Add CocoaPods (iOS) as supported package manager about ort HOT 4 CLOSED

Hey Martin 👋 , I was just talking about this with @tsteenbe and he mentioned that one of the problem with this task is that CocoaPods commands only run on macOS. CocoaPods uses a generic dependency resolution algorithm (the same as Bundler) for this: CocoaPods/Molinillo (see usage here) that doesn't require macOS, but it does require the data models used by CocoaPods internals. Maybe this is useful information of how to get the dependency tree without macOS.

from ort.

Thanks for the info @Ruenzuo !

from ort.

The questions below outline the prerequisites of things we need to figure out prior to be able to add CocaoPods to ORT. Answered some of the questions when I could easily find the answer.

1. How can you detect a project uses this specific package manager?

The presence of a .podspec or Podfile or Podfile.lock is a good indicator that the project is CocaoPods project.

• .podspec package metadata file see also https://guides.cocoapods.org/syntax/podspec.html#group_root_specification or https://guides.cocoapods.org/making/specs-and-specs-repo.html
• Podfile list dependencies see also https://guides.cocoapods.org/using/the-podfile.html
• Podfile.lock locked list of dependencies

2. How can you get the declared license for a package?

The .podspec has s.license field for the declared license, see the specification in https://guides.cocoapods.org/syntax/podspec.html#license and for an example https://github.com/AFNetworking/AFNetworking/blob/master/AFNetworking.podspec#L4

3. How to can one get dependency tree including package names, versions?
   

Most SCA tools seem to parse the Podfile.lock file to get the list of dependencies but that not what we usually do in ORT as a project might not have committed a lock file. Ideally after ORT determines a project is using cocoapods we run the install command (pod install) to install the dependencies and then parse the found .podspec to get all the package metadata like we do for npm.

Question with ORT being a cross-platform project, if we add CocoaPods support, we'd like it to work on any platform, not just macOS. Esp. as most ORT pipelines run on Linux. How can we execute CocoaPods on Linux? Could we simply see it as a Ruby project and use Molinillo to get the dependency tree and package metadata?

4. How can one obtain the source code for a dependency?
   

The .podspec has s.source field to specify the source code repository for the package, see the specification in https://guides.cocoapods.org/syntax/podspec.html#source and for an example see https://github.com/AFNetworking/AFNetworking/blob/master/AFNetworking.podspec#L9

5. How can one separate code dependencies from build/test ones?

Have not found any information on this, can't find it in the tools docs.

6. Can you provide example projects that can be used test implementation?

Maybe we can use https://github.com/RestKit/RestKit which is mentioned in the cocoapods.org examples

from ort.

CocoaPods support was implemented in #3994.

from ort.