Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[security] Install pods safety when they stored in Source control #9691

Open
1 task done
retyui opened this issue Apr 5, 2020 · 2 comments
Open
1 task done

[security] Install pods safety when they stored in Source control #9691

retyui opened this issue Apr 5, 2020 · 2 comments
Labels
d2:moderate A moderately-difficult ticket that may require a bit of knowledge about the codebase help wanted Help from new or existing contributors would be greatly appreciated! s7:workaround available A workaround for the issue is available t1:enhancement Enhancements that have not been picked up yet. Please comment if you plan to work on it

Comments

@retyui
Copy link

retyui commented Apr 5, 2020
edited

Report

What did you do?

pod install
# then I change one source file on library and commit it
git add Pods; git commit;

# finally I run again
pod install

What did you expect to happen?

Changes that I add to source code of library should be discarded and I will see it in git status

What happened instead?

Nothing happened(
Injected alien code has not been deleted

CocoaPods Environment

Stack

   CocoaPods : 1.8.4
        Ruby : ruby 2.3.7p456 (2018-03-28 revision 63024) [universal.x86_64-darwin18]
    RubyGems : 2.5.2.3
        Host : Mac OS X 10.14.6 (18G103)
       Xcode : 11.3.1 (11C504)
         Git : git version 2.24.0
Ruby lib dir : /System/Library/Frameworks/Ruby.framework/Versions/2.3/usr/lib
Repositories : trunk - CDN - https://cdn.cocoapods.org/

Installation Source

Executable Path: /usr/local/bin/pod

Plugins

cocoapods-deintegrate : 1.0.4
cocoapods-plugins     : 1.0.0
cocoapods-search      : 1.0.0
cocoapods-stats       : 1.1.0
cocoapods-trunk       : 1.4.1
cocoapods-try         : 1.1.0

Project that demonstrates the issue

...
@paulb777
Copy link
Member

rm -rf Pods before pod install is a workaround

@dnkoutso
Copy link
Contributor

dnkoutso commented May 6, 2020

We could calculate a checksum for the current remote Pods and re-install it if it has changed. We should piggyback on the mechanism for incremental installation that generates those checksums and the list of files I think.

@dnkoutso dnkoutso added d2:moderate A moderately-difficult ticket that may require a bit of knowledge about the codebase t1:enhancement Enhancements that have not been picked up yet. Please comment if you plan to work on it help wanted Help from new or existing contributors would be greatly appreciated! labels May 6, 2020
@dnkoutso dnkoutso added the s7:workaround available A workaround for the issue is available label Jun 20, 2020
@attritionorg attritionorg mentioned this issue Nov 18, 2020
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
d2:moderate A moderately-difficult ticket that may require a bit of knowledge about the codebase help wanted Help from new or existing contributors would be greatly appreciated! s7:workaround available A workaround for the issue is available t1:enhancement Enhancements that have not been picked up yet. Please comment if you plan to work on it
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@paulb777 @dnkoutso @retyui