Dependency Networks of Open Source Libraries Available Through CocoaPods, Carthage and Swift PM

本数据集由塔尔图大学的Kristiina Rahkema和Dietmar Pfahl创建，专注于通过CocoaPods, Carthage和Swift PM管理的开源库的依赖网络。数据集包含60533个库，详细记录了这些库的版本、依赖关系以及公开报告的漏洞信息。创建过程中，研究者通过解析包管理器的清单文件和解决文件来收集依赖数据，并从NVD数据库中提取漏洞数据。该数据集主要用于分析iOS开发中的依赖网络演化，帮助开发者理解和减轻第三方库带来的风险，特别是通过分析漏洞如何在依赖网络中传播。

This dataset was created by Kristiina Rahkema and Dietmar Pfahl from the University of Tartu, focusing on the dependency networks of open-source libraries managed via CocoaPods, Carthage, and Swift PM. The dataset comprises 60,533 libraries, with detailed records of their versions, dependency relationships, and publicly reported vulnerability information. During its development, the researchers collected dependency data by parsing manifest and resolution files of package managers, and extracted vulnerability data from the NVD database. This dataset is primarily used to analyze the evolution of dependency networks in iOS development, helping developers understand and mitigate the risks posed by third-party libraries, particularly by examining how vulnerabilities propagate across dependency networks.