apidepth 0.2.0

data/lib/apidepth/net_http_instrumentation.rb

@@ -0,0 +1,117 @@
+# lib/apidepth/net_http_instrumentation.rb
+
+module Apidepth
+  module NetHTTPInstrumentation
+    def request(req, body = nil, &block)
+      # Early exits — evaluated in order of cheapness:
+      # 1. Recursion guard: we're inside our own collector flush
+      # 2. SDK disabled entirely
+      # 3. Host is on the customer's ignore list
+      # 4. Sample rate: probabilistically skip events
+      return super if Thread.current[:apidepth_skip]
+      return super unless Apidepth.configuration.enabled
+      return super if Apidepth.configuration.ignored_hosts.include?(address)
+      return super unless sampled?
+
+      # Snapshot connection state BEFORE calling super.
+      # started? returns true if a keep-alive connection is already open.
+      # cold_start events pay for DNS + SSL — that latency belongs to the
+      # customer's infrastructure, not the vendor. Tag it so the collector
+      # can exclude cold-start events from latency percentile calculations.
+      cold_start = !started?
+
+      start = Process.clock_gettime(Process::CLOCK_MONOTONIC)
+
+      begin
+        response    = super
+        duration_ms = elapsed_ms(start)
+        record_event(req, response, duration_ms, cold_start: cold_start)
+        response
+      rescue Net::OpenTimeout, Net::ReadTimeout => e
+        # Timeouts are the leading indicator of vendor degradation — they
+        # appear before the vendor acknowledges an incident. We record them
+        # and always re-raise so the customer's error handling is unaffected.
+        duration_ms = elapsed_ms(start)
+        record_timeout(req, duration_ms, e.class.name, cold_start: cold_start)
+        raise
+      end
+    end
+
+    private
+
+    def elapsed_ms(start)
+      ((Process.clock_gettime(Process::CLOCK_MONOTONIC) - start) * 1000).round
+    end
+
+    # Environment is set once at Railtie boot (or by the customer in configure).
+    # Reading it here is a single attr_accessor access — no method dispatch,
+    # no defined?() check, no Rails.env call on every outbound HTTP request.
+    def resolve_env
+      Apidepth.configuration.environment || "unknown"
+    end
+
+    # Probabilistic sampling. At sample_rate 1.0 (default), always returns true.
+    # At 0.5, roughly half of events are captured. At 0.0, nothing is captured.
+    # The comparison is cheap — the rand call only happens when rate < 1.0.
+    def sampled?
+      rate = Apidepth.configuration.sample_rate
+      rate >= 1.0 || rand < rate
+    end
+
+    def record_event(req, response, duration_ms, cold_start:)
+      vendor, normalized_path = Apidepth::VendorRegistry.identify(address, req.path)
+      return unless vendor
+
+      status  = response.code.to_i
+      outcome = case status
+                when 200..299 then :success
+                when 400..499 then :client_error
+                when 500..599 then :server_error
+                else               :unknown
+                end
+
+      now_ms = Process.clock_gettime(Process::CLOCK_REALTIME, :millisecond)
+      rl = Apidepth::RateLimitHeaders.extract(response, now_ms)
+
+      Apidepth::Collector.instance.record(
+        Apidepth::Event.build(
+          {
+            vendor: vendor,
+            endpoint: normalized_path,
+            method: req.method,
+            status: status,
+            outcome: outcome,
+            duration_ms: duration_ms,
+            cold_start: cold_start,
+            env: resolve_env,
+            ts: now_ms
+          }.merge(rl || {})
+        )
+      )
+    rescue StandardError
+      nil
+    end
+
+    def record_timeout(req, duration_ms, error_class, cold_start:)
+      vendor, normalized_path = Apidepth::VendorRegistry.identify(address, req.path)
+      return unless vendor
+
+      Apidepth::Collector.instance.record(
+        Apidepth::Event.build(
+          vendor: vendor,
+          endpoint: normalized_path,
+          method: req.method,
+          status: nil,
+          outcome: :timeout,
+          error_class: error_class,
+          duration_ms: duration_ms,
+          cold_start: cold_start,
+          env: resolve_env,
+          ts: Process.clock_gettime(Process::CLOCK_REALTIME, :millisecond)
+        )
+      )
+    rescue StandardError
+      nil
+    end
+  end
+end

