debendencies 1.0.0.pre1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: cfb4b703eb13f5256ed10c8608f31ff2fb3458301dde2d0e599f63994cb8cf78
+  data.tar.gz: da9f79cad3cf0dd3b62dcf63a6bcdb141da6155d6e618a4768a9a2b4c55f0828
+SHA512:
+  metadata.gz: 8310ab69c81538f55178835ed89b479c8d3c46fc3e073537fd57007b7752055e343b77b811ad465c9365ec9c876da4620088762ab233674e461df260b101315b
+  data.tar.gz: acd7ed848689e4ced849bc5ae4227a6324b197268d64c35bd5d031e9f378725856742a3086e5206c1f8ac40485ac522a3fd4011f22e066be79f270acbf4bec94

data/bin/debendencies

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+require_relative "../lib/debendencies/cli"
+Debendencies::CLI.new.run

data/lib/debendencies/cli.rb

@@ -0,0 +1,81 @@
+# frozen_string_literal: true
+require "optparse"
+require_relative "../debendencies"
+require_relative "version"
+
+class Debendencies
+  class CLI
+    def initialize
+      @options = {
+        format: "oneline",
+      }
+    end
+
+    def run
+      option_parser.parse!
+      require "json" if @options[:format] == "json"
+
+      paths = ARGV
+      if paths.empty?
+        puts option_parser
+        exit 1
+      end
+
+      debendencies = Debendencies.new(logger: get_logger)
+      begin
+        debendencies.scan(*paths)
+        dependencies = debendencies.resolve
+      rescue Error => e
+        abort(e.message)
+      end
+
+      case @options[:format]
+      when "oneline"
+        puts dependencies.map { |d| d.to_s }.join(", ")
+      when "multiline"
+        dependencies.each { |d| puts d.to_s }
+      when "json"
+        puts JSON.generate(dependencies.map { |d| d.as_json })
+      else
+        puts "Invalid format: #{@options[:format]}"
+        exit 1
+      end
+    end
+
+    private
+
+    def option_parser
+      @option_parser ||= OptionParser.new do |opts|
+        opts.banner = "Usage: debendencies <PATHS...>"
+
+        opts.on("-f", "--format FORMAT", "Output format (oneline|multiline|json). Default: oneline") do |format|
+          if !["oneline", "multiline", "json"].include?(format)
+            abort "Invalid format: #{format.inspect}"
+          end
+          @options[:format] = format
+        end
+
+        opts.on("--verbose", "Show verbose output") do
+          @options[:verbose] = true
+        end
+
+        opts.on("-h", "--help", "Show this help message") do
+          puts opts
+          exit
+        end
+
+        opts.on("--version", "Show version") do
+          puts VERSION_STRING
+          exit
+        end
+      end
+    end
+
+    def get_logger
+      if @options[:verbose]
+        require "logger"
+        Logger.new(STDERR)
+      end
+    end
+  end
+end

