cocoapods-blocklist 0.1.4

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: c46e5f448d4eefcbf07921c287bb97afae2b87b3352afa283eb33442bb7f9f68
+  data.tar.gz: e83197d84a4597aa72cfb7bb238f93677355c1edf3603817d068e7511a1bbcce
+SHA512:
+  metadata.gz: ef413cd1bc3a3db9381de49d10d50ade256656e531e516ad5f59637fd5b79af98b28105e8842fb50ec59b081cbbc0d992e5be49d5affee7225697ebdc9b7254f
+  data.tar.gz: f5a83027b4824ec380f706fccb3776ec39c8f0ea196975f5dbd2f7c733a5137534e1b01d4014839f6f613a21bcbb1714ba936a5f1fa4b5c64ae8f39a1cd5abca

data/.gitignore

@@ -0,0 +1,7 @@
+.DS_Store
+pkg
+.idea/
+*.gem
+.bundle
+vendor
+

data/.travis.yml

@@ -0,0 +1,21 @@
+# Sets Travis to run the Ruby specs on OS X machines to be as close as possible
+# to the user environment.
+#
+language: objective-c
+
+env:
+  - RVM_RUBY_VERSION=system
+  # - RVM_RUBY_VERSION=1.8.7-p358
+
+before_install:
+  - export LANG=en_US.UTF-8
+  - curl http://curl.haxx.se/ca/cacert.pem -o /usr/local/share/cacert.pem
+  - source ~/.rvm/scripts/rvm
+  - if [[ $RVM_RUBY_VERSION != 'system' ]]; then rvm install $RVM_RUBY_VERSION; fi
+  - rvm use $RVM_RUBY_VERSION
+  - if [[ $RVM_RUBY_VERSION == 'system' ]]; then sudo gem install bundler --no-ri --no-rdoc; else gem install bundler --no-ri --no-rdoc; fi
+
+install:
+  - sudo bundle install --without=documentation
+
+script: bundle exec rake specs

data/CHANGELOG.md

@@ -0,0 +1,23 @@
+## CHANGELOG
+
+# 0.1.4
+- Rename to cocoapods-blocklist (@dbgrandi 6/11/2020)
+
+# 0.1.3
+ - Mark current gem name as deprecated with a post_install message (@dbgrandi 6/11/2020)
+
+# 0.1.2
+  - More idiomatic CLAide usage (@segiddins 11/16/2015)
+
+# 0.1.1
+  - Updated Pod metadata (@clarkda 8/14/2015)
+
+# 0.1.0
+  - Public release (@dbgrandi 5/18/2015)
+
+# 0.0.2
+  - Show output for all failed pods (@dbgrandi 5/16/2015)
+
+# 0.0.1
+  - Added `check` command (@dbgrandi 4/27/2015)
+  

data/Gemfile

@@ -0,0 +1,12 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in cocoapods-blocklist.gemspec
+gemspec
+
+group :development do
+  gem 'activesupport', '>= 4.2.2', '< 5'
+  gem 'bacon'
+  gem 'cocoapods', '~> 1.9.0'
+  gem 'prettybacon'
+  gem 'webmock'
+end

