Swift and Objective-C

Supported frameworks and package managers

Objective-C is supported only by Snyk Open Source.

Code analysis for Swift

Snyk Code for Swift supports the following frameworks:

Alamofire
Pathos
sqlite3
CryptoKit

Open source and licensing

Snyk Open Source supports the following frameworks:

Package managers / Features	CLI support	Git support	License scanning	Fix PRs
Cocoapods	✔︎	✔︎	✔︎
Swift Package Manager	✔︎

Package managers / Features

CLI support

Git support

License scanning

Fix PRs

Cocoapods

✔︎

Swift Package Manager

✔︎

Getting started with Snyk for Swift and Objective-C language across environments

Snyk CLI

Prerequisites for CLI for Swift and CocoaPods

Code analysis

To start testing your code using Snyk Code open your repository in a terminal and run the following command:

snyk code test

To customize test options, run other commands, exclude directories and files, and explore the results in different formats, see the following:

Open source and licensing

The way Snyk analyzes and builds the dependency tree varies depending on the language and package manager of the Project.

After Snyk has built the tree, Snyk uses the vulnerability database to find vulnerabilities in any packages in the dependency tree.

Swift Package Manager CocoaPods and Snyk CLI

Swift Package Manager	CocoaPods and Snyk CLI
A `Package.swift` file must be present for the Snyk CLI to discover the Project. Snyk uses the `swift package show-dependencies` command to build the dependency graph. Limitations: ℹ️ Supports only Projects using Swift 3.0 or higher. ℹ️ Swift Package Manager supports pre-processing and post-processing. For post-processing, custom commands can add extra dependencies. Detecting such dependencies is not supported.	To build the dependency graph, Snyk examines the `Podfile` and `Podfile.lock` files. When working with Swift and Objective-C projects from the Snyk CLI, you can prevent testing any lock files that are out-of-sync by using the `--strict-out-of-sync=true\|false` option. For details, see Option for CocoaPods projects in the `snyk test` help.

A Package.swift file must be present for the Snyk CLI to discover the Project. Snyk uses the swift package show-dependencies command to build the dependency graph. Limitations: ℹ️ Supports only Projects using Swift 3.0 or higher. ℹ️ Swift Package Manager supports pre-processing and post-processing. For post-processing, custom commands can add extra dependencies. Detecting such dependencies is not supported.

To build the dependency graph, Snyk examines the Podfile and Podfile.lock files. When working with Swift and Objective-C projects from the Snyk CLI, you can prevent testing any lock files that are out-of-sync by using the --strict-out-of-sync=true|false option.

For details, see Option for CocoaPods projects in the snyk test help.

Snyk Web UI (Git repository integration)

Swift Package Manager and Git CocoaPods and Git

Swift Package Manager and Git	CocoaPods and Git
At the moment, it is not possible to scan Swift Package Manager Projects using Git import.	To test your Projects, Snyk analyzes the `Podfile` and `Podfile.lock` files.

At the moment, it is not possible to scan Swift Package Manager Projects using Git import.

To test your Projects, Snyk analyzes the Podfile and Podfile.lock files.

Snyk integrations

🔗 For integrated development environments, see Use Snyk in your IDE.

🔗 If you prefer continuous integration/continuous delivery workflows, you can scan with Snyk based on the integration with your automation software (see Snyk CI/CD and Snyk API).

Troubleshooting

If you need help, contact Snyk Support.

PreviousScala NextTypeScript

Last updated 21 days ago