Open in app

Sign in

Write

Sign in

Podfile.lock

Romain Brunie
2 min readApr 7, 2020

Podfile.lock is used to make sure that every members of the team has the same versions of pods installed on the project.

This file is generated after you run the command: pod install. It gets updated when you run pod install or pod update.

PODS:
  - Firebase (6.18.0):
  ...
  - PromisesObjC (1.2.8)DEPENDENCIES:
  - FirebaseSPEC REPOS:
  trunk:
    - Firebase
    ...
    - PromisesObjCSPEC CHECKSUMS:
  Firebase: 0490eca762a72e4f1582319539153897f1508dee
  ...
  PromisesObjC: c119f3cd559f50b7ae681fa59dc1acd19173b7e6PODFILE CHECKSUM: 3913db59ed358faf5041b2aab767201b3616937bCOCOAPODS: 1.8.4

PODS:

A podspec describes a version of a pod. Over the course of time, a pod will have many podspecs. A podspec include metadata such as name, version, source, dependency, etc.

All of the pods (and their dependencies) in the podfile will get their versions tracked in the podfile.lock.

DEPENDENCIES:

It’s the list of all the pods with the specified version argument written in your podfile. In the PODS section, you get the actual version of the pod installed.

SPEC REPOS — trunk:

It’s the list of all of the pods installed, including the dependencies.

SPEC CHECKSUMS:

To make sure that your pods have the same version as the Podspec, CocoaPods makes a checksum of the JSON representation of your Podspec. For a particular pod, after running pod install, if the checksum is different from the podfile.lock, it means that the pod has an updated version.

Generate spec checksums

$pod ipc spec ~/.cocoapods/repos/.../<pod-name>.podspec.json | openssl sha1

The command pod ipc spec converts a podspec to JSON and prints it to STDOUT (from CocoaPods Guide).

| is a “pipe”. The | takes the standard output of the command on the left, and pipes it as standard input to the command on the right. (from Codeacademy)

OpenSSL is a command line program for using cryptography functions. SHA-1 is a cryptografic hash function that takes an input and usualy produces a 40 digits long. It is an unique value and impossible to invert the process.

PODFILE CHECKSUM:

This is the checksum of the podfile, in order to make sure it didn’t changed. Any character such as spaces, blank lines or comments are part of the checksum calculation.

Generate podfile checksum

openssl sha1 /<path-to-podfile>/Podfile

COCOAPODS:

This is the version of CocoaPods used for generating this file.

Cocoapods
Podfile

--

--

Romain Brunie

Written by Romain Brunie

86 Followers

Passionate about Clean Code and Software Craftsmanship @AVIV

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams