 7 hours ago [-]
I find it hard to believe xcodegen is in a state where it would reliably generate xcodeproj for all edge states (widgets, watchos app, notification extensions …) - it certainly wasn’t when I last tried it for Weathergraph few years ago.
That said, it might be well enough for simpler apps.
tptacek 6 hours ago [-]
What's a not-simple app? I've had Claude generate:
* A Markdown viewer (obviously pretty simple)
* A menu bar Apple TV remote (surprisingly complicated)
* A menu bar and desktop temperature tracker for the silly Tapo temperature trackers I have all over my house (a little complicated because multiple user interfaces, a backing database, scheduling, and multiple local/remote protocol interfaces)
* A graphical CAS calculator frontend to Sage Math with LaTeX math rendering
* An LLMwiki implementation that uses macOS filesystem extensions to reflect a SQLite database into a local filesystem for agents to traverse (basically the new macOS way to do FUSE, fussy enough that the app has to run out of /Applications to work)
* An agent-driven Music.app replacement with AirPlay streaming support managing Apple Music catalogs and tracks
All of these have worked without me ever once touching the xcode UI, except one time to generate Apple Developer certificates, which I then drove exclusively from CLI tools.
These are all pretty modern SwiftUI applications.
pupppet 9 hours ago [-]
Doesn't that mean you need to distribute the app (TestFlight) before you can preview your app? How do you test locally without the simulators?
simonw 9 hours ago [-]
For a macOS app you don't need a simulator. For an iPhone app I've seen Claude Code launch the simulator without me needing to open Xcode.
nwienert 9 hours ago [-]
I built an iOS simulator simulator, though only for RN. Runs in browser but covers 100% of the API of RN, iOS UI, and the top 1k native libraries basically now. Been an ongoing agentic experiment of mine that's about ready to release.
Kind of fun, you can develop iOS and Android both without a build step and without a Mac even.
turtlebits 9 hours ago [-]
Testing != Distribution. You can run directly on a connected iOS device, without setting up anything related to the app store.
dools 7 hours ago [-]
Shout out to fastlane! I would have loved to have found it sooner in my app shipping journey.
matthewmueller 4 hours ago [-]
Very cool! Does this assume you're never editing code by hand or can you use editors like VSCode or Cursor as well?
honestly would not even know what to do / click in xcode
datadrivenangel 9 hours ago [-]
I've built a few small MacOS dock widgets now by just telling Claude/OpenCode to build them. Works well enough if you're very explicit.
The most useful one is a little weather sparkline to show local temperature forecasts. Useful every day.
esafak 6 hours ago [-]
What framework was it written in, and does it trigger a scary warning from the OS when you try to install it?
stevenhubertron 4 hours ago [-]
This is how i am developing keptrecipes.com. Been a pleasure this way TBH.
josefrichter 9 hours ago [-]
Wait, I am not aware that I've done ANY of those setup steps, yet I'm building iOS and macOS apps without XCode. Both Claude and Codex handle it just fine and didn't ask me for any setup steps.
> notarytool authenticates using a stored keychain profile that you create once, interactively — it prompts for an app-specific password, and there’s no way around the prompt.
You can use `--password <password>` (yeah, yeah, passwords on the command line are bad; I'm just challenging "there's no way around the prompt.")
Later (contradicting itself):
> The one step that stays interactive is notarytool store-credentials, and that’s a choice rather than a limitation: you could pass --password and script it, but that means putting an app-specific password in your shell history.
You can configure your shell to ignore history when needed.