data/lib/apidepth/railtie.rb

@@ -0,0 +1,83 @@
+# lib/apidepth/railtie.rb
+
+module Apidepth
+  class Railtie < Rails::Railtie
+    # -------------------------------------------------------------------------
+    # 1. Validate config early — loud warning beats silent 401s at flush time
+    # -------------------------------------------------------------------------
+    initializer "apidepth.validate_config", after: :load_config_initializers do
+      if Apidepth.configuration.api_key.nil?
+        Rails.logger.warn(
+          "[Apidepth] No api_key configured — events will not be delivered. " \
+          "Add `config.api_key = ENV['APIDEPTH_API_KEY']` to config/initializers/apidepth.rb"
+        )
+      end
+    end
+
+    # -------------------------------------------------------------------------
+    # 2. Instrument Net::HTTP and load the remote vendor registry.
+    #    Runs after all initializers so any gem that reopens Net::HTTP is settled.
+    # -------------------------------------------------------------------------
+    initializer "apidepth.instrument", after: :load_config_initializers do
+      Apidepth.logger = Rails.logger
+
+      # Freeze environment once so NetHTTPInstrumentation#resolve_env is a
+      # single attr_accessor read rather than a defined?/Rails.env call on
+      # every outbound HTTP request.
+      Apidepth.configuration.environment ||= Rails.env.to_s
+
+      Net::HTTP.prepend(Apidepth::NetHTTPInstrumentation)
+      Apidepth::VendorRegistry.load_extra_vendors(Apidepth.configuration.extra_vendors)
+      Apidepth::RegistryLoader.load_and_start
+
+      if Rails.env.development?
+        Rails.logger.debug(
+          "[Apidepth] Instrumentation active — " \
+          "registry=#{Apidepth::VendorRegistry.version} " \
+          "vendors=#{Apidepth::VendorRegistry.vendor_count}"
+        )
+      end
+    end
+
+    # -------------------------------------------------------------------------
+    # 3. Flush queue on graceful shutdown.
+    #    at_exit fires on SIGTERM → graceful Puma/Unicorn shutdown.
+    #    flush! rescues internally so a network error at shutdown is not fatal.
+    # -------------------------------------------------------------------------
+    config.after_initialize do
+      at_exit { Apidepth::Collector.instance.flush! }
+    end
+
+    # -------------------------------------------------------------------------
+    # 4. Fork safety for Puma cluster mode / Spring.
+    #
+    #    after_fork: reset the Collector singleton so each worker gets a fresh
+    #    instance with its own flush thread. The master's flush thread is not
+    #    copied by fork() — without reset!, the worker's first call to
+    #    Collector.instance returns the master's stale object with no thread.
+    #
+    #    before_fork: NOT handled here — no clean Rails API exists for it.
+    #    Add this to config/puma.rb to flush the master's queue before forking:
+    #
+    #      before_fork { Apidepth::Collector.instance.flush! }
+    #
+    #    ActiveSupport::ForkTracker is available in Rails 7.1+.
+    # -------------------------------------------------------------------------
+    config.after_initialize do
+      if defined?(ActiveSupport::ForkTracker)
+        ActiveSupport::ForkTracker.after_fork { Apidepth::Collector.reset! }
+      elsif defined?(Puma)
+        # ActiveSupport::ForkTracker requires Rails 7.1+. Without it, forked
+        # Puma workers inherit the master's stale Collector singleton with no
+        # flush thread. Events recorded in workers will never be sent.
+        # Upgrade to Rails 7.1+ or add to config/puma.rb:
+        #   on_worker_boot { Apidepth::Collector.reset! }
+        Rails.logger.warn(
+          "[Apidepth] Puma detected but ActiveSupport::ForkTracker is unavailable " \
+          "(requires Rails 7.1+). Workers in cluster mode will not flush events. " \
+          "Add `on_worker_boot { Apidepth::Collector.reset! }` to config/puma.rb"
+        )
+      end
+    end
+  end
+end

