Make ios_check_beta_deps use Podfile.lock #216
Description
What
The action ios_check_beta_deps seems to only check the Podfile for beta pods.
We should instead check the Podfile.lock for those, so that the action would also detect transitive dependencies, and not just root/direct pods.
Example
For example if we have pod 'WordPressAuthenticator', '~> 1.34.0' in our Podfile but don't have the pod WordPressKit (a transitive dependency of WordPressAuthenticator) explicitly listed in the Podfile, this transitive dependency can end up being resolved to a beta version anyway when WordPressAuthenticator's own dependencies are resolved, but the ios_check_beta_deps action won't catch that this transitive dependency is in beta and needs a new release.
How
The Podfile.lock is a valid YAML file, so it's pretty easy to parse it in ruby and extract the pods that ends up having been resolved with a *-beta version:
require 'yaml'
y = YAML.load_file('Podfile.lock')
pods_tree = y['PODS'] # An array containing a mix of `Hash<String, Array>` and `String` entries
resolved_pods = pods_tree.map do |p|
# If the entry is a Hash, it only has one key – "PodName (x.y.z)" whose value is that pod's transitive dependencies' constraints
return p.keys.first if p.is_a?(Hash)
# If the entry is a String, this is a "PodName (x.y.z)" that doesn't have any transitive dependencies
return p
end
beta_pods = resolved_pods.select { |p| p =~ /\(.*-beta\)/ } # filter to keep only the "PodName (x.y.z-beta)" entries