Spoiler: This is a plug for my cocoapods plugin cocoapods-user-defined-build-types.

By default, Cocoapods compiles dependencies (pods) as static libraries (with any bundle resources being copied to the main app).

React Native’s native iOS dependencies are compiled as static libraries and many react-native node modules are only ever compiled and tested as static libraries. When trying to incorporate a dynamic framework (which Swift dependencies are often bundled as), compilation problems often ensue.


If you don’t yet understand the difference between static libraries, static frameworks, dynamic libraries, and dynamic frameworks, I suggest you read this article. …

I’ve recently been creating components with more and more animation logic, primarily using React Native’s Animated library. When it comes to testing the component’s functionality, working around Animated timings and callbacks can be tricky.

We want to avoid async tests that wait for animations to complete to assert callback effects. In this brief article, we’ll look at how we can configure jest to allow us to validate Animated effects without any asynchronous actions.

Mocking Animated can work in some cases, but I’ve found implementing methods to time travel within a test to be faster and more deterministic.

Jest Configuration

First, if your…

FileVault was introduced in Mac OS X 10.3, supplying disk encryption to Mac volumes. Each user on the machine can have a separate FileVault password, encrypting their personal data on-the-fly.

macOS stores shadow password files containing shadow hashes of current and previous FileVault passwords for each user. These files can be viewed by a sudo user at/var/db/dslocal/nodes/Default/users/<$USER>.plist .

Checking against shadow password files

These plists contain a lot of great info, including the hashed FileVault passwords. These hashed passwords were SHA512 hashed using PBKDF2 and HMAC as the pseudorandom function. The salt used is also located in the user’s plist.

Using the data in the…

Article #1 in my Mobile Security series

Jailbroken devices have greater access to the operating system and your app. Under a jailbreak, a 3rd party app or attacker may be able to access your app’s binary and sandbox, accessing files or even patching your binary with custom execution code.

There are many forms of jailbreak detection and protection your app can implement. From searching for Cydia references to additional checks on the iOS Mach-O binary to prevent code injection.

In this article we’ll focus on debugger rejection. App Store apps are normally signed with entitlements preventing debugger attachment. However, jailbroken…

Emulating UIKits to make our custom views feel more native

UIKit — Simplistic, powerful, animatable

Creating native-feeling APIs for your code doesn’t need to be difficult. Today, we’ll be taking a page from Apple’s book, designing a UIControl that we could expect to find in UIKit.

Just as you can animate backgroundColor on a UIView, or progress on a UIProgressView, we’ll be creating custom, animatable properties on our view that can be animated in any animation context.

Emulating UIKit

Animations are something Apple has done notoriously well. Many of us have interfaced with these APIs — CABasicAnimation, UIKit.animate, and keyframe animations, just to name a few (all of which use Core Animation under the hood).

Core Graphics

This snippet is a more detailed explanation for the use of @NSManaged with CoreAnimation properties which didn’t make the cut into:

What’s up with @NSManaged? (CoreAnimation properties in Swift)

To have a property be compatible with CoreAnimation we need the property to not be synthesized. Normally, we would use Objective-C’s @dynamic annotation to accomplish this. However, the @dynamic annotation in Objective-C and thedynamic keyword in Swift are not equivalent. In Objective-C, @dynamic prevents the compiler from synthesizing a property, while dynamic in Swift says to always use dynamic dispatch for a particular property. (Nitin George has a good explanation of dynamic dispatch in his medium post.)

When using…

Hashes and Dashes of Code.

There are little to no tutorials out there outlining how to get started with OpenSSL for macOS and iOS applications without the use of external solutions such as Cocoapods. Here I’m going to focus on how you can include OpenSSL into your project without external build systems. I will be outlining how to build and link for a macOS target, but iOS is very similar.

Tid-Bits of Knowhow

OpenSSL was first released in 1998 under the premise to create a free set of encryption tools for code used on the internet. …

Protocols + #keyPath + Computed Properties = Powerful User Settings 💪

Keeping your application settings in sync, persisting, and assigning default values can become messy. UserDefaults is a great way to store non-sensitive application settings. However, due to its nature as a key-value structure, we need to resort to using strings to store our data.


This is a problem waiting to happen. A simple misspelling can cause us to access an invalid value, or fail to properly update a value.

Making UserDefaults Safer 👷

Swift 3 and above comes equipped with the wonderful #keyPath() expression. …

Oct 18, 2019 Update: You can now find a complete solution including an example app at https://github.com/joncardasis/FontFit.

Updated: May 26, 2018

Creating a great user experience lies in making every interaction feel nature and intended to the user. In a recent project, to make interactions feel more catered, I needed a UILabel to have it’s text scale to fit its bounds to the best extent that it can.

And so began my challenge.

There isn’t a simple cut-and-dry answer for this problem. Many developers run a while loop and keep upsizing the font size until it has the…

Enterprise proxies. They are a pain and in a development setting in most large companies they are a fact of life.

Proxy servers, for those not aware, are servers which sit usually in the company datacenter and all network traffic should pass through it to gain access to public internet. The purpose of this is that any connections going outbound or inbound to/from your machine must pass through the proxy and thus can be secured.

Credit: https://en.wikipedia.org/wiki/Proxy_server

Should Facebook be blocked? Block it at the proxy level. Need to allow ssh access only to GitHub but not to other external machines? …

Jonathan Cardasis

Senior Mobile Engineer @ FormHealth with more than 7 years of experience in iOS/Android/React Native | jonathancardasis.com

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store