---
title: "Private CocoaPods Repository - Manage Pods After Trunk Shutdown"
description: "CocoaPods trunk goes read-only in December 2026. Cloudsmith gives your team a private, fully-managed CocoaPods repository with governance policies, global edge delivery, and access controls to keep your iOS and macOS builds stable long-term."
canonical_url: "https://cloudsmith.com/product/formats/cocoapods-repository"
last_updated: "2026-05-06T20:38:15Z"
---
# Private CocoaPods Repository - Manage Pods After Trunk Shutdown

## Manage **CocoaPods** artifacts with confidence

CocoaPods is sunsetting. Its public trunk becomes permanently read-only in December 2026, but teams with existing iOS and macOS projects built on CocoaPods will need to manage, distribute, and govern those pods for years to come. Cloudsmith gives you a private, fully-managed CocoaPods repository so your artifacts stay accessible, controlled, and secure long after the public registry goes dark.

## Create a Private CocoaPods Repository

CocoaPods is the dependency manager for Swift and Objective-C which makes it easy to integrate external libraries in iOS and macOS projects. CocoaPods makes it easy for developers to use and share libraries, and work together effectively as a team. Cloudsmith is the best place to store, control and distribute your CocoPods repositories.

Universal format support

## **Manage CocoaPods artifacts for the long haul.** Cloudsmith gives your team a private, cloud-native home for every pod you depend on.

- Use CocoaPods + 30 other formats
- Store pods alongside Swift packages, containers, and other iOS/macOS build artifacts in one place
- Centrally manage your software supply chain as your teams migrate away from the public CocoaPods trunk

## How we support **CocoaPods**

Cloudsmith gives teams that still depend on CocoaPods a fully-managed private repository with the access controls, governance, and distribution speed they need to keep shipping.

[Read our CocoaPods documentation](https://docs.cloudsmith.com/formats/cocoapods-repository)

### Private CocoaPods repositories

Host your own Podspecs in a fully-managed private repository. Push and pull pods using the standard CocoaPods CLI with no changes to your toolchain.

### Global distribution with edge delivery

Cloudsmith delivers pods from 600+ edge points of presence worldwide, keeping build times low for distributed iOS and macOS teams regardless of location.

### Governance policies

Create and enforce policies that govern which pods are permitted in your repositories. Block specific versions, require specific metadata fields, or quarantine packages that do not meet your criteria before any team member installs them.

### Access control and authentication

Apply granular repository permissions with a zero-trust model. Integrate with SAML/SSO, OIDC, and SCIM to manage access at scale without manual credential rotation.

### Upstream proxying and caching

Proxy and cache the public CocoaPods CDN through Cloudsmith so your builds are insulated from upstream outages or the eventual public trunk shutdown.

## Why teams choose Cloudsmith for **CocoaPods**

The public CocoaPods trunk is going away. Teams that stay on scattered workarounds face build fragility and compliance gaps. Cloudsmith gives you a controlled, private registry that works with your existing tooling today and stays reliable long after December 2026.

| Without Cloudsmith | With Cloudsmith |

| --- | --- |

| Teams rely on the public CocoaPods trunk, which is entering read-only mode in December 2026. Any pod that is not vendored or mirrored privately becomes inaccessible for updates, leaving builds fragile and teams unable to respond quickly to issues. | Cloudsmith proxies and caches the public CocoaPods CDN so existing builds continue without interruption. Your private pods are stored securely in Cloudsmith and remain fully accessible regardless of what happens to the public trunk. |

| There is no standard way to enforce which pod versions developers install. Any version in the public registry can be pulled into a build, creating inconsistency and making it impossible to block problematic or unapproved releases across teams. | Cloudsmith policy rules let you block specific pod versions, require defined metadata fields, and quarantine packages that fail your criteria before any team member installs them. Governance is enforced at the registry level, not left to individual developers. |

| Distributed iOS and macOS teams hit slow pod install times because they are resolving dependencies directly from the public CDN. Teams in different regions experience inconsistent build performance with no way to improve or control latency. | Cloudsmith's 600+ edge points of presence deliver pods from the closest location to each developer and CI runner. Build times are consistent and fast for every team, wherever they are located. |

## Signs you're ready to switch to Cloudsmith for **CocoaPods**

If your team still depends on CocoaPods, the clock is ticking. Here are the signals that it is time to put a proper private registry in place.

