CocoaPods

Source: Wikipedia, the free encyclopedia.
CocoaPods
Original author(s)Eloy Durán
Developer(s)Ben Asher, Dimitris Koutsogiorgas, Danielle Lancashire, Orta Therox, Paul Beusterien and Samuel Giddins
Stable release
1.16.2
Preview release
October 31, 2024; 8 months ago (2024-10-31)[1]
Written inRuby
PlatformmacOS, iOS, watchOS, tvOS
TypePackage manager
LicenseMIT License
Websitecocoapods.org

CocoaPods is an

application level dependency manager for Objective-C, Swift and any other languages that run on the Objective-C runtime, such as RubyMotion,[2] that provides a standard format for managing external libraries. It was developed by Eloy Durán and Fabio Pelosin, who continue to manage the project with the help and contributions of many others.[3] They began development in August 2011[4] and made the first public release[5] on September 1, 2011. CocoaPods is strongly inspired by a combination of the Ruby projects RubyGems and Bundler. It claims to have over 103 thousand libraries and to be used in over 3 million apps.[6]

CocoaPods focuses on source-based distribution of third party code and automatic integration into Xcode projects.

CocoaPods runs from the

Git repository and hosted on GitHub.[9] CocoaPods dependency resolution system is powered by Molinillo which is also used by other large projects such as Bundler, RubyGems
, and Berkshelf.

Example

The following Podfile example installs the AFNetworking and CocoaLumberjack libraries: 

 platform :ios
 pod 'AFNetworking',    '~> 2.0.0'
 pod 'CocoaLumberjack', '< 1.7'

 target 'MyApp'

Security

In July 2024, CocoaPods has been found to have multiple security vulnerabilities that could allow attackers to take control of unclaimed software packages and inject malicious code into applications. These issues have since been patched, but they exposed millions of iOS and macOS apps to supply chain attacks for an estimated period of 10 years.[10][11][12]

Maintenance Mode

The project has transitioned into maintenance mode after 13 years. With the announcement of Swift Package Manager (SPM) by Apple in 2015, maintainers' ties to the project weakened, with updates driven mostly by security fixes or Xcode compatibility issues. Despite this, CocoaPods' usage has continued due to its role in frameworks like React Native and Flutter, though many users are currently unaware of its existence or inner workings. With Apple's SPM as its successor and declining active development, the CocoaPods team is now reassessing the project's future and maintenance approach.[13]

See also

References

  1. ^ "Releases · CocoaPods/CocoaPods". github.com. Retrieved 2025-02-10.
  2. ^ Use CocoaPods Dependencies in RubyMotion Apps Archived 2013-12-24 at the Wayback Machine
  3. ^ CocoaPods contributors
  4. ^ Initial work
  5. ^ Initial release
  6. ^ CocoaPods homepage
  7. ^ What's New in AppCode 2.5
  8. ^ Streamlining Cocoa Development With CocoaPods
  9. ^ The “master” spec repository
  10. ^ 3 million iOS and macOS apps were exposed to potent supply-chain attacks
  11. ^ CocoaPods Trunk: 3 Remote Code Execution found, 2023
  12. ^ Vulnerabilities in CocoaPods Open the Door to Supply Chain Attacks Against Thousands of iOS and MacOS Applications
  13. ^ CocoaPods Support & Maintenance Plans
Retrieved from "https://en.wikipedia.org/w/index.php?title=CocoaPods&oldid=1276314520"