I’ve done this forever on Foqos. Have a makefile, never even open Xcode and the instructions are in the agents md
hyperhello 10 hours ago [-]
Being outside of the approved development loop has rough edges. How do you keep the app from putting up that permission to access documents folder all the time while you rebuild it?
saagarjha 10 hours ago [-]
They're a paid developer, so they are probably signing the app with a stable identity that avoids this.
grahar64 7 hours ago [-]
I thought this would be a flutter post. Love flutter, ... , well I like flutter compared to Kotlin and Swift
busymom0 6 hours ago [-]
Last I used flutter, editable text views was where it wasn't acceptable for me. On iOS, the default text view comes with a lot of built in stuff automatically such as cut copy paste, lookup definition, translate etc. Flutter's didn't have these.
sgt 10 hours ago [-]
Although this has been well known for years and documented.
dylan604 10 hours ago [-]
Yeah, but not only was this "on a computer" but "with an AI" so it's not the same at all. /s
tdhz77 9 hours ago [-]
I do something similar in GitHub actions. Every new app is setup in a few minutes to star getting rejected by iOS and Android.
overgard 9 hours ago [-]
Oh god, the app store does not need more slop. If you can't be bothered to open XCode (which I agree is a dumpster fire, but), you shouldn't be bothered to submit an app that a person has to review and another person has to filter out of their search results.
pclowes 7 hours ago [-]
Counterpoint: XCode is such slop that an app made by a developer with the taste to avoid it has a higher probability of being less "sloppy" than average.
saagarjha 4 hours ago [-]
This is generally not true
ulfw 5 hours ago [-]
The 'developer' isn't even developing much of anything tho
exographicskip 9 hours ago [-]
Skimmed the article. Pretty close to my workflow using fastlane with tauri.
Useful sanity check!
supermatt 6 hours ago [-]
> Without Ever Opening Xcode
"Next, open Xcode"
aabajian 3 hours ago [-]
I shipped my iOS app without opening Xcode (well, I had to open it to get some provisioning stuff to work). I still use Visual Studio Code to kick off the simulator, but other than that, I use no IDE at all. Claude writes all the code in Flutter.
IDEs are dead, prove me wrong.
4 hours ago [-]
inopinatus 4 hours ago [-]
If you prefer your builds composed of declarative and incremental targets, see
I spent seven years as a dev on the Xcode team and this is pretty much my exact workflow these days.
myko 5 hours ago [-]
I prefer Tuist (writing Project.swift) to XcodeGen but otherwise, yeah, this tracks
zerr 6 hours ago [-]
The thing is, in a perspective, who would need any apps at all? Users will get what they want from AI directly.
murlax 8 hours ago [-]
Tangentially, I despise Xcode and love the Expo ecosystem and all the lovely tooling that they have built. It is React Native but Expo honestly makes it so trivial to build stuff from the CLI without ever needing to open that abomination of an app. And with AI, I have built a lot of side project apps onto my iPhone, like a homelab app for monitoring my cameras with push notifications whenever someone is at the door, starting my irrigation and a whole lot more. Plus Tailscale of course. Kind of a crazy world that we live in now.
sefrost 8 hours ago [-]
Yes, I remember React Native being quite painful before Expo!
Upgrading from one version to the next especially so.
Expo seems to shield you from a lot of issues, without really taking any power away from you either.
sneak 8 hours ago [-]
You still have to open Xcode (to get the certs), and you still have to accept the Xcode EULA. Title is quite misleading if not outright false.
embedding-shape 6 hours ago [-]
As someone who tried my very best to not open Xcode for building and shipping Mac and iOS apps, I agree, there are things there are literally no way around opening the GUI, not even terminal utilities for. You cannot do this 100% headless, which is what I attempted at first.
rvz 10 hours ago [-]
By using "Claude Code"*
* and giving Anthropic all your secrets, env vars, certificates and your source code to them.
datadrivenangel 8 hours ago [-]
I've used opencode on a plane with local models to make small updates to local MacOS apps. It's not fast or amazing, but it does work well enough to do trivial changes.
But also yes this is a real concern.
simonw 9 hours ago [-]
What bad things to you anticipate Anthropic doing with your secrets, env vars, and certificates?
You can even run simulators in it if you choose the Tart backend.
thoughtl3ss 9 hours ago [-]
And how is your vibe coded sandbox better than 1000 other sandboxes?
kstenerud 6 hours ago [-]
You'll never know. And that's fine.