data/lib/debendencies/elf_analysis.rb

@@ -0,0 +1,68 @@
+# frozen_string_literal: true
+require "set"
+require_relative "errors"
+require_relative "utils"
+
+class Debendencies
+  module Private
+    class << self
+      # Extracts from an ELF file using `objdump`:
+      #
+      # - The ELF file's own soname, if possible. Can be nil.
+      # - The list of shared library dependencies (sonames).
+      #
+      # @param path [String] Path to the ELF file to analyze.
+      # @return [String, Array<Array<String>>]
+      # @raise [Error] If `objdump` fails.
+      def extract_soname_and_dependency_libs(path)
+        popen(["objdump", "-p", path],
+              spawn_error_message: "Error scanning ELF file dependencies: cannot spawn 'objdump'",
+              fail_error_message: "Error scanning ELF file dependencies: 'objdump' failed") do |io|
+          soname = nil
+          dependent_libs = []
+
+          io.each_line do |line|
+            case line
+            when /^\s*SONAME\s+(.+)$/
+              soname = $1.strip
+            when /^\s*NEEDED\s+(.+)$/
+              dependent_libs << $1.strip
+            end
+          end
+
+          [soname, dependent_libs]
+        end
+      end
+
+      # Extracts dynamic symbols from ELF files using `nm`.
+      #
+      # @param paths [Array<String>] Paths to the ELF files to analyze.
+      # @param cache [Hash<String, Set<String>>]
+      # @return [Set<String>] Set of dynamic symbols.
+      # @raise [Error] If `nm` fails.
+      def extract_dynamic_symbols(paths, cache = {})
+        result = Set.new
+
+        paths.each do |path|
+          subresult = cache[path] ||=
+            popen(["nm", "-D", path],
+                  spawn_error_message: "Error extracting dynamic symbols from #{path}: cannot spawn 'nm'",
+                  fail_error_message: "Error extracting dynamic symbols from #{path}: 'nm' failed") do |io|
+              io.each_line.lazy.map do |line|
+                # Line is in the following format:
+                #
+                #                  U waitpid
+                # 0000000000126190 B want_pending_command
+                #                    ^^^^^^^^^^^^^^^^^^^^
+                #                    we want to extract this
+                $1 if line =~ /^\S*\s+[A-Za-z]\s+(.+)/
+              end.compact.to_set
+            end
+          result.merge(subresult)
+        end
+
+        result
+      end
+    end
+  end
+end

data/lib/debendencies/errors.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+class Debendencies
+  class Error < StandardError; end
+end

data/lib/debendencies/package_dependency.rb

@@ -0,0 +1,75 @@
+# frozen_string_literal: true
+
+class Debendencies
+  # Represents a single Debian package dependency, e.g., `libc`.
+  # Could potentially have version constraints, e.g., `libc (>= 2.28, <= 2.30)`.
+  #
+  # `version_constraints` is either nil or non-empty.
+  class PackageDependency
+    attr_reader :name, :version_constraints
+
+    def initialize(name, version_constraints = nil)
+      @name = name
+      @version_constraints = version_constraints
+    end
+
+    def eql?(other)
+      @name == other.name && @version_constraints == other.version_constraints
+    end
+
+    alias_method :==, :eql?
+
+    def hash
+      @name.hash ^ @version_constraints.hash
+    end
+
+    def as_json
+      result = { name: name }
+      result[:version_constraints] = version_constraints.map { |vc| vc.as_json } if version_constraints
+      result
+    end
+
+    def to_s
+      if version_constraints.nil?
+        name
+      else
+        "#{name} (#{version_constraints.map { |vc| vc.to_s }.join(", ")})"
+      end
+    end
+  end
+
+  # Represents a version constraint, e.g., `>= 2.28-1`.
+  class VersionConstraint
+    # A comparison operator, e.g., `>=`.
+    #
+    # @return [String]
+    attr_reader :operator
+
+    # A Debian package version, e.g., `2.28-1`.
+    # @return [String]
+    attr_reader :version
+
+    def initialize(operator, version)
+      @operator = operator
+      @version = version
+    end
+
+    def eql?(other)
+      @operator == other.operator && @version == other.version
+    end
+
+    alias_method :==, :eql?
+
+    def hash
+      @operator.hash ^ @version.hash
+    end
+
+    def as_json
+      { operator: operator, version: version }
+    end
+
+    def to_s
+      "#{operator} #{version}"
+    end
+  end
+end

