While the download itself is served using https (from amazon), curl will contact the google url shortener using HTTP. Honestly, if I wanted to MITM one thing on any network, URL shorteners would come first.
Edit: The website switched from googles link shortener to git.io (http) and download to github downloads. git.io's https version seems to have certificate issues.
> While the download itself is served using https (from amazon), curl will contact the google url shortener using HTTP.
Whoever wrote the installation instructions here should take a page from Sublime Package Control's installation instructions:
> The download will be done over HTTP instead of HTTPS due to Python standard library limitations, however the file will be validated using SHA-256.
> WARNING: Please do not redistribute the install code via another website. [Because of the embedded SHA-256 digest, the installation code] will change with every release. Instead, please link to this page.
The first thing that stuck out to me was the name and logo. Alcatraz sounds cool (and I like the logo), but I'm not sure if something that evokes imagery of being confined and locked up is what you want associated with an open-source package manager.
I'm pretty sure it's more a reference to the fact that XCode extension management is rather painful and feels like you're stuck using that IDE sometimes.
I don't think it has any effect on me using the tool but I would say that Alcatraz has negative connotations for me.
There are Ruby "Gems" and Cocoa "Pods", I'm trying to think of a similar name that evokes something that can be slotted in to something else... Cubby?
Cubby - any of a group of small boxlike enclosures or compartments, open at the front, in which children can keep their belongings, as at a nursery school.
I actually wrote that patch! Are you sure you are using a version of clang with support for it? As far as I know a new release hasn't been cut with the included patch. At Facebook we use clang-format with that patch and it works.
I should note that Alcatraz's clang plugin looks to have a compiled version of an old clang-format in the tree...that's likely why this doesn't work with that plugin.
What are your reasons for starting another package management system when we already have CocoaPods? What does this offer over CocoaPods beside the UI?
It's not competing with CocoaPods. Alcatraz gives you a nice UI for installing Xcode plugins, color themes, etc. to customize your editor, while CocoaPods is management of libraries for iOS and OS X development.
Think of Alcatraz as the Xcode equivalent of Will Bond's "Package Control" package for Sublime Text. Cocoapods is a dependency manager, more like PHP's composer.phar (or whatever your language of choice's current dependency-manager-of-choice happens to be).
I've been using this and it works great for the packages it has, I don't use too many but if you document your xcode methods I highly recommend VVDocumenter.
It allows you to generate a doc string for a method if you type '///'
This looks really cool, but I don't know what problem it's solving for me. Maybe I'm not an Xcode hacker/ninja/whatever, but it has constantly met my needs as-is. Sure, I've wanted to add a color scheme before, but these are a lot of hoops to jump through when Dusk is fine.
A huge congrats, I've been working with Alcatraz HEAD for a while, with helping out with the design, and occasionally wanting to make my own plugins.
I'm super excited to see it out and one-click installable again. Looking forwards to seeing what Marin/Delisa/Jurre do with the blog.
I use this regularly, it's not felt any less stable for the few plugins I use mainly; open in github, one in appcode & fuzzy string matcher. They really make Xcode easier for day to day life.
A colleague of mine wrote that Open in Github plugin when we worked together - it's incredibly useful if your code's hosted there and you do pull-request code reviews.
Xcode doesn't have a public plugin API. Every single one of these packages, including Alcatraz itself, is relying on undocumented and unsupported functionality. I would very strongly caution against installing any of it.
As a user of several of the packages available on Alcatraz, and Alcatraz itself, I strongly disagree with eridius.
If you do have issues with a particular package it is pretty simple to remove any/all of them. The only time I have had issues is when I've tried to run betas of Xvim on unreleased versions of Xcode.
Seriously, if you're interested at all in the packages made available through Alcatraz give it a shot.
I really want to use this, but I'm having a lot of trouble with the interface. It could just be me or my environment. I don't know.
Are you planning to have a forum somewhere for feedback and support? I suppose I could open an issue on Github, but I'd really rather just ask a question. Enough people seem to be using this that I suspect the problem is on my end.
It's not an answer to you directly but more of an observation: The effect for this page is very laggy on a 1-year old MBP, and makes the text barely readable until a certain scrolling point is reached. I do not understand the purpose of using the effect here or in 9/10 cases I see it on sites. It introduces pointless visual candy with usually zero or negative practical benefit. Makes me think of the DHTML days.
As someone who spends most of their day in Xcode, Alcatraz is an invaluable tool to grooming my Xcode setup and keeping up with the latest plugins and what not.
Congrats on the launch Marin! Been following the repo for a few months now, I'm really digging the design.
I use a few of the Xcode 4 Fixins (https://github.com/davekeck/Xcode-4-Fixins), which despite their name are mostly compatible with Xcode 5. I use DisableAnimations, FindFix, InhibitTabNextPlaceholder, TabAcceptsCompletion, and UserScripts (which I wrote).
A bit of work was required when Xcode 5 came along but from minor version to minor version they haven't needed much in the way of maintenance.
I've been using XVim for over a year now and it's been reasonably stable. They have an issue with code folding but then I don't fold while the plugin is enabled.
Apple doesn't sanction Xcode plugins and I'm pretty sure Xcode itself isn't sandboxed once you enter your developer password. I'm not sure of the details though.
As to the security review or process, perhaps badging -- that sounds like a good feature request. I'll bet there's an issue tracker... ;-)
[+] [-] Argorak|12 years ago|reply
While the download itself is served using https (from amazon), curl will contact the google url shortener using HTTP. Honestly, if I wanted to MITM one thing on any network, URL shorteners would come first.