Danox 9 hours ago [-]
What could go wrong? Might Apple change something across five ecosystems and leave you in the lurch, and now you have to go through all the slop to try to fix it?
bilekas 3 hours ago [-]
Honestly I thought this was the standard because god help me Xcode is terrible.
onesandofgrain 8 hours ago [-]
Don't make apps for iOS. The apple ecosystem is horrendous
The fact that xAI uploaded someone's home directory, including their SSH keys, is giving me serious pause at my choices here.
Generally, I don't worry about my machine being "blown up". I don't have a TON of unreproducible stuff on my machine. Everything is backed up, committed to git, and the like. I can restore most of it in a couple hours.
That said, I really, really don't want my .SSH directory sent to an AI agent and it's silly to prompt your way around that. You need to block it at the system level. I'm considering a separate user and then 700 permissions on my home directory.
I feel like we're back to 1990's security here. The double-edged sword is that it's helping us get things done at a pace like never before.
I'm not throwing shade here, I'm among the guilty.
You don't have to! All recent Macs come with nearly zero perf cost virtualization. You can easily run Mac or Linux VMs assuming same architecture. Use it all the time for development and whatever.
Use Tart [1] or VirtualBuddy [2], both open-source, for a packaged solution. Or in the spirit of this post, vibe code your own wrapper around the OS API [3]
More recently, there are also Apple containers [4]
[1] https://tart.run/
[2] https://github.com/insidegui/VirtualBuddy
[3] https://developer.apple.com/documentation/virtualization
[4] https://github.com/apple/container
> vibe code your own wrapper around the OS API
Maybe stick with one of the existing projects? Throwing out all of the edge cases and hardening that went into a security-related project just to burn a bunch of resources to generate a worse one you have to maintain yourself is 90s-level security with 2026-level inefficiency, IMO.
But it is to note that the OS APIs do the heavy lifting, the projects are just wrappers
On "Hacker" News of all places :)
vs
> vibe code your own wrapper around the OS API
https://developer.apple.com/documentation/virtualization/run...
If the below sounds too complex to work with, can review more basics first. Can start with a Swift tutorial
In terms of risk, I see it as halfway between stock claude with the sandbox and full-blown container or machine isolation.
I was recently thinking that as Claude's own sandbox gets better I'm doubting the ROI on my belt-and-suspenders project, but your comment reminds me why I'm doing it.
It is not currently published open source but I'm happy to talk about it with strangers.
So, the actions that I really don't want the agent to take (establishing an SSH connection, pushing to a git remote) always require my manual intervention.
[1] https://gist.github.com/arianvp/5f59f1783e3eaf1a2d4cd8e952bb...
You can also use native Mac VMs.
Many people have created Mac VM projects to do exactly this, I was working on one but was stalled too often because before I started using claude I bought a new laptop with what I KNEW was enough disk space.
The 100 GB or so I need to comfortably do the VM stuff just isn't available on my mac.
Surprisingly, it's very easy. This works like a charm: https://github.com/xtool-org/xtool
You do not need to upload to TestFlight or the App Store; you can just install the app locally to your iPhone via usb -- even from Linux!
When in doubt, just ask your coding agent of choice to help you create and upload a Hello World iOS app. It's really easy.
This is the perfect use case for a skill: one person takes the hit to create the skill and then anyone else who wants the tool can use the skill.
In addition to a deep roster of skills and agencts, Axiom includes several for-LLM tools². xclog, xcprof, xcsym, and xcui are designed to be used by LLMs, and expose capabilities in a token-efficient way. These tools are equally helpful for non-Axiom skills/agents.
¹ Axiom: https://charleswiltgen.github.io/Axiom/ ² Axiom CLI tools: https://charleswiltgen.github.io/Axiom/tools/
Xcode MCP is not perfect, by any stretch (stupidly, it issues a permission prompt on every single agent launch—something I defeated with a Keyboard Maestro hack to auto-accept it), but Xcode 27 is such a huge leap forward in the ergonomics of vibe coding with Xcode that I've actually stopped dealing with the MCP and (after an afternoon of futzing) have started using the app's own agent UI for driving Codex because that harness better steers the model to take advantage of the tools available.