data/lib/debendencies/package_finding.rb

@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+require "open3"
+require_relative "errors"
+require_relative "elf_analysis"
+require_relative "symbols_file_parsing"
+require_relative "utils"
+
+class Debendencies
+  module Private
+    class << self
+      # Finds the package providing a specific library soname. This is done using `dpkg-query -S`.
+      #
+      # @return [String] The package name (like "libc6"), or nil if no package provides the library.
+      def find_package_providing_lib(soname)
+        output, error_output, status = Open3.capture3("dpkg-query", "-S", "*/#{soname}")
+        if !status.success?
+          if !status.signaled? && error_output.include?("no path found matching pattern")
+            return nil
+          else
+            raise Error, "Error finding packages that provide #{soname}: 'dpkg-query' failed: #{status}: #{error_output.chomp}"
+          end
+        end
+
+        # Output is in the following format:
+        # libfoo1:amd64: /usr/lib/x86_64-linux-gnu/libfoo.so.1
+        #
+        # The architecture could be omitted, like so:
+        # libfoo1: /usr/lib/x86_64-linux-gnu/libfoo1.so.1
+        #
+        # In theory, the output could contain multiple results, indicating alternatives.
+        # We don't support alternatives, so we just return the first result.
+        # See rationale in HOW-IT-WORKS.md.
+
+        return nil if output.empty?
+        line = output.split("\n").first
+        line.split(":", 2).first
+      end
+
+      # Finds the minimum version of the package that provides the necessary library symbols
+      # used by the given ELF files.
+      def find_min_package_version(soname, symbols_file_path, dependent_elf_file_paths, symbol_extraction_cache = {}, logger = nil)
+        dependent_symbols = extract_dynamic_symbols(dependent_elf_file_paths, symbol_extraction_cache)
+        return nil if dependent_symbols.empty?
+
+        max_used_package_version = nil
+
+        list_symbols(symbols_file_path, soname) do |dependency_symbol, package_version|
+          if dependent_symbols.include?(dependency_symbol)
+            logger&.info("Found in-use dependency symbol: #{dependency_symbol} (version: #{package_version})")
+            if max_used_package_version.nil? || package_version > max_used_package_version
+              max_used_package_version = package_version
+            end
+          end
+        end
+
+        max_used_package_version
+      end
+    end
+  end
+end

data/lib/debendencies/package_version.rb

@@ -0,0 +1,103 @@
+# frozen_string_literal: true
+
+class Debendencies
+  module Private
+    # Represents a package version in the format used by Debian packages.
+    # This class is only used internally to compare package versions.
+    # It's not exposed through the public API.
+    #
+    # Version number formats and comparison rules are defined in the Debian Policy Manual:
+    # https://www.debian.org/doc/debian-policy/ch-controlfields.html#version
+    # https://pmhahn.github.io/dpkg-compare-versions/
+    class PackageVersion
+      include Comparable
+
+      attr_reader :epoch, :upstream_version, :debian_revision
+
+      def initialize(version_string)
+        @version_string = version_string
+        # Parse version into epoch, upstream_version, and debian_revision
+        @epoch, version = parse_epoch(version_string)
+        @upstream_version, @debian_revision = parse_upstream_and_revision(version)
+      end
+
+      def <=>(other)
+        # Compare epoch
+        result = @epoch <=> other.epoch
+        return result unless result == 0
+
+        # Compare upstream version
+        result = compare_upstream_version(@upstream_version, other.upstream_version)
+        return result unless result == 0
+
+        # Compare debian revision
+        compare_debian_revision(@debian_revision, other.debian_revision)
+      end
+
+      def to_s
+        @version_string
+      end
+
+      private
+
+      def parse_epoch(version)
+        if version.include?(":")
+          epoch, rest = version.split(":", 2)
+          [epoch.to_i, rest]
+        else
+          [0, version]
+        end
+      end
+
+      def parse_upstream_and_revision(version)
+        if version.include?("-")
+          upstream, debian_revision = version.rpartition("-").values_at(0, 2)
+        else
+          upstream = version
+          debian_revision = ""
+        end
+        [upstream, debian_revision]
+      end
+
+      def compare_upstream_version(ver1, ver2)
+        compare_version_parts(split_version(ver1), split_version(ver2))
+      end
+
+      def compare_debian_revision(ver1, ver2)
+        # Empty string counts as 0 in Debian revision comparison
+        ver1 = "0" if ver1.empty?
+        ver2 = "0" if ver2.empty?
+        compare_version_parts(split_version(ver1), split_version(ver2))
+      end
+
+      def split_version(version)
+        version.scan(/\d+|[a-zA-Z]+|~|[^\da-zA-Z~]+/)
+      end
+
+      def compare_version_parts(parts1, parts2)
+        parts1.zip(parts2).each do |part1, part2|
+          # Handle nil cases
+          part1 ||= ""
+          part2 ||= ""
+
+          if part1 =~ /^\d+$/ && part2 =~ /^\d+$/
+            result = part1.to_i <=> part2.to_i
+          else
+            result = compare_lexically(part1, part2)
+          end
+          return result unless result == 0
+        end
+
+        parts1.size <=> parts2.size
+      end
+
+      def compare_lexically(part1, part2)
+        # Special handling for '~' which sorts before everything else
+        return -1 if part1 == "~" && part2 != "~"
+        return 1 if part1 != "~" && part2 == "~"
+
+        part1 <=> part2
+      end
+    end
+  end
+end