data/Gemfile.lock

@@ -0,0 +1,117 @@
+PATH
+  remote: .
+  specs:
+    cocoapods-blocklist (0.1.4)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    CFPropertyList (3.0.2)
+    activesupport (4.2.11.3)
+      i18n (~> 0.7)
+      minitest (~> 5.1)
+      thread_safe (~> 0.3, >= 0.3.4)
+      tzinfo (~> 1.1)
+    addressable (2.7.0)
+      public_suffix (>= 2.0.2, < 5.0)
+    algoliasearch (1.27.3)
+      httpclient (~> 2.8, >= 2.8.3)
+      json (>= 1.5.1)
+    atomos (0.1.3)
+    bacon (1.2.0)
+    claide (1.0.3)
+    cocoapods (1.9.3)
+      activesupport (>= 4.0.2, < 5)
+      claide (>= 1.0.2, < 2.0)
+      cocoapods-core (= 1.9.3)
+      cocoapods-deintegrate (>= 1.0.3, < 2.0)
+      cocoapods-downloader (>= 1.2.2, < 2.0)
+      cocoapods-plugins (>= 1.0.0, < 2.0)
+      cocoapods-search (>= 1.0.0, < 2.0)
+      cocoapods-stats (>= 1.0.0, < 2.0)
+      cocoapods-trunk (>= 1.4.0, < 2.0)
+      cocoapods-try (>= 1.1.0, < 2.0)
+      colored2 (~> 3.1)
+      escape (~> 0.0.4)
+      fourflusher (>= 2.3.0, < 3.0)
+      gh_inspector (~> 1.0)
+      molinillo (~> 0.6.6)
+      nap (~> 1.0)
+      ruby-macho (~> 1.4)
+      xcodeproj (>= 1.14.0, < 2.0)
+    cocoapods-core (1.9.3)
+      activesupport (>= 4.0.2, < 6)
+      algoliasearch (~> 1.0)
+      concurrent-ruby (~> 1.1)
+      fuzzy_match (~> 2.0.4)
+      nap (~> 1.0)
+      netrc (~> 0.11)
+      typhoeus (~> 1.0)
+    cocoapods-deintegrate (1.0.4)
+    cocoapods-downloader (1.3.0)
+    cocoapods-plugins (1.0.0)
+      nap
+    cocoapods-search (1.0.0)
+    cocoapods-stats (1.1.0)
+    cocoapods-trunk (1.5.0)
+      nap (>= 0.8, < 2.0)
+      netrc (~> 0.11)
+    cocoapods-try (1.2.0)
+    colored2 (3.1.2)
+    concurrent-ruby (1.1.6)
+    crack (0.4.3)
+      safe_yaml (~> 1.0.0)
+    escape (0.0.4)
+    ethon (0.12.0)
+      ffi (>= 1.3.0)
+    ffi (1.13.1)
+    fourflusher (2.3.1)
+    fuzzy_match (2.0.4)
+    gh_inspector (1.1.3)
+    hashdiff (1.0.1)
+    httpclient (2.8.3)
+    i18n (0.9.5)
+      concurrent-ruby (~> 1.0)
+    json (2.3.0)
+    minitest (5.14.1)
+    molinillo (0.6.6)
+    nanaimo (0.2.6)
+    nap (1.1.0)
+    netrc (0.11.0)
+    prettybacon (0.0.2)
+      bacon (~> 1.2)
+    public_suffix (4.0.5)
+    rake (13.0.1)
+    ruby-macho (1.4.0)
+    safe_yaml (1.0.5)
+    thread_safe (0.3.6)
+    typhoeus (1.4.0)
+      ethon (>= 0.9.0)
+    tzinfo (1.2.7)
+      thread_safe (~> 0.1)
+    webmock (3.8.3)
+      addressable (>= 2.3.6)
+      crack (>= 0.3.2)
+      hashdiff (>= 0.4.0, < 2.0.0)
+    xcodeproj (1.16.0)
+      CFPropertyList (>= 2.3.3, < 4.0)
+      atomos (~> 0.1.3)
+      claide (>= 1.0.2, < 2.0)
+      colored2 (~> 3.1)
+      nanaimo (~> 0.2.6)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  activesupport (>= 4.2.2, < 5)
+  bacon
+  bundler (~> 1.3)
+  cocoapods (~> 1.9.0)
+  cocoapods-blocklist!
+  prettybacon
+  rake (>= 12.3.3)
+  webmock
+
+BUNDLED WITH
+   1.17.3