All of this redounds to two things: faster feedback and more robust verification. The two things that matter most.
> I had Claude Code create mine: I told Claude, more or less: I want to archive, Developer ID-sign, notarize, staple, and install this app to /Applications without ever opening Xcode. Write me a script that does the whole chain and fails loudly if any step breaks.
Even though the text we're reading is Claude talking to us as well :)
Also it was weird to see the mention of "ask your LLM" at almost every stage in the blog post:
> point Claude Code or your LLM coding tool of choice to this blog post, and let it figure it out
> When in doubt, ask your LLM of choice about them and have it help you get set up. It’s the one that’s going to be using Xcode for you anyway.
> The whole point of using the LLM in the first place is to avoid doing things manually that you don’t want to do.
> Again, if in doubt, ask Claude Code or your LLM of choice to create this for you.
> Again, this is why you talk to your LLM, tell it what you want, and have it help build your workflow.
If I had to guess, I would say this is the human summarised conversation(s) with a bot.
Ignite is a great starter using RN and Expo. Some great people maintaining it. https://github.com/infinitered/ignite
Xcode is a [buggy as hell] GUI wrapper for a lot of system-level UNIX utilities and apps [which are generally, not so buggy].
Using CLI to release apps is a pretty old practice; at least as long as I've been doing it (I released my first Xcode app in 2012).
Hope you like long argument lists. xcodebuild has a crazy long parameter list.
https://developer.apple.com/documentation/xcode/xcode-comman...
As for the builds, your agent probably already knows how to do a lot of this from the command line, although explicit suggestions can help it build faster for different situations.
As for XcodeGen, you may find it unnecessary overhead if you're already using Xcode file system synced groups.
For iOS my biggest suggestion would be to enable App Store Connect skills for your agent (https://github.com/rorkai/App-Store-Connect-CLI).
With this not only do you not need Xcode all the time, you also don't even need to be near a MacBook.
Just make changes via Codex on your iPhone, the tell asc to build and upload to TestFlight, download and run the new version, iterate.
I only used Xcode to preview the builds on my device and then guide the prompts more
Its basis is React, so the code output quality is much higher than Swift because there is much more React code in LLM training data.
Everything is in the command line, and debugging is a breeze because it's a web view. But once it's compiled to native iOS, it feels like any other native app.
Expo + Fastlane = fully automated iOS submission and deployment. I issue one command and see a new version in the App Store.
fwiw, expo seems solid; the uptime of expo.dev won't affect an app built with it.
I should blog about more this, but I also went to some effort to add support free iOS provisioning with just an Apple ID (using internal APIs); and creating a nice DMGs for macOS app distribution (reverse engineered .DS_store files for this). And there's also a built-in command to install skills for coding agents, which was fun.
This [1] is an example app I built with it, a simple utility to manage macOS file extension handling.
[0] https://github.com/octavore/strudel
[1] https://github.com/octavore/tots.app
Using godot iOS export.
For regular old native ios dev replacing Xcode i don’t think i would do it.
Having spent many years fighting with Xcode professionally, I was thrilled when swift build came out, and then appalled at how badly Xcode adopted it. Eventually I realized that you can set up your entire app as a swift package, and then the Xcode project with a single main source file that calls some `app_main()` (or whatever you want to call it) function in your package.
I cannot remember exactly but there was something annoying about setting up a new project; I think by default Xcode assumes that you want a swift package to be treated as a dependency that is checked out from git, but there was a way to drag and drop a local dependency in the same project directory and then it worked.
What this buys you is that files are no longer tracked by Xcode, so renames/merges no longer trigger project.pbxproj surgery. Instead you specify the swift package directories and are done.
I used this for some large personal projects and was very happy with it.
At one point I also wrote my own build tool that imitated all of the steps that Xcode took so that I could truly be Xcode-free. That also worked (and was not even that hard) but I went back to Xcode because the debugger UI was better than what I could get out of VS Code at the time, and especially because I was playing around with the Metal debugger.
