How to determine if a module depends on Foundation?

oftentimes when auditing a dependency candidate, i am interested in knowing if the dependency will link Foundation. (or any of the other “outer core” modules such as _Concurrency, RegexBuilder, etc.)

one rudimentary method of answering this question is to do a text search of the dependency’s source code for the string import\s+Foundation. but that’s a fairly inaccurate signal, for many reasons:

  • the candidate’s code might have written the Foundation import differently, for example, import struct Foundation.Data

  • the candidate’s code might transitively import something that imports Foundation

  • the candidate might not actually import Foundation, due to clever use of #if directives, which would produce a false positive even when the library’s author spent effort to make parts of the library available without linking Foundation.

is there a way to accurately detect if a target imports Foundation?

1 Like

For linking Foundation:

  • Maybe you can check the produced binary(.o / .framework) to see if there is a link to Foundation framework.

For exposing Foundation(May use internally but do not expose it):

  • Maybe you can build it to produce a swiftinterface file and check the import Foundation statement here

Also I think it may be inevitable to rely on/link to the Foundation library in some cases. Could you provide your usage or context here?

1 Like