Edit: The website switched from googles link shortener to git.io (http) and download to github downloads. git.io's https version seems to have certificate issues.
[+] [-] derefr|12 years ago|reply
Whoever wrote the installation instructions here should take a page from Sublime Package Control's installation instructions:
> The download will be done over HTTP instead of HTTPS due to Python standard library limitations, however the file will be validated using SHA-256.
> WARNING: Please do not redistribute the install code via another website. [Because of the embedded SHA-256 digest, the installation code] will change with every release. Instead, please link to this page.
[1] https://sublime.wbond.net/installation
[+] [-] drtse4|12 years ago|reply
[+] [-] mneorr|12 years ago|reply
[+] [-] guptaneil|12 years ago|reply
[+] [-] josteink|12 years ago|reply
Given that it's for Xcode, the one dev-tool to rule them all, in the walled garden where Apple has all the keys, I think it fits perfectly.
[+] [-] neohaven|12 years ago|reply
[+] [-] mentos|12 years ago|reply
There are Ruby "Gems" and Cocoa "Pods", I'm trying to think of a similar name that evokes something that can be slotted in to something else... Cubby?
Cubby - any of a group of small boxlike enclosures or compartments, open at the front, in which children can keep their belongings, as at a nursery school.
[+] [-] mneorr|12 years ago|reply
[+] [-] nextstep|12 years ago|reply
An aside: Has anyone tried the Clang Formatter plugin? I want to format property declarations like:
But setting 'ObjCSpaceAfterProperty' to true or false both output: My format config is based off llvm's. Maybe some other configuration is stomping on the 'ObjCSpaceAfterProperty: true'?(Does anyone have a .clang-format file that that matches Apple's style?)
[+] [-] LegNeato|12 years ago|reply
I should note that Alcatraz's clang plugin looks to have a compiled version of an old clang-format in the tree...that's likely why this doesn't work with that plugin.
[+] [-] k-mcgrady|12 years ago|reply
[+] [-] alloy|12 years ago|reply
[+] [-] smweber|12 years ago|reply
[+] [-] VeryVito|12 years ago|reply
[+] [-] jurre|12 years ago|reply
[+] [-] irace|12 years ago|reply
[+] [-] unknown|12 years ago|reply
[deleted]
[+] [-] unknown|12 years ago|reply
[deleted]
[+] [-] HaloZero|12 years ago|reply
It allows you to generate a doc string for a method if you type '///'
[+] [-] eddieroger|12 years ago|reply
[+] [-] jurre|12 years ago|reply
[+] [-] orta|12 years ago|reply
I'm super excited to see it out and one-click installable again. Looking forwards to seeing what Marin/Delisa/Jurre do with the blog.
I use this regularly, it's not felt any less stable for the few plugins I use mainly; open in github, one in appcode & fuzzy string matcher. They really make Xcode easier for day to day life.
[+] [-] rafifyalda|12 years ago|reply
[+] [-] eridius|12 years ago|reply
[+] [-] myko|12 years ago|reply
If you do have issues with a particular package it is pretty simple to remove any/all of them. The only time I have had issues is when I've tried to run betas of Xvim on unreleased versions of Xcode.
Seriously, if you're interested at all in the packages made available through Alcatraz give it a shot.
[+] [-] teacup50|12 years ago|reply
If the tools solve useful problems, who cares if they break later? We'll fix them.
I would very strongly caution against Apple continuing to provide such a boneheaded IDE.
[+] [-] jurre|12 years ago|reply
[+] [-] redshirtrob|12 years ago|reply
Are you planning to have a forum somewhere for feedback and support? I suppose I could open an issue on Github, but I'd really rather just ask a question. Enough people seem to be using this that I suspect the problem is on my end.
[+] [-] accatyyc|12 years ago|reply
[+] [-] bib971|12 years ago|reply
[+] [-] imissmyjuno|12 years ago|reply
[+] [-] rimantas|12 years ago|reply
[+] [-] theswan|12 years ago|reply
Theoretically speaking, is it safe to curl and install something via plain http:// and no checksum verification?
[+] [-] wsc981|12 years ago|reply
[0]: https://github.com/travisjeffery/ClangFormat-Xcode
[+] [-] eliperkins|12 years ago|reply
Congrats on the launch Marin! Been following the repo for a few months now, I'm really digging the design.
[+] [-] tempire|12 years ago|reply
[+] [-] danielrakh|12 years ago|reply
[+] [-] chrisdevereux|12 years ago|reply
The few I've tried haven't been great (they've tended to crash a lot and break with Xcode updates)
[+] [-] to3m|12 years ago|reply
A bit of work was required when Xcode 5 came along but from minor version to minor version they haven't needed much in the way of maintenance.
[+] [-] brodney|12 years ago|reply
[+] [-] bennyg|12 years ago|reply
[+] [-] jevinskie|12 years ago|reply
[+] [-] kerbs|12 years ago|reply
I work for TheMan® (with Firewall) and assuming it is due to some non-http ports being used?
[+] [-] jurre|12 years ago|reply
[+] [-] biot|12 years ago|reply
[+] [-] lstamour|12 years ago|reply
As to the security review or process, perhaps badging -- that sounds like a good feature request. I'll bet there's an issue tracker... ;-)
[+] [-] iloveponies|12 years ago|reply