data/lib/apidepth/rate_limit_headers.rb

@@ -0,0 +1,133 @@
+# lib/apidepth/rate_limit_headers.rb
+#
+# Extracts rate limit quota state from HTTP response headers and normalises
+# them into three canonical fields:
+#
+#   rl_remaining  — requests left in the current window (integer)
+#   rl_limit      — total quota for the window (integer)
+#   rl_reset_at   — when the window resets, as epoch milliseconds (integer)
+#
+# Returns nil when no recognised headers are present so the caller can omit
+# the fields from the event rather than sending nulls for every request.
+#
+# WHY in the SDK rather than the collector?
+# Headers are only visible at the HTTP call site. By the time the event
+# reaches the collector, only the status code and duration are known.
+# Header extraction must happen here, inline with instrumentation.
+#
+# Header coverage (checked in priority order per field):
+#
+#   OpenAI / Anthropic:
+#     x-ratelimit-remaining-requests, x-ratelimit-limit-requests
+#     x-ratelimit-reset-requests  (OpenAI duration format: "1s", "20ms", "1m30s")
+#
+#   GitHub:
+#     x-ratelimit-remaining, x-ratelimit-limit
+#     x-ratelimit-reset  (Unix timestamp seconds)
+#
+#   IETF RateLimit draft / HubSpot / Fastly / others:
+#     ratelimit-remaining, ratelimit-limit, ratelimit-reset
+#
+#   Stripe / generic 429 fallback:
+#     retry-after  (seconds from now; only meaningful on 429 responses)
+
+module Apidepth
+  module RateLimitHeaders
+    # Ordered header names per field — first match wins.
+    REMAINING_HEADERS = %w[
+      x-ratelimit-remaining-requests
+      x-ratelimit-remaining
+      ratelimit-remaining
+    ].freeze
+
+    LIMIT_HEADERS = %w[
+      x-ratelimit-limit-requests
+      x-ratelimit-limit
+      ratelimit-limit
+    ].freeze
+
+    RESET_HEADERS = %w[
+      x-ratelimit-reset-requests
+      x-ratelimit-reset
+      ratelimit-reset
+      retry-after
+    ].freeze
+
+    # Extract rate limit fields from a Net::HTTP::Response.
+    # Returns a Hash with :rl_remaining, :rl_limit, :rl_reset_at keys,
+    # or nil if none of the recognised headers are present.
+    def self.extract(response, now_ms)
+      remaining = find_integer(response, REMAINING_HEADERS)
+      limit     = find_integer(response, LIMIT_HEADERS)
+      reset_at  = find_reset_ms(response, RESET_HEADERS, now_ms)
+
+      return nil if remaining.nil? && limit.nil? && reset_at.nil?
+
+      { rl_remaining: remaining, rl_limit: limit, rl_reset_at: reset_at }.compact
+    end
+
+    # --- private helpers ---
+
+    def self.find_integer(response, headers)
+      headers.each do |name|
+        val = response[name]
+        next unless val
+
+        n = val.strip.to_i
+        return n if n >= 0
+      end
+      nil
+    end
+    private_class_method :find_integer
+
+    def self.find_reset_ms(response, headers, now_ms)
+      headers.each do |name|
+        val = response[name]
+        next unless val
+
+        ms = normalize_reset_ms(val.strip, now_ms)
+        return ms if ms
+      end
+      nil
+    end
+    private_class_method :find_reset_ms
+
+    # Normalise a rate limit reset value to epoch milliseconds.
+    #
+    # Handles three formats:
+    #   Unix timestamp  — integer > 1_000_000_000 (e.g. "1716000000")
+    #   Seconds-from-now — small integer (e.g. "30" from Retry-After)
+    #   OpenAI duration — string like "1s", "20ms", "1m30s", "2h"
+    def self.normalize_reset_ms(str, now_ms)
+      # Pure numeric
+      if str.match?(/\A\d+(?:\.\d+)?\z/)
+        n = str.to_f
+        return n >= 1_000_000_000 ? (n * 1_000).to_i : now_ms + (n * 1_000).to_i
+      end
+
+      # Duration string (OpenAI / Anthropic style)
+      duration_ms = parse_duration_ms(str)
+      duration_ms ? now_ms + duration_ms : nil
+    end
+    private_class_method :normalize_reset_ms
+
+    # Parse an OpenAI-style duration string to milliseconds.
+    # Handles: "1s" => 1000, "20ms" => 20, "1m30s" => 90000, "2h" => 7200000
+    def self.parse_duration_ms(str)
+      total = 0
+      found = false
+      str.scan(/(\d+(?:\.\d+)?)(h|m(?!s)|s|ms)/) do |val, unit|
+        found = true
+        total += case unit
+                 when "h"  then (val.to_f * 3_600_000).to_i
+                 when "m"  then (val.to_f * 60_000).to_i
+                 when "s"  then (val.to_f * 1_000).to_i
+                 when "ms" then val.to_f.to_i
+                 else 0
+                 end
+      end
+      found && total.positive? ? total : nil
+    end
+    private_class_method :parse_duration_ms
+  end
+end

