# Install zsign with Homebrew, Nix

Cross-platform codesigning tool for iOS apps. Version 1.0.8 via Homebrew; verified 2026-07-08.

## Install

```sh
sudo av install brew:zsign
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install zsign
```

  Evidence: local Homebrew formula metadata

### Linux

- Nix (92%):

```sh
nix profile install nixpkgs#zsign
```

  Evidence: nixpkgs package indexes: pkgs/by-name/zs/zsign/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

## Package facts

- **Package key:** brew:zsign
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/zsign>
- **Version:** 1.0.8
- **Source summary:** Cross-platform codesigning tool for iOS apps
- **Homepage:** <https://github.com/zhlynn/zsign>
- **Repository:** <https://github.com/zhlynn/zsign>
- **Upstream docs:** <https://github.com/zhlynn/zsign#readme>
- **License:** MIT
- **Source archive:** <https://github.com/zhlynn/zsign/archive/refs/tags/v1.0.8.tar.gz>
- **Last updated:** 2026-07-08T11:12:02Z
- **Generated:** 2026-07-08T18:08:21+00:00

## Executables

- zsign (cli)
- zsign (alias)

## Dependencies

- minizip-ng
- openssl@4

## Build dependencies

- pkgconf

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 1.0.8
- Package-manager updated: 2026-07-08
- Local data: ok
- Upstream repository: https://github.com/zhlynn/zsign
- Upstream latest detected: v1.0.8 (current)
## Project history and usage

zsign is a fast cross-platform command-line code-signing tool for iOS apps. It focuses on signing IPA/app bundles with certificates, provisioning profiles, entitlements, and embedded frameworks outside Apple's Xcode GUI workflow.

### Project history

The public GitHub repository was created on 2019-09-19. Its README presents zsign as a fast cross-platform iOS code-signing tool and documents command-line signing examples for `.ipa`, `.app`, `.dylib`, and `.framework` targets.

zsign appeared in a tooling niche created by Apple's signing model: iOS apps require valid signatures and provisioning data, but developers, CI systems, jailbreak-adjacent workflows, and enterprise resigning flows often need a scriptable tool rather than a full Xcode-driven build.

### Adoption history

Adoption has been practical and tooling-driven. The repository has substantial GitHub interest for a small native utility, and Homebrew/Nix packaging makes it easier to install on developer machines and CI runners that need repeatable resigning commands.

Because iOS signing is platform-sensitive and operationally finicky, zsign's appeal is not broad consumer usage; it is operators and developers who already have certificates and provisioning profiles and need a concise command-line path.

### How it is used

Typical usage passes a certificate, mobile provisioning profile, entitlements, and an input IPA or app bundle to `zsign`, producing a resigned output artifact. The README also documents signing embedded dynamic libraries and frameworks, which matters because iOS bundles contain nested code that must be signed consistently.

Package users should treat it as a signing automation tool, not a credential manager. Certificates, private keys, and provisioning profiles remain external inputs supplied by the user or CI environment.

### Why package nerds care

zsign is package-nerd significant because it packages a piece of mobile-release infrastructure as a small Unix-style CLI. It turns a GUI-heavy Apple platform operation into something package managers can install and scripts can call.

It also sits at an interesting boundary between legitimate CI/app-distribution workflows and more informal IPA resigning ecosystems, so clear package metadata and source provenance matter.

### Timeline

- 2019-09-19: The zhlynn/zsign GitHub repository is created.
- 2020s: zsign becomes available through package managers such as Homebrew and Nix for command-line iOS signing workflows.
- 2026: The GitHub repository remains active, with recent pushes in 2026 according to GitHub metadata.

### Related projects

- Related projects include Apple's codesign, Xcode signing tools, ldid, fastlane sigh/gym, ios-deploy, AltStore-related signing workflows, and mobile provisioning-profile tooling.

### Sources

- <https://api.github.com/repos/zhlynn/zsign>
- <https://developer.apple.com/documentation/technotes/tn3125-inside-code-signing-provisioning-profiles>
- <https://github.com/zhlynn/zsign>
- <https://raw.githubusercontent.com/zhlynn/zsign/master/README.md>


## Security Notes

narrow executable package without higher-risk signals.

- **Geiger risk:** green / low
- narrow executable package without higher-risk signals

## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** zsign
- **Version Scheme:** 0
- **Revision:** 0
- **Head Version:** HEAD
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** head, stable

## Other Package-Manager Records

- Nix - zsign: normalized package name match | nixpkgs package indexes: pkgs/by-name/zs/zsign/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1


## Related links

- [Source-control packages](https://www.automicvault.com/pkg/source-control-tools/) - Belongs to a source-control command family.
- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [Security and crypto packages](https://www.automicvault.com/pkg/security-crypto-tools/) - Matched security, identity, cryptography, password, signing, or certificate metadata.
- [openssl@4](https://www.automicvault.com/pkg/brew/openssl-4/) - Runtime dependency declared by Homebrew.
- [pkgconf](https://www.automicvault.com/pkg/brew/pkgconf/) - Build dependency declared by Homebrew.
- [jsign](https://www.automicvault.com/pkg/brew/jsign/) - Shares av.db curated category or tags: cli, code-signing, security.
- [osslsigncode](https://www.automicvault.com/pkg/brew/osslsigncode/) - Shares av.db curated category or tags: cli, code-signing, security.
- [ios-class-guard](https://www.automicvault.com/pkg/brew/ios-class-guard/) - Shares av.db curated category or tags: cli, ios, security.
- [ipsw](https://www.automicvault.com/pkg/brew/ipsw/) - Shares av.db curated category or tags: cli, ios, security.
- [acme.sh](https://www.automicvault.com/pkg/brew/acme-sh/) - Shares av.db curated category or tags: cli, security.
- [aescrypt](https://www.automicvault.com/pkg/brew/aescrypt/) - Shares av.db curated category or tags: cli, security.
- [aespipe](https://www.automicvault.com/pkg/brew/aespipe/) - Shares av.db curated category or tags: cli, security.
- [afflib](https://www.automicvault.com/pkg/brew/afflib/) - Shares av.db curated category or tags: cli, security.
- [jose](https://www.automicvault.com/pkg/brew/jose/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, openssl, openssl-4, security, signing.
- [findomain](https://www.automicvault.com/pkg/brew/findomain/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, cross, cross-platform, openssl, platform.

## Combined YAML source

View the package source record on GitHub. [combined/zsign.yml](https://github.com/automic-vault/db/blob/main/combined/zsign.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
