iOS Interview questions and answers Part3
25-What are the tools required to develop iOS applications and where can you test Apple iPhone apps if you don’t have the device?
- Mac/MacMini: It is necessary for us to get a Mac with the Intel-based processor running on Mac OS. Not to worry, if we have our own PC, we can still develop iOS apps through Mac Mini.
- Xcode: Xcode is the Apple IDE (Integrated Development Environment) that is used for both iOS apps and MAC OS. It provides us a visual layout editor and a code editor that can deal with the logic, user interface and response behind the scene.
- Swift Programming Language: In the code editor, the logic will be written in a programming language that is invented by Apple, called Swift.
- Apple Developer Program: This program allows the developer to push our app live on the App store so that the customers and downloaders all over the world can download our app and use it.
26-How do you manage dependencies?
Dependency management is an important task in every iOS project. This question gauges your understanding of the problem and its solution.A few years back, we didn’t have any dependency managers on iOS and had to copy-paste and drag-and-drop third-party code into our projects or to use Git sub-modules. Those approaches proved to be unmanageable as our codebase and dependencies grew.
These days we have other dependency managers to choose from: CocoaPods, Carthage, and Swift Package Manager.So far the most dominant and robust one is CocoaPods. I was built in the spirit of the Ruby Bundler gem and is a Ruby gem itself. The way it works is you install the gem, create Pod file in the root directory of your project, declare the pods (libraries) you want to use, and run pod install. That’s it.
With Carthage, you create a dependencies declaration file called Cartfile but unlike Cocoa pods you’d need to do Xcode project setup to make it work.Swift Package Manager is the future of dependency management for any Swift project but it only supports libraries and frameworks and cannot be used to generate iOS targets, although iOS targets can depend on modules built by SPM.The Swift Package Manager will help to vastly improve the Swift ecosystem, making Swift much easier to use and deploy on platforms without Xcode such as Linux. The Swift Package Manager also addresses the problem of dependency hell that can happen when using many interdependent libraries.The Swift Package Manager only supports using the master branch. Swift Package Manager now supports packages with Swift, C, C++ and Objective-C.
Every iOS developer should understand why copy-pasting third-party libraries into your codebase leads to a maintenance nightmare when several libraries could depend on two different versions of another library, causing mismatches and compile and runtime issues.
Many people starting with CocoaPods seem to think pod install is only used the first time you setup a project using CocoaPods and pod update is used afterwards. But that’s not the case at all.
- Use pod install to install new pods in your project. Even if you already have a Podfile and ran pod install before; so even if you are just adding/removing pods to a project already using CocoaPods.
- Use pod update [PODNAME] only when you want to update pods to a newer version.
This is to be used the first time you want to retrieve the pods for the project, but also every time you edit your Podfile to add, update or remove a pod.
- Every time the pod install command is run — and downloads and install new pods — it writes the version it has installed, for each pods, in the Podfile.lock file. This file keeps track of the installed version of each pod and locks those versions.
- When you run pod install, it only resolves dependencies for pods that are not already listed in the Podfile.lock.
- For pods listed in the Podfile.lock, it downloads the explicit version listed in the Podfile.lock without trying to check if a newer version is available
- For pods not listed in the Podfile.lock yet, it searches for the version that matches what is described in the Podfile (like in pod ‘MyPod’, ‘~>1.2’)
When you run pod outdated, CocoaPods will list all pods which have newer versions than the ones listed in the Podfile.lock (the versions currently installed for each pod). This means that if you run pod update PODNAME on those pods, they will be updated — as long as the new version still matches the restrictions like pod ‘MyPod’, ‘~>x.y’ set in your Podfile.
pod repo update
pod repo update [NAME]
Updates the local clone of the spec-repo NAME. If NAME is omitted this will update all spec-repos in /Users/dimitris/.cocoapods/repos.
27- Name the framework that is used to construct application’s user interface for iOS.
The UIKit framework is used to develop application’s user interface for iOS. UIKit framework provides event handling, drawing model, windows, views, and controls specifically designed for a touch screen interface.UIKit classes should be used only from an application’s main thread. Note: The derived classes of UIResponder and the classes which manipulate application’s user interface should be used from application’s main thread.The UIKit infrastructure takes care of delivering events to custom objects. As an app developer, you have to override methods in the appropriate objects to process those events.
28-Name a few Git commands and explain their usage?
Below are some basic Git commands:
git rm [file] : deletes the file from your working directory and stages the deletion
git log : list the version history for the current branch
git show [commit] : shows the metadata and content changes of the specified commit
git tag [commitID] : used to give tags to the specified commit
git checkout [branch name] : used to switch from one branch to another
git checkout -b [branch name] : creates a new branch and also switches to it
The following steps will resolve conflict in Git-
- Identify the files that have caused the conflict.
- Make the necessary changes in the files so that conflict does not arise again.