data/lib/apidepth/registry_loader.rb

@@ -0,0 +1,120 @@
+# lib/apidepth/registry_loader.rb
+
+require "net/http"
+require "json"
+require "uri"
+
+module Apidepth
+  class RegistryLoader
+    REGISTRY_URL = "https://collector.apidepth.io/v1/registry".freeze
+
+    # Called by the Railtie after_initialize. Loads the best available
+    # registry (remote → disk cache → bundled baseline already loaded by
+    # VendorRegistry.initialize_registry) and starts the background
+    # refresh thread.
+    def self.load_and_start
+      registry = fetch_remote || load_from_disk
+      VendorRegistry.replace(registry) if registry
+      start_refresh_thread
+    end
+
+    private
+
+    def self.start_refresh_thread
+      Thread.new do
+        loop do
+          sleep Apidepth.configuration.registry_refresh_interval
+          registry = fetch_remote
+          VendorRegistry.replace(registry) if registry
+        end
+      end.tap do |t|
+        t.abort_on_exception = false
+        t.name = "apidepth-registry"
+      end
+    end
+
+    def self.fetch_remote
+      Thread.current[:apidepth_skip] = true
+
+      http = nil
+      uri  = URI(REGISTRY_URL)
+      http = Net::HTTP.new(uri.host, uri.port)
+      http.use_ssl      = true
+      http.verify_mode  = OpenSSL::SSL::VERIFY_PEER
+      http.open_timeout = 3
+      http.read_timeout = 5
+
+      res = http.get(uri.path, "Authorization" => "Bearer #{Apidepth.configuration.api_key}")
+      return nil unless res.code.to_i == 200
+
+      # Ceiling on response size before parsing — a legitimate registry is ~10KB.
+      # Parsing an unbounded body could consume significant memory if the endpoint
+      # is compromised or misconfigured.
+      if res.body.bytesize > 512_000
+        Apidepth.logger&.warn("[Apidepth] Registry response too large (#{res.body.bytesize} bytes) — skipping")
+        return nil
+      end
+
+      registry = JSON.parse(res.body)
+
+      # Warm the disk cache so the next cold-start skips the network fetch.
+      begin
+        validate_cache_path!(Apidepth.configuration.registry_cache_path)
+        File.write(Apidepth.configuration.registry_cache_path, res.body)
+      rescue ArgumentError => e
+        Apidepth.logger&.warn("[Apidepth] Invalid registry_cache_path: #{e.message}")
+      rescue StandardError => e
+        Apidepth.logger&.warn("[Apidepth] Could not write registry cache: #{Apidepth.sanitize_log(e.message)}")
+      end
+
+      registry
+    rescue StandardError
+      nil
+    ensure
+      begin
+        http&.finish
+      rescue StandardError
+        nil
+      end
+      Thread.current[:apidepth_skip] = false
+    end
+
+    def self.load_from_disk
+      path = Apidepth.configuration.registry_cache_path
+
+      validate_cache_path!(path)
+      return nil unless File.exist?(path)
+
+      JSON.parse(File.read(path))
+    rescue ArgumentError => e
+      Apidepth.logger&.warn("[Apidepth] Invalid registry_cache_path: #{e.message}")
+      nil
+    rescue StandardError => e
+      Apidepth.logger&.warn("[Apidepth] Could not read registry cache: #{Apidepth.sanitize_log(e.message)}")
+      nil
+    end
+
+    # Validates the cache path before any file operation.
+    #
+    # Requires an absolute path with no traversal segments. Without this, a
+    # misconfigured registry_cache_path like "../../etc/cron.d/apidepth" would
+    # cause us to write registry JSON into sensitive system directories.
+    # The content is our controlled JSON, but the behaviour is still wrong and
+    # surprising to audit.
+    def self.validate_cache_path!(path)
+      unless path.is_a?(String) && path.start_with?("/")
+        raise ArgumentError, "registry_cache_path must be an absolute path (got #{path.inspect})"
+      end
+
+      return unless path.split("/").include?("..")
+
+      raise ArgumentError, "registry_cache_path must not contain '..' traversal segments (got #{path.inspect})"
+    end
+
+    # Ruby's `private` keyword does not apply to `def self.method` — those remain
+    # public class methods regardless of placement inside a private block.
+    # private_class_method is the correct idiom.
+    private_class_method :start_refresh_thread, :fetch_remote,
+                         :load_from_disk, :validate_cache_path!
+  end
+end