data/LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2015 Yahoo, Inc. All rights reserved.
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,51 @@
+# cocoapods-blocklist
+
+[![Build Status](https://travis-ci.org/yahoo/cocoapods-blocklist.svg?branch=main)](https://travis-ci.org/yahoo/cocoapods-blocklist)
+
+A CocoaPods plugin used to check a project against a list of pods that you do not want included in your build. Security is the primary use, but keeping specific pods that have conflicting licenses is another possible use.
+
+We use this in our continuous integration builds. If a security issue is found with a pod, we can update our `blocklist.json` file and builds will start to fail immediately. Developers don't always read the email about a new vulnerability. They definitely notice when the build fails. :smile:
+
+## Installation
+
+    $ gem install cocoapods-blocklist
+
+## Usage
+
+    $ pod blocklist [LOCKFILE] --config=BLOCKLIST_CONFIG
+
+The `LOCKFILE` is optional, and `./Podfile.lock` is assumed if one is not explicitly passed in.
+
+## Blocklist config file
+
+The blocklist config file is a JSON file that has an array of pods, each one containing a hash with:
+
+- name: the same string you would use to include a pod in a `Podfile`
+- versions: a version string (or array of version strings) used to match the version
+- reason: a string used to explain why a pod is blocked, will be printed out when a check fails
+
+```
+{
+  "pods":[
+    {
+      "name":"FooKit",
+      "reason":"FooKit 1.2.2 did not check passwords on Thursdays",
+      "versions":"1.2.2"
+    },
+    {
+      "name":"BananaKit",
+      "reason":"Vulnerable to code injection with malformed BQL queries",
+      "versions":[">=3.4.2", "<3.6.0"]
+    }
+  ]
+}
+```
+
+## Contributors
+
+- David Grandinetti ([@dbgrandi](https://twitter.com/dbgrandi))
+- Samuel E. Giddins ([@segiddins](https://twitter.com/segiddins))
+
+## License
+
+Code licensed under the MIT license. See [LICENSE](https://github.com/yahoo/cocoapods-blocklist/blob/master/LICENSE) file for terms.

data/Rakefile

@@ -0,0 +1,13 @@
+require 'bundler/gem_tasks'
+
+def specs(dir)
+  FileList["spec/#{dir}/*_spec.rb"].shuffle.join(' ')
+end
+
+desc 'Runs all the specs'
+task :specs do
+  sh "bundle exec bacon #{specs('**')}"
+end
+
+task :default => :specs
+

data/cocoapods-blocklist.gemspec

@@ -0,0 +1,23 @@
+lib = File.expand_path('lib', __dir__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'cocoapods-blocklist/gem_version.rb'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'cocoapods-blocklist'
+  spec.version       = CocoapodsBlocklist::VERSION
+  spec.authors       = ['David Grandinetti']
+  spec.email         = ['dbgrandi@verizonmedia.com']
+  spec.description   = 'Block pods from being used in your project.'
+  spec.summary       = 'A CocoaPods plugin used to check a project against a list of pods that you do not want included in your build. Security is the primary use, but keeping specific pods that have conflicting licenses is another possible use.'
+  spec.homepage      = 'https://github.com/yahoo/cocoapods-blocklist'
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ['lib']
+
+  spec.add_development_dependency 'bundler', '~> 1.3'
+  spec.add_development_dependency 'rake', '>= 12.3.3'
+
+end

data/lib/cocoapods-blocklist.rb

@@ -0,0 +1,5 @@
+#  Created by David Grandinetti 4/27/2015
+#  Copyright (c) 2015 Yahoo, Inc.
+#  Licensed under the terms of the MIT License. See LICENSE file in the project root.
+
+require 'cocoapods-blocklist/gem_version'

