Scanning an Xcode project (iOS projects only)

On macOS, the AppScan® Source for Development Eclipse plug-in provides an action that allows you to scan an iOS Xcode project. The action can also be used for scanning the Xcode projects that IBM® MobileFirst Platform creates in its ipad and iphone environments.

Before you begin

Note: The ability to import and scan an Xcode project is only available on macOS for AppScan Source version 9.0.3.10 and earlier. As of version 9.0.3.11, AppScan Source no longer supports macOS or iOS Xcode project scanning. See Capabilities and features no longer supported in AppScan Source version 9.0.3.11.
Important:

In order to scan Xcode projects that have dependencies, the project must be built a single time in Xcode in order to create the dependencies needed by the AppScan Source scanner. For example, if you have an IBM MobileFirst Platform-generated Xcode project, in order to scan the iPhone or iPad environment, or any Xcode project beneath one of those environments, you must build the project for the iOS device in Xcode. This can be accomplished from the command line by executing:

xcodebuild -project <project_dir_name>.xcodeproj -configuration Release

Where <project_dir_name> is the Xcode project path and filename.

If the Xcode project has not been built first, the following types of errors may appear during a scan:

01/11/14 07:33:03 - Scanning /Users/smith/MobileFirst_Apps/
  wl_newapps/BasicHybridApp/apps/HybridApp/iphone/native/
  Classes/CDVMainViewController.m (1 of 3)
01/11/14 07:33:05 - In file included from /Users/smith/MobileFirst_Apps/
  wl_newapps/BasicHybridApp/apps/HybridApp/iphone/native/Classes/
  CDVMainViewController.m:14:
In file included from /Users/smith/MobileFirst_Apps/wl_newapps/
  BasicHybridApp/apps/HybridApp/iphone/native/Classes/
  CDVMainViewController.h:15:
 /Users/smith/MobileFirst_Apps/wl_newapps/BasicHybridApp/apps/HybridApp/
  iphone/native/MobileFirstSDK/include/MainViewController.h:35:9: 
  fatal error: 'Cordova/CDVViewController.h' file not found
#import <Cordova/CDVViewController.h>

or

2/06/14 15:19:43 - Scanning /Users/smith/MobileFirst_Apps/
  xcodeapps/WLMarkupTest-1.0-iphone/Classes/
  CDVMainViewController.m (1 of 3)
02/06/14 15:19:45 - In file included from /Users/smith/MobileFirst_Apps/
  xcodeapps/WLMarkupTest-1.0-iphone/Classes/CDVMainViewController.m:14:
In file included from /Users/smith/MobileFirst_Apps/xcodeapps/
  WLMarkupTest-1.0-iphone/Classes/CDVMainViewController.h:15:
/Users/smith/MobileFirst_Apps/xcodeapps/WLMarkupTest-1.0-iphone/
  MobileFirstSDK/include/MainViewController.h:41:63: error: expected ':'
- (BOOL) execute:(CDVInvokedUrlCommand*)command CDV_DEPRECATED
  (2.2, "Use direct method calls instead, this is now a no-op");

Procedure

  1. Select Security Analysis > Scan > Scan Xcode Project from the main workbench menu.
  2. If have not already logged into the AppScan Enterprise Server, you may be prompted to do so.
  3. In the Open dialog box, navigate to and select the iOS Xcode project that you want to scan and then click Open.
  4. The scan begins and messages display in the Console.