data/lib/apidepth/vendor_registry.rb

@@ -0,0 +1,188 @@
+# lib/apidepth/vendor_registry.rb
+
+module Apidepth
+  module VendorRegistry
+    BUNDLED_BASELINE = {
+      "version" => "bundled",
+      "vendors" => {
+        "stripe" => {
+          "hosts" => ["api.stripe.com"],
+          "patterns" => [
+            { "match" => '/v1/charges/ch_\w+', "replace" => "/v1/charges/:id" },
+            { "match" => '/v1/customers/cus_\w+',          "replace" => "/v1/customers/:id" },
+            { "match" => '/v1/payment_intents/pi_\w+',     "replace" => "/v1/payment_intents/:id" },
+            { "match" => '/v1/subscriptions/sub_\w+',      "replace" => "/v1/subscriptions/:id" },
+            { "match" => '/v1/invoices/in_\w+',            "replace" => "/v1/invoices/:id" },
+            { "match" => '/v1/refunds/re_\w+',             "replace" => "/v1/refunds/:id" }
+          ]
+        },
+        "openai" => {
+          "hosts" => ["api.openai.com"],
+          "patterns" => [
+            { "match" => "/v1/chat/completions",           "replace" => "/v1/chat/completions" },
+            { "match" => "/v1/embeddings",                 "replace" => "/v1/embeddings" },
+            { "match" => "/v1/images/generations",         "replace" => "/v1/images/generations" },
+            { "match" => '/v1/files/file-\w+',             "replace" => "/v1/files/:id" }
+          ]
+        },
+        "anthropic" => {
+          "hosts" => ["api.anthropic.com"],
+          "patterns" => [
+            { "match" => "/v1/messages",                   "replace" => "/v1/messages" }
+          ]
+        },
+        "twilio" => {
+          "hosts" => ["api.twilio.com"],
+          "patterns" => [
+            { "match" => '/2010-04-01/Accounts/AC\w+/Messages/SM\w+', "replace" => "/Accounts/:id/Messages/:id" },
+            { "match" => '/2010-04-01/Accounts/AC\w+/Messages',       "replace" => "/Accounts/:id/Messages" },
+            { "match" => '/2010-04-01/Accounts/AC\w+/Calls/CA\w+',    "replace" => "/Accounts/:id/Calls/:id" },
+            { "match" => '/2010-04-01/Accounts/AC\w+/Calls',          "replace" => "/Accounts/:id/Calls" }
+          ]
+        },
+        "resend" => {
+          "hosts" => ["api.resend.com"],
+          "patterns" => [
+            { "match" => "/emails/[0-9a-f-]{36}", "replace" => "/emails/:id" }
+          ]
+        },
+        "github" => {
+          "hosts" => ["api.github.com"],
+          "patterns" => [
+            { "match" => '/repos/[^/]+/[^/]+/pulls/\d+',  "replace" => "/repos/:owner/:repo/pulls/:number" },
+            { "match" => '/repos/[^/]+/[^/]+/issues/\d+', "replace" => "/repos/:owner/:repo/issues/:number" },
+            { "match" => "/repos/[^/]+/[^/]+",            "replace" => "/repos/:owner/:repo" },
+            { "match" => "/users/[^/]+", "replace" => "/users/:username" }
+          ]
+        }
+      }
+    }.freeze
+
+    GENERIC_PATTERNS = [
+      [%r{/[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}}, "/:uuid"],
+      [%r{/\d{4,}},        "/:id"],
+      [%r{/[a-z0-9]{24,}}, "/:token"]
+    ].freeze
+
+    class << self
+      def identify(host, raw_path)
+        hosts, patterns = @mutex.synchronize { [@hosts, @patterns] }
+        vendor = hosts[host]
+        return nil unless vendor
+
+        path = strip_query_string(raw_path)
+        path = apply_vendor_normalizers(patterns[vendor] || [], path)
+        path = apply_generic_normalizers(path)
+        [vendor, path]
+      end
+
+      # Merge customer-defined host→vendor mappings from config.extra_vendors.
+      # Called once at Railtie boot after the user's configure block has run.
+      # Does not touch @patterns — custom vendors use generic path normalization only.