data/lib/cocoapods-blocklist/command/blocklist.rb

@@ -0,0 +1,81 @@
+#  Created by David Grandinetti 4/27/2015
+#  Copyright (c) 2015 Yahoo, Inc.
+#  Licensed under the terms of the MIT License. See LICENSE file in the project root.
+
+require 'json'
+require 'open-uri'
+
+module Pod
+  class Command
+    class Blocklist < Command
+      self.summary = 'Validate a project against a list of blocked pods.'
+
+      self.description = <<-DESC
+        Validate a project against a list of blocked pods. Requires a lockfile
+        and a config file (JSON).
+
+        example:
+        $ pod blocklist --config blocklist.json
+      DESC
+
+      self.arguments = [
+        CLAide::Argument.new('LOCKFILE', false),
+      ]
+
+      def self.options
+        [
+          ['--config=CONFIG', 'Config file or URL for the blocklist'],
+          ['--warn', 'Only warn about use of blocked pods'],
+        ].concat(super)
+      end
+
+      def initialize(argv)
+        @blocklist = argv.option('config')
+        @warn = argv.flag?('warn')
+        @lockfile_path = argv.shift_argument
+        super
+      end
+
+      def validate!
+        super
+
+        @lockfile = @lockfile_path ? Lockfile.from_file(Pathname(@lockfile_path)) : config.lockfile
+        help! 'A lockfile is needed.' unless lockfile
+        help! 'A blocklist file is needed.' unless @blocklist
+      end
+
+      def run
+        open(@blocklist) do |f|
+          @blocklist_file = JSON.parse(f.read)
+        end
+
+        warned = false
+        failed_pods = {}
+
+        @blocklist_file['pods'].each do |pod|
+          name = pod['name']
+          if lockfile.pod_names.include? name
+            version = Version.new(lockfile.version(name))
+            if Requirement.create(pod['versions']).satisfied_by?(version)
+              UI.puts "[!] Validation error: Use of #{name} #{version} for reason: #{pod['reason']}".yellow
+              failed_pods[name] = version
+              warned = true
+            end
+          end
+        end
+        if !warned
+          UI.puts "#{UI.path lockfile.defined_in_file.expand_path} passed blocklist validation".green
+        else
+          failed_pod_string = failed_pods.map { |name, version| "#{name} (#{version})"}.join(", ")
+          unless @warn
+            raise Informative.new("Failed blocklist validation due to use of #{failed_pod_string}")
+          end
+        end
+      end
+
+      private
+
+      attr_reader :lockfile
+    end
+  end
+end

data/lib/cocoapods-blocklist/gem_version.rb

@@ -0,0 +1,7 @@
+#  Created by David Grandinetti 4/27/2015
+#  Copyright (c) 2015 Yahoo, Inc.
+#  Licensed under the terms of the MIT License. See LICENSE file in the project root.
+
+module CocoapodsBlocklist
+  VERSION = "0.1.4"
+end

data/lib/cocoapods_plugin.rb

@@ -0,0 +1,5 @@
+#  Created by David Grandinetti 4/27/2015
+#  Copyright (c) 2015 Yahoo, Inc.
+#  Licensed under the terms of the MIT License. See LICENSE file in the project root.
+
+require 'cocoapods-blocklist/command/blocklist'