[Book a demo with one of our experts](/book-a-demo)

### The public trunk shutdown is approaching

CocoaPods trunk becomes permanently read-only in December 2026. Teams without a private mirror or proxy in place will face broken builds and no path to update pods when that switch happens.

### No control over which pod versions get installed

If developers can pull any version from the public registry, you have no enforcement layer. Cloudsmith policies let you block unapproved versions and quarantine non-compliant packages before they reach any build.

### Slow pod installs are hurting build times

Resolving pods directly from the public CDN introduces latency that compounds across large teams and frequent CI runs. Cloudsmith caches dependencies close to your teams and runners so installs are fast and consistent.

### Internal pods have no secure home

Storing proprietary pods in version control or ad-hoc file shares is not a registry. Cloudsmith gives your private pods a proper home with access control, audit logs, and reliable distribution built in.

### Your iOS stack is growing beyond CocoaPods

Teams migrating toward Swift Package Manager, or running React Native or Flutter alongside native code, need to manage multiple artifact types. Cloudsmith handles all of them in a single platform so you are not maintaining separate registries as your stack evolves.

## Get started with **CocoaPods** on Cloudsmith

[Book a demo](/book-a-demo)

[View pricing](/pricing)

## Frequently asked questions

### Is CocoaPods end of life?

CocoaPods is entering retirement. The project has been in maintenance mode since August 2024, and the public trunk registry is scheduled to become permanently read-only on December 2, 2026. Existing projects will continue to work as long as GitHub and jsDelivr remain operational, but no new or updated pods can be published after that date. Teams should plan their private registry and migration strategy now.

### Can I still use CocoaPods after the trunk goes read-only?

Yes. Existing builds that resolve pods from GitHub or the CDN will continue to work after December 2, 2026. However, you will not be able to publish new versions or update existing pods on the public trunk. A private registry like Cloudsmith lets you mirror your dependencies and host internal pods so your builds remain stable and under your control.

### How do I set up a private CocoaPods repository with Cloudsmith?

Cloudsmith provides native CocoaPods support. You create a repository, configure your Podfile to point at your Cloudsmith source, and push pods using the standard CocoaPods CLI. Cloudsmith's documentation walks through authentication setup, pushing Podspecs, and configuring your Podfile in detail.

### How does Cloudsmith help me manage the CocoaPods trunk shutdown?

Cloudsmith can proxy and cache the public CocoaPods CDN so your builds are insulated from any disruption to the upstream registry. You can also mirror specific pods into your private Cloudsmith repository to ensure they remain available permanently. This gives you a controlled, auditable copy of your dependencies that does not rely on third-party availability.

### Does Cloudsmith support vulnerability scanning for CocoaPods?

Cloudsmith does not currently provide vulnerability scanning for CocoaPods packages. However, you can use Cloudsmith's governance policy engine to control exactly which pods and versions are permitted in your repositories. You can block specific versions, require defined metadata fields, and quarantine packages that do not meet your criteria before any team member installs them.

### How does Cloudsmith handle access control for my CocoaPods repository?

Cloudsmith uses a zero-trust permission model. You can create public or private repositories and assign granular access rights to teams and individuals. SAML/SSO, OIDC, and SCIM integrations let you manage access through your existing identity provider, and every push and pull is captured in a full audit log.

### Can I store CocoaPods alongside other formats in the same Cloudsmith account?

Yes. Cloudsmith supports more than 30 package formats including Swift Package Manager, Docker, npm, PyPI, and many others. You can manage CocoaPods, containers, and any other artifact types your team uses under a single account, with consistent access controls and policy enforcement across all of them.

### How do Cloudsmith governance policies work for CocoaPods?

Cloudsmith's policy engine lets you define rules that run at the repository level. For CocoaPods you can block specific pod versions from being installed, require that Podspecs include defined metadata fields, or quarantine incoming packages for review before they are available to any team member. Policies are enforced automatically at the registry level.

### How does Cloudsmith perform for global iOS and macOS teams?

Cloudsmith routes artifact delivery through 600+ edge points of presence worldwide. Pods are served from the closest available location to each developer or CI runner, keeping pod install times fast and consistent for teams regardless of their geography.

### Can I migrate to Cloudsmith if we are also moving from CocoaPods to Swift Package Manager?

Yes, Cloudsmith is well suited for teams in transition. You can host CocoaPods and Swift Package Manager packages side by side in Cloudsmith, giving you a stable private registry throughout the migration. As your team moves pods to SPM, both artifact types remain accessible from the same platform with the same access controls and governance policies applied.
