TikTok - Third Party Libraries
TikTok officially uses open source projects in its iOS application. There is nothing wrong with this, and TikTok does it quite fairly. This article list the main Open source projects use in the Official TikTok App.
At AppScan, we are very curious by nature, and the TikTok application was a small challenge that allowed us to improve our library detection tool even more.
Why is it important to increase our knowledge about libraries?
- To allow developers to discover libraries
- To help them make better choices
- To warn if risks are present
How AppScan detects the Third Party Libraries
Scanning the list of Frameworks
Discovering the list of third-party libraries used in a compiled iOS application can be more challenging than inspecting the app’s project files directly. One of the first approach is to review the list of dynamic frameworks included in the App.
Readding Info.plist hints
Check the app’s Info.plist file: The Info.plist file is a property list file that contains various metadata about the app. It may include information about the third-party libraries that are being used. Look for any keys or values that reference third-party libraries, or any URLs that may indicate the use of an external library or service.
Enumerating the Bundle resources
Check the app’s specific resources in the App bundle. So resources are really specifics to some Open Source library.
Analyzing Executable Binary Hints
Review classes & methods called by the App. Some classes, some methods, some things are really specifics to some Open Source library.
Readding Legal Acknowledgements
To summarize, when we use projects that we distribute, we must comply with the rules specific to each license of each library.
In general, apps use libraries with permissive licenses such as BSD (Berkeley Software Distribution), MIT, Apache 2.
A permissive license is simple and is the most basic type of open source license: It allows you to do whatever you want with the software as long as you abide by the notice requirements. Permissive licenses provide the software as-is, with no warranties. So permissive licenses can be summarized as follows:
- Do whatever you want with the code
- Use at your own risk
- Acknowledge the author/contributor TikTok declared Open Source Projects
TikTok iOS Third Party Libraries
- DZNEmptyDataSet (by Ignacio Romero Zurbuchen )
- HMSegmentedControl (by Hesham Abd-Elmegid)
- MXPagerView (by Maxime Epain)
- MXSegmentedPager (by Maxime Epain)
- KVOController (by Facebook)
- Aspects (by Peter Steinberger)
- FBSDKMessengerShareKit (by Facebook)
- GTMAppAuth (by Google)
- GTMSessionFetcher (by Google)
- GoogleAPIClientForREST (by Google)
- SAMKeychain (by Sam Soffes)
- libextobjc (by Justin Spahr-Summers)
Do you want to check any Apps?
AppScan is an essential solution for anyone who is serious about developing secure, high-quality iOS apps. With its advanced scanning capabilities, comprehensive reports, and easy-to-use interface, AppScan is the ideal choice for developers who want to ensure that their apps are secure and reliable.Scan your Apps