+      def load_extra_vendors(extra_vendors)
+        return if extra_vendors.nil? || extra_vendors.empty?
+
+        @mutex.synchronize do
+          extra_vendors.each { |name, host| @hosts[host.to_s] = name.to_s }
+        end
+      end
+
+      def replace(registry_json)
+        new_hosts    = build_hosts(registry_json)
+        new_patterns = build_patterns(registry_json)
+
+        # Re-apply extra_vendors so a registry refresh never wipes customer-defined
+        # host mappings. The config value wins over any registry entry for the same host.
+        (Apidepth.configuration.extra_vendors || {}).each do |name, host|
+          new_hosts[host.to_s] = name.to_s
+        end
+
+        @mutex.synchronize do
+          @hosts    = new_hosts
+          @patterns = new_patterns
+          @version  = registry_json["version"]
+        end
+
+        Apidepth.logger&.debug(
+          "[Apidepth] Registry updated — version=#{Apidepth.sanitize_log(registry_json['version'])} " \
+          "vendors=#{new_hosts.values.uniq.count}"
+        )
+      end
+
+      def version
+        @mutex.synchronize { @version }
+      end
+
+      def vendor_count
+        @mutex.synchronize { @hosts.values.uniq.count }
+      end
+
+      private
+
+      # Called at require time — Apidepth.logger is not yet defined so we
+      # can't call replace (which logs). Initialize state directly instead.
+      def initialize_registry
+        @mutex    = Mutex.new
+        @version  = BUNDLED_BASELINE["version"]
+        @hosts    = build_hosts(BUNDLED_BASELINE)
+        @patterns = build_patterns(BUNDLED_BASELINE)
+      end
+
+      def build_hosts(registry)
+        {}.tap do |hosts|
+          (registry["vendors"] || {}).each do |slug, config|
+            (config["hosts"] || []).each { |h| hosts[h] = slug }
+          end
+        end
+      end
+
+      def build_patterns(registry)
+        {}.tap do |patterns|
+          (registry["vendors"] || {}).each do |slug, config|
+            patterns[slug] = (config["patterns"] || []).filter_map do |rule|
+              match = rule["match"].to_s
+
+              # Block constructs that enable arbitrary code execution in some
+              # Ruby/Oniguruma versions. This is a blocklist — it does not prevent
+              # catastrophic-backtracking ReDoS (e.g. (a+)+) from a compromised
+              # registry, but legitimate path patterns never need these constructs.
+              if match.match?(/\(\?[{<!=]|\(\?#|\+\?|\*\?{2}/)
+                Apidepth.logger&.warn(
+                  "[Apidepth] Skipping unsafe pattern for #{Apidepth.sanitize_log(slug)}: #{match.inspect}"
+                )
+                next
+              end
+
+              [Regexp.new(match), rule["replace"].to_s]
+            rescue RegexpError => e
+              Apidepth.logger&.warn(
+                "[Apidepth] Skipping invalid pattern for #{Apidepth.sanitize_log(slug)} " \
+                "#{match.inspect}: #{e.message}"
+              )
+              nil
+            end
+          end
+        end
+      end
+
+      def strip_query_string(path)
+        path.split("?").first
+      end
+
+      def apply_vendor_normalizers(rules, path)
+        rules.each do |pattern, replacement|
+          return path.gsub(pattern, replacement) if path.match?(pattern)
+        end
+        path
+      end
+
+      def apply_generic_normalizers(path)
+        GENERIC_PATTERNS.reduce(path) do |p, (pattern, replacement)|
+          p.gsub(pattern, replacement)
+        end
+      end
+    end
+
+    initialize_registry
+  end
+end

data/lib/apidepth/version.rb

@@ -0,0 +1,5 @@
+# lib/apidepth/version.rb
+
+module Apidepth
+  VERSION = "0.2.0".freeze
+end