To anyone who's chased a crash that only reproduces on a physical device knows the fix was never more log statements added by ai but rather a breakpoint, the debugger, and thirty unglamorous minutes of stepping through code line-by-line (terminal lldb technically counts, but barely).
1. https://sweetpad.hyzyla.dev/
2. https://github.com/sweetpad-dev/sweetpad
Interestingly, since about Opus 4.6, Claude has been able to reason its way into this process on its own. It was clunky until 4.7, and in 4.8 it's managed to find its way around every reason I had to open xcode myself.
I did end up somehow installing Xcode via some shady download and was on my way. But the whole ordeal left a very sour taste.
Claude was great at figuring out what was broken when and either fixing it, or clicking as far as it could until it needed me.
You could say I'm mostly just IRL hands for the AI now.
Areas they could improve - what ever the heck is going on in their diffing ui for source control.
My only familiarity with it is because it's needed by brew. I honestly never looked into exactly what is in the package, but I assumed things like what is installed with -devel packages of yum/apt-get/dnf/etc. Lots of repos have common list of things to install like gcc/make/etc. Again, just guessing, but it's one of the first things I've always run on a new Mac to get it usable for CLI usage.
I’m not defending Xcode (I hate it), just clarifying.
https://rubynative.com
“From bundle install to your phone in minutes. To the App Store and Google Play without a line of native code.“
https://github.com/software-mansion/argent
or
https://github.com/callstack/agent-device
both callstack and swmansion are mostly react native shops but those should work even in native ios/android as well
React Native and Flutter seem to be much more predictable for the bots (and more fun for humans, since they have actual hot reload).
That said, it might be well enough for simpler apps.
* A Markdown viewer (obviously pretty simple)
* A menu bar Apple TV remote (surprisingly complicated)
* A menu bar and desktop temperature tracker for the silly Tapo temperature trackers I have all over my house (a little complicated because multiple user interfaces, a backing database, scheduling, and multiple local/remote protocol interfaces)
* A graphical CAS calculator frontend to Sage Math with LaTeX math rendering
* An LLMwiki implementation that uses macOS filesystem extensions to reflect a SQLite database into a local filesystem for agents to traverse (basically the new macOS way to do FUSE, fussy enough that the app has to run out of /Applications to work)
* An agent-driven Music.app replacement with AirPlay streaming support managing Apple Music catalogs and tracks
All of these have worked without me ever once touching the xcode UI, except one time to generate Apple Developer certificates, which I then drove exclusively from CLI tools.
These are all pretty modern SwiftUI applications.
Kind of fun, you can develop iOS and Android both without a build step and without a Mac even.
honestly would not even know what to do / click in xcode
The most useful one is a little weather sparkline to show local temperature forecasts. Useful every day.
You can use `--password <password>` (yeah, yeah, passwords on the command line are bad; I'm just challenging "there's no way around the prompt.")
Later (contradicting itself):
> The one step that stays interactive is notarytool store-credentials, and that’s a choice rather than a limitation: you could pass --password and script it, but that means putting an app-specific password in your shell history.
You can configure your shell to ignore history when needed.
https://stackoverflow.com/questions/6475524/how-do-i-prevent...
https://superuser.com/questions/352788/how-to-prevent-a-comm...
(And if it's in a script, it won't be in your history anyway.)
> These passwords go stale silently whenever you change your Apple ID password
You can use an ASC API key instead. This can be either a team key ("developer" access level) or an individual key.
https://developer.apple.com/documentation/appstoreconnectapi...
Useful sanity check!
"Next, open Xcode"
IDEs are dead, prove me wrong.
https://github.com/inopinatus/sublime_url/blob/main/Makefile
Same shit with a bit of structure.
Upgrading from one version to the next especially so.
Expo seems to shield you from a lot of issues, without really taking any power away from you either.
* and giving Anthropic all your secrets, env vars, certificates and your source code to them.
But also yes this is a real concern.
You can even run simulators in it if you choose the Tart backend.