data/lib/debendencies/symbols_file_parsing.rb

@@ -0,0 +1,58 @@
+# frozen_string_literal: true
+require_relative "package_version"
+
+class Debendencies
+  module Private
+    class << self
+      # Parses a symbols file. Yields:
+      #
+      # - All symbols for the specified library soname.
+      # - The package version that provides that symbol.
+      #
+      # For example, it yields `["fopen@GLIBC_1.0", "5"]`.
+      #
+      # @param path [String] Path to the symbols file.
+      # @param soname [String] Soname of the library to yield symbols for.
+      # @yield [String, PackageVersion]
+      def list_symbols(path, soname)
+        File.open(path, "r:utf-8") do |f|
+          # Skips lines in the symbols file until we encounter the start of the section for the given library
+          f.each_line do |line|
+            break if line.start_with?("#{soname} ")
+          end
+
+          f.each_line do |line|
+            # Ignore alternative package specifiers and metadata fields like these:
+            #
+            #   | libtinfo6 #MINVER#, libtinfo6 (<< 6.2~)
+            #   * Build-Depends-Package: libncurses-dev
+            next if line =~ /^\s*[\|\*]/
+
+            # We look for a line like this:
+            #
+            #  NCURSES6_TIC_5.0.19991023@NCURSES6_TIC_5.0.19991023 6.1
+            #
+            # Stop when we reach the section for next library
+            break if line !~ /^\s+(\S+)\s+(\S+)/
+
+            raw_symbol = $1
+            package_version_string = $2
+            yield [raw_symbol.sub(/@Base$/, ""), PackageVersion.new(package_version_string)]
+          end
+        end
+      end
+
+      def find_symbols_file(package_name, architecture)
+        path = File.join(symbols_dir, "#{package_name}:#{architecture}.symbols")
+        path if File.exist?(path)
+      end
+
+      private
+
+      # Mocked during tests.
+      def symbols_dir
+        "/var/lib/dpkg/info"
+      end
+    end
+  end
+end

data/lib/debendencies/utils.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+require_relative "errors"
+
+class Debendencies
+  module Private
+    ELF_MAGIC = String.new("\x7FELF").force_encoding("binary").freeze
+
+    class << self
+      def elf_file?(path)
+        File.open(path, "rb") do |f|
+          f.read(4) == ELF_MAGIC
+        end
+      end
+
+      def path_resembles_library?(path)
+        !!(path =~ /\.so($|\.\d+)/)
+      end
+
+      def dpkg_architecture
+        read_string_envvar("DEB_HOST_ARCH") ||
+          read_string_envvar("DEB_BUILD_ARCH") ||
+          @dpkg_architecture ||= begin
+              popen(["dpkg", "--print-architecture"],
+                    spawn_error_message: "Error getting dpkg architecture: cannot spawn 'dpkg'",
+                    fail_error_message: "Error getting dpkg architecture: 'dpkg --print-architecture' failed") do |io|
+                io.read.chomp
+              end
+            end
+      end
+
+      # Runs a command and yields its standard output as an IO object.
+      # Like IO.popen but with better error handling.
+      # On success, returns the result of the block, otherwise raises an Error.
+      def popen(