- Add these files by the command git add.
- Finally to commit the changed file using the command git commit
29- Which API is used to write test scripts that help in exercising the application’s user interface elements and Do you have TDD experience? How do you unit and UI test on iOS?
UI Automation API is used to automate test procedures. Tests scripts are written in JavaScript to the UI Automation API. This in turn simulates user interaction with the application and returns log information to the host computer.Even though, historically, the iOS community wasn’t big on TDD, it is now becoming more popular thanks to improvements in tooling and influence from other communities, such as Ruby, that embraced TDD a long time ago.TDD is a technique and a discipline where you write failing tests first before you write production code that makes them pass. The tests drive implementation and design of your production code, helping you write only the code necessary to pass the tests implementation, no more, no less. The discipline could be daunting at first and you don’t see payoff of that approach immediately, but if you stick to it, it helps you move faster in the long run. It is especially effective at helping you with refactoring and code changes because at any given time you have the safety net of your tests to tell you if something broke or if everything is still working fine as you change things.
Recently Apple made improvements to XCTest frameworks to make testing easier for us. They also made a lot of improvements with UI testing in Xcode (XCUITest), so now we have a nice programmatic interface to interact with our apps and query things we see on the screen. Alternatively you could go with frameworks like KIF, iOSSnapshotTestCase, EarlGrey.
In regards to unit testing, there are several options as well, but the two most popular ones are XCTest and Quick and Nimble.
XCTest is a xUnit like testing framework built by Apple. This is what they recommend to use, and it has the best integration with Xcode.
Quick is a Spec-like BDD framework that helps you describe your specs/tests in terms of behaviour rather than “tests.” Fans of Spec like it a lot.
Nimble is a matcher library that can be used with XCTest or Quick to assert expectations in your tests/specs.
More and more teams and companies embrace TDD, and it has become a vital part of the iOS development process. If you don’t want to be left behind, get on board with it and learn how to test-drive your code.
As testing becomes a more prominent and important practice in the iOS world, it’s important to know what you’re doing as you write your tests. Your test code is as important as your application code. This question gauges your understanding of testing terminology for objects used to aid in unit-testing.
There are various ways different people call and categorise test objects but most commonly test objects can be categorised in the following way: fakes, stubs, and mocks.
Fakes is the general umbrella term for any kind of mock, fake, stub, double, etc. On their own, they typically have no implementation and only fulfil the interface API requirements of the types they are substituting.
Stubs are fakes that do some meaningful work that’s necessary for the objects involved in a test to operate, but not used for anything more than that. They can’t be used in place of real production objects but can return stubbed values. They can’t be asserted on.
Mocks are fakes that can be asserted on. Mocks are used in place of other objects just like a fake, but they themselves record some data such as the number of method calls or variables passed for your test to assert on later.
Many developers make a mistake of calling any test object a mock, but there is a specific distinct nomenclature for test objects that indicates the purpose for each one. As a senior developer you’re not merely writing tests, you also should know how to maintain them as well as your application codebase.
30-SSL Pinning in iOS and how would you securely store private user data offline on a device? What other security best practices should be taken?
There are many popular options to perform SSL pining in iOS. These are- URLSession, AlamoFire, AFNetworking, TrustKit. We can implement Certificate pinning as well as public-key pining.
Why Do You Need SSL Certificate Pinning?
SSL pinning allows the application to only trust the valid or pre-defined certificate or Public Key. The application developer uses SSL pinning technique as an additional security layer for application traffic. As normally, the application trusts custom certificate and allows the application to intercept the traffic.
Restricting the set of trusted certificates through pinning prevents attackers from analysing the functionality of the app and the way it communicates with the server.
How SSL works?
- Client machine sends a connection request to server, server listens the request.
- Server gives response including public key and certificate.
- Client checks the certificate and sends a encrypted key to server.
- Server decrypt the key and sends encrypted data back to the client machine.
- Client receives and decrypt the encrypted data.
Types of SSL Pinning(What to Pin)?
- Pin the certificate: You can download the server’s certificate and put this in your app bundle. At runtime, the app compares the server’s certificate to the one you’ve embedded.
- Pin the public key: You can retrieve the certificate’s public key and include it in your code as a string. At runtime, the app compares the certificate’s public key to the one hard-coded hash string in your code.
Again there is no right answer to this, but it’s a great way to see how much a person has dug into iOS security. If you’re interviewing with a bank I’d almost definitely expect someone to know something about it, but all companies need to take security seriously, so here’s the ideal list of topics I’d expect to hear in an answer:
• If the data is extremely sensitive then it should never be stored offline on the device because all devices are crackable.
• The keychain is one option for storing data securely. However it’s encryption is based on the pin code of the device. User’s are not forced to set a pin, so in some situations the data may not even be encrypted. In addition the users pin code may be easily hacked.