data/spec/command/blocklist_spec.rb

@@ -0,0 +1,95 @@
+#  Created by David Grandinetti 4/27/2015
+#  Copyright (c) 2015 Yahoo, Inc.
+#  Licensed under the terms of the MIT License. See LICENSE file in the project root.
+
+require File.expand_path('../../spec_helper', __FILE__)
+
+GOOD_LOCKFILE = './spec/fixtures/GoodPodfile.lock'
+BAD_LOCKFILE = './spec/fixtures/BadPodfile.lock'
+DOUBLE_BAD_LOCKFILE = './spec/fixtures/DoubleBadPodfile.lock'
+BLOCKLIST_FILE = './spec/fixtures/blocklist.json'
+BLOCKLIST_URL = 'http://example.com/blocklist.json'
+
+NON_EXIST_FILE = './spec/fixtures/doesnotexist'
+
+module Pod
+  describe Command::Blocklist do
+    describe 'In general' do
+      it 'registers itself' do
+        Command.parse(%w{ blocklist }).should.be.instance_of Command::Blocklist
+      end
+      
+      it 'defaults to show help' do
+        lambda { run_command('blocklist') }.should.raise CLAide::Help
+      end
+    end
+    
+    it 'validates Podfile.lock exists if not passed in' do
+      command = Command.parse(['blocklist', "--config=#{BLOCKLIST_FILE}"])
+      lambda { command.validate! }.should.raise CLAide::Help
+    end
+
+    it 'validates the lockfile exists if passed in' do
+      command = Command.parse(['blocklist', NON_EXIST_FILE, "--config=#{BLOCKLIST_FILE}"])
+      lambda { command.validate! }.should.raise CLAide::Help
+    end
+
+    describe 'running with required args' do
+      it 'allows valid pods with a local blocklist file' do
+        command = Command.parse(['blocklist', GOOD_LOCKFILE, "--config=#{BLOCKLIST_FILE}"])
+        lambda {
+          command.validate!
+          command.run
+        }.should.not.raise
+      end
+
+      it 'allows valid pods with a remote blocklist file' do
+        WebMock::API.stub_request(:get, "http://example.com/blocklist.json").
+          with(:headers => {'Accept'=>'*/*', 'Accept-Encoding'=>'gzip;q=1.0,deflate;q=0.6,identity;q=0.3', 'User-Agent'=>'Ruby'}).
+          to_return(:status => 200, :body => File.read(BLOCKLIST_FILE), :headers => {})
+        
+        command = Command.parse(['blocklist', GOOD_LOCKFILE, "--config=#{BLOCKLIST_URL}"])
+        lambda {
+          command.validate!
+          command.run
+        }.should.not.raise
+        UI.output.should.include "passed blocklist validation"
+      end
+      
+      describe 'having blocked pods' do
+        it 'disallows a blocked pod' do
+          command = Command.parse(['blocklist', BAD_LOCKFILE, "--config=#{BLOCKLIST_FILE}"])
+          exception = lambda {
+            command.validate!
+            command.run
+          }.should.raise Informative
+          exception.message.should.include "Failed blocklist validation due to use of BananaKit"
+          UI.output.should.include "Vulnerable to code injection with malformed BQL queries"
+        end
+        
+        it 'prints all blocked pods' do
+          command = Command.parse(['blocklist', DOUBLE_BAD_LOCKFILE, "--config=#{BLOCKLIST_FILE}"])
+          exception = lambda {
+            command.validate!
+            command.run
+          }.should.raise Informative
+          exception.message.should.include "Failed blocklist validation due to use of"
+          exception.message.should.include "BananaKit (3.4.7)"
+          exception.message.should.include "FooKit (1.2.2)"
+          UI.output.should.include "FooKit 1.2.2 did not check passwords on Thursdays"
+          UI.output.should.include "Vulnerable to code injection with malformed BQL queries"
+        end
+        
+        it 'warns about blocked pods when --warn is used' do
+          command = Command.parse(['blocklist', DOUBLE_BAD_LOCKFILE, "--config=#{BLOCKLIST_FILE}", "--warn"])
+          exception = lambda {
+            command.validate!
+            command.run
+          }.should.not.raise
+          UI.output.should.include "FooKit 1.2.2 did not check passwords on Thursdays"
+          UI.output.should.include "Vulnerable to code injection with malformed BQL queries"
+        end
+      end
+    end
+  end
+end

data/spec/fixtures/BadPodfile.lock

@@ -0,0 +1,10 @@
+PODS:
+  - BananaKit (3.4.7)
+
+DEPENDENCIES:
+  - BananaKit (~>3.4.0)
+
+SPEC CHECKSUMS:
+  BananaKit: 12148377a117d52b3ab1c61d164b65011d0c3eae
+
+COCOAPODS: 0.35.0

data/spec/fixtures/DoubleBadPodfile.lock

@@ -0,0 +1,13 @@
+PODS:
+  - BananaKit (3.4.7)
+  - FooKit (1.2.2)
+
+DEPENDENCIES:
+  - BananaKit (~>3.4.0)
+  - FooKit (~>1.2.0)
+
+SPEC CHECKSUMS:
+  BananaKit: 12148377a117d52b3ab1c61d164b65011d0c3eae
+  FooKit: 21239286b026e43a49c2b70e255a74102cfd2f9f
+
+COCOAPODS: 0.35.0

data/spec/fixtures/GoodPodfile.lock

@@ -0,0 +1,10 @@
+PODS:
+  - BananaKit (3.6.2)
+
+DEPENDENCIES:
+  - BananaKit (~>3.6.0)
+
+SPEC CHECKSUMS:
+  BananaKit: 12148377a117d52b3ab1c61d164b65011d0c3eae
+
+COCOAPODS: 0.35.0

data/spec/fixtures/blocklist.json

@@ -0,0 +1,14 @@
+{
+  "pods":[
+    {
+      "name":"FooKit",
+      "reason":"FooKit 1.2.2 did not check passwords on Thursdays",
+      "versions":"1.2.2"
+    },
+    {
+      "name":"BananaKit",
+      "reason":"Vulnerable to code injection with malformed BQL queries",
+      "versions": [">=3.4.2", "<3.6.0"]
+    }
+  ]
+}

