How to verify Xcode authenticity?

If you downloaded Xcode (or anything else for that matter) from the Developer site or the Mac App Store, you are fine.

Those developers who used an infected version of Xcode downloaded Xcode from a non-Apple site.

It would also be nice to know from a user perspective which apps were effected on the App Store.

Seems a pretty big oversight that Xcode itself can be changed without the review procedures picking it up. Has it always been that way?

Ask and ye shall receive. Lol. Apple just sent out an email with more details and instructions on how to check your installation. https://developer.apple.com/news/?id=09222015a

Anyone else having a problem with verification XCode 7? I was reading instructions on https://developer.apple.com/news/?id=09222015aand just wanted to check, even if I know that my versions are valid and dowloaded from app store and dev portal. I have two versions of Xcode installed, 7 and 6.4. Ver. 7 is downloaded from AppStore and I am receiving "a sealed resource is missing or invalid" when I try to verify it. Ver 6.4 is downloaded from iOs developer and that is fine. Anyone else with same expereince?

Edit: XCode7 is XCode7 GM updated via app store

>I was reading instructions on https://developer.apple.com/news/?id=09222015a

Good info, thanks. None of my apps have been removed from the store over this, but this is a nice double check. BTW, my v7, from the Mac App Store (not the GM) passes the check ok.

My GM doesn't pass the check. I'm downloading the MAS version now (I've been meaning to anyway) to see if it works. Interestingly, Apple's instructions mention having Gatekeeper enabled—I've never turned it off and received no warning about the GM version, but it still doesn't pass the spctl check (or codesign --verify for that matter)