• A better solution is to use something like SQLCipher which is a fully encrypted SQLite database. The encryption key can be enforced by the application and separate from the user’s pin code.
Other security best practices are:
• Only communicate with remote servers over SSL/HTTPS.
• If possible implement certificate pinning in the application to prevent man-in-the-middle attacks on public WiFi.
• Clear sensitive data out of memory by overwriting it.
• Ensure all validation of data being submitted is also run on the server side.
31-Codable Protocol with example
The new protocol introduced by Apple in Swift 4 provides built-in Encodable and Decodable features. It makes JSON parsing easier. It can convert itself into and out of an external representation.
Coding Keys with enum
We can modify our Codable key with custom string keys, but they should match your JSON response keys. Otherwise, you’ll get an error message.
JSONEncoder and JSONDecoder classes which can easily convert an object to encoded JSON representation.
struct employee:Codable
{
let name:String
let state:String
let zip:String
let area:String
private enum CodingKeys: String, CodingKey
{
case name
case state
case zip = “zip_code”
case area
}
}
let names=employee(name: “Apple”, state: “Tg”, zip: “500086”, area: “Suncity”)
let encoder=JSONEncoder()
if let jsondata=try? encoder.encode(names), let jsonString=String(data: jsondata, encoding: .utf8)
{
print(jsonString)
}
32-Why is JIRA used?
Atlasssian JIRA is basically an issue and project tracking tool which allows us to track any project related work by following a proper workflow.
Enlisted below are few reasons which determine the usage of JIRA:
- Able to track project progress from time to time.
- JIRA use-cases include project management, feature implementation, bug tracking, etc.
- Work-flow can be easily customised as per our requirement.
- Along with issue tracking, history of the work done on issues, when, what and by whom can also be tracked.
- JIRA is platform-independent and can run anywhere.
Workflow defines the series of steps or stages an issue/ bug goes through during its lifecycle from creation to the closing of the issue.
The workflow here includes the creation of an issue, a series of actions performed to fix the issue and the last step includes the closing or say completion of the issue after verification.
Refer the below diagram for better understanding:
33-Consider the following code:
let op1: Int = 1
let op2: UInt = 2
let op3: Double = 3.34
var result = op1 + op2 + op3
Where is the error and why? How can it be fixed?
Answer: Swift doesn’t define any implicit cast between data types, even if they are conceptually almost identical (like UInt and Int).
To fix the error, rather than casting, an explicit conversion is required. In the sample code, all expression operands must be converted to a common same type, which in this case is Double:
var result = Double(op1) + Double(op2) + op3When an app is said to be in not running state?
34.What is the use of SwiftLint in iOS?
SwiftLint is an open-source tool to enforce Swift style and convention. SwiftLint allows us to enforce code style rules and stick to it during the development of iOS apps.
You can integrate SwiftLint into the development process and show you how to set up in your local machine and Jenkins server to run the SwiftLint automatically.
35- What is Zendesk?
At its core, Zendesk is a customer support platform that lets you connect with customers on any channel.
Whether your customers want to connect by phone, chat, email, social media, or any other channel, Zendesk brings all your customer interactions to one easy to use platform to make it easy to keep track of all your support requests, answer questions quickly, and monitor customer service agent’s effectiveness.
Zendesk’s products are easy to set up and start using fast — most anything you’ll need to use feature-wise will work right out of the box.
And their platform offers all the customer relationship management (CRM) tools you need in an industry-leading cloud platform, so whether your a fast-growing startup or enterprise looking to improve your current standards, Zendesk can scale to meet your needs.
If your company has been struggling to keep up with your customer support demands (say, your first response times aren’t very good), you owe it to yourself and your company to take a look at Zendesk
Ticketing System:
Zendesk’s ticketing system does that incredibly well — acting like a shared inbox for all of your customer’s questions and concerns.
By bringing together requests from email, chat, Twitter, etc., they make it easy to keep track of customer issues and conversations to more quickly answer questions and solve problems.
36-What is Jenkins?
Jenkins is a free open source Continuous Integration tool and automation server to monitor continuous integration and delivery. It is written in Java.
It is known as an automated Continuous Delivery tool that helps to build and test the software system with easy integration of changes to the system. Jenkins follows Groovy Scripting.
Also, it enables developers to continuously check in their code and also analyse the post-build actions. The automation testers can use to run their tests as soon as the new code is added or code is modified.
Jenkins is used to continuously monitor the large code base in real-time. It enables developers to find bugs in their code and fix them. Email notifications are made to the developers regarding their check-ins as a post-build action.
Advantages of Jenkins are as follows:
- Build failures are cached during the integration stage.
- Notifies the developers about build report status using LDAP (Lightweight Directory Access Protocol) mail server.
- Maven release project is automated with simple steps.
- Easy bug tracking.
- Automatic changes get updated in the build report with notification.
- Supports Continuous Integration in agile development and test-driven development.