data/spec/spec_helper.rb

@@ -0,0 +1,96 @@
+#  Created by David Grandinetti 4/27/2015
+#  Copyright (c) 2015 Yahoo, Inc.
+#  Licensed under the terms of the MIT License. See LICENSE file in the project root.
+
+require 'pathname'
+ROOT = Pathname.new(File.expand_path('../../', __FILE__))
+$:.unshift((ROOT + 'lib').to_s)
+$:.unshift((ROOT + 'spec').to_s)
+
+require 'bundler/setup'
+require 'bacon'
+require 'pretty_bacon'
+require 'cocoapods'
+
+require 'webmock'
+WebMock.enable!
+WebMock.disable_net_connect!
+
+require 'cocoapods_plugin'
+
+#-----------------------------------------------------------------------------#
+
+module Pod
+
+  # Disable the wrapping so the output is deterministic in the tests.
+  #
+  UI.disable_wrap = true
+
+  # Redirects the messages to an internal store.
+  #
+  module UI
+    @output = ''
+    @warnings = ''
+
+    class << self
+      attr_accessor :output
+      attr_accessor :warnings
+
+      def puts(message = '')
+        @output << "#{message}\n"
+      end
+
+      def warn(message = '', actions = [])
+        @warnings << "#{message}\n"
+      end
+
+      def print(message)
+        @output << message
+      end
+    end
+  end
+end
+
+module SpecHelper
+  module Command
+    def argv(*argv)
+      CLAide::ARGV.new(argv)
+    end
+
+    def command(*argv)
+      argv << '--no-ansi'
+      Pod::Command.parse(argv)
+    end
+
+    def run_command(*args)
+      Pod::UI.output = ''
+      # @todo Remove this once all cocoapods has
+      # been converted to use the UI.puts
+      config_silent = config.silent?
+      config.silent = false
+      cmd = command(*args)
+      cmd.validate!
+      cmd.run
+      config.silent = config_silent
+      Pod::UI.output
+    end
+  end
+end
+
+Bacon.summary_at_exit
+
+module Bacon
+  class Context
+    include Pod::Config::Mixin
+    # include SpecHelper::Fixture
+    include SpecHelper::Command
+
+    # def skip_xcodebuild?
+    #   ENV['SKIP_XCODEBUILD']
+    # end
+
+    def temporary_directory
+      SpecHelper.temporary_directory
+    end
+  end
+end

metadata

@@ -0,0 +1,98 @@
+--- !ruby/object:Gem::Specification
+name: cocoapods-blocklist
+version: !ruby/object:Gem::Version
+  version: 0.1.4
+platform: ruby
+authors:
+- David Grandinetti
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2020-06-12 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 12.3.3
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 12.3.3
+description: Block pods from being used in your project.
+email:
+- dbgrandi@verizonmedia.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".travis.yml"
+- CHANGELOG.md
+- Gemfile
+- Gemfile.lock
+- LICENSE
+- README.md
+- Rakefile
+- cocoapods-blocklist.gemspec
+- lib/cocoapods-blocklist.rb
+- lib/cocoapods-blocklist/command/blocklist.rb
+- lib/cocoapods-blocklist/gem_version.rb
+- lib/cocoapods_plugin.rb
+- spec/command/blocklist_spec.rb
+- spec/fixtures/BadPodfile.lock
+- spec/fixtures/DoubleBadPodfile.lock
+- spec/fixtures/GoodPodfile.lock
+- spec/fixtures/blocklist.json
+- spec/spec_helper.rb
+homepage: https://github.com/yahoo/cocoapods-blocklist
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.0.2
+signing_key: 
+specification_version: 4
+summary: A CocoaPods plugin used to check a project against a list of pods that you
+  do not want included in your build. Security is the primary use, but keeping specific
+  pods that have conflicting licenses is another possible use.
+test_files:
+- spec/command/blocklist_spec.rb
+- spec/fixtures/BadPodfile.lock
+- spec/fixtures/DoubleBadPodfile.lock
+- spec/fixtures/GoodPodfile.lock
+- spec/fixtures/blocklist.json
+- spec/spec_helper.rb