Login
Login

CocoaPods

{{Infobox software

| name = CocoaPods

| logo =

| screenshot =

| caption =

| author = Eloy Durán

| developer = Ben Asher, Dimitris Koutsogiorgas, Danielle Lancashire, Orta Therox, Paul Beusterien and Samuel Giddins

| released =

| latest release version = 1.16.2

| latest preview version = {{start date and age|2024|10|31}}{{cite web

| url = https://github.com/CocoaPods/CocoaPods/releases

| title = Releases · CocoaPods/CocoaPods

| website = github.com

| access-date = 2025-02-10

}}

| latest preview date =

| programming language = Ruby

| platform = macOS, iOS, watchOS, tvOS

| language =

| genre = Package manager

| license = MIT License

| website = {{URL|https://cocoapods.org}}

}}

CocoaPods is an application level dependency manager for Objective-C, Swift and any other languages that run on the Objective-C runtime, such as RubyMotion,[http://www.rubymotion.com/developer-center/articles/cocoapods/ Use CocoaPods Dependencies in RubyMotion Apps] {{webarchive|url=https://web.archive.org/web/20131224101700/http://www.rubymotion.com/developer-center/articles/cocoapods/ |date=2013-12-24 }} that provides a standard format for managing external libraries. It was developed by Eloy Durán and Fabio Pelosin, who continue to manage the project with the help and contributions of many others.[https://github.com/CocoaPods/CocoaPods/graphs/contributors CocoaPods contributors] They began development in August 2011[https://github.com/CocoaPods/CocoaPods/commit/fd2bc0a7cc4c49ddc37edb2a16398f8cfb06132e Initial work] and made the first public release[https://github.com/CocoaPods/CocoaPods/releases/tag/0.0.1 Initial release] on September 1, 2011. CocoaPods is strongly inspired by a combination of the Ruby projects RubyGems and Bundler. It claims to have over 103 thousand libraries and to be used in over 3 million apps.[https://cocoapods.org CocoaPods homepage]

CocoaPods focuses on source-based distribution of third party code and automatic integration into Xcode projects.

CocoaPods runs from the command line and is also integrated in JetBrains' AppCode integrated development environment.[http://www.jetbrains.com/objc/whatsnew/ What's New in AppCode 2.5] It installs dependencies (e.g. libraries) for an application by specification of dependencies rather than by manually copying source files.[http://mobile.tutsplus.com/tutorials/iphone/streamlining-cocoa-development-with-cocoapods Streamlining Cocoa Development With CocoaPods] Besides installing from many different sources, a “master” spec repository—containing metadata for many open-source libraries—is maintained as a Git repository and hosted on GitHub.[https://github.com/CocoaPods/Specs The “master” spec repository] CocoaPods dependency resolution system is powered by [https://github.com/CocoaPods/Molinillo Molinillo] which is also used by other large projects such as Bundler, RubyGems, and Berkshelf.

Example

The following Podfile example installs the AFNetworking and CocoaLumberjack libraries:

platform :ios

pod 'AFNetworking', '~> 2.0.0'

pod 'CocoaLumberjack', '< 1.7'

target 'MyApp'

Security

In July 2024, CocoaPods has been found to have multiple security vulnerabilities that could allow attackers to take control of unclaimed software packages and inject malicious code into applications. These issues have since been patched, but they exposed millions of iOS and macOS apps to supply chain attacks for an estimated period of 10 years.[https://arstechnica.com/security/2024/07/3-million-ios-and-macos-apps-were-exposed-to-potent-supply-chain-attacks/ 3 million iOS and macOS apps were exposed to potent supply-chain attacks][https://blog.cocoapods.org/CocoaPods-Trunk-RCEs-2023/ CocoaPods Trunk: 3 Remote Code Execution found, 2023][https://www.evasec.io/blog/eva-discovered-supply-chain-vulnerabities-in-cocoapods%20 Vulnerabilities in CocoaPods Open the Door to Supply Chain Attacks Against Thousands of iOS and MacOS Applications]

Maintenance Mode

The project has transitioned into maintenance mode after 13 years. With the announcement of Swift Package Manager (SPM) by Apple in 2015, maintainers' ties to the project weakened, with updates driven mostly by security fixes or Xcode compatibility issues. Despite this, CocoaPods' usage has continued due to its role in frameworks like React Native and Flutter, though many users are currently unaware of its existence or inner workings. With Apple's SPM as its successor and declining active development, the CocoaPods team is now reassessing the project's future and maintenance approach.[https://blog.cocoapods.org/CocoaPods-Support-Plans/ CocoaPods Support & Maintenance Plans]

See also

References

{{reflist}}

External links

  • [http://cocoapods.org Official website]
  • [https://github.com/CocoaPods Official source code repositories]
  • [https://github.com/alloy Eloy Durán GitHub page]

Category:Free package management systems

Category:Free software programmed in Ruby

Category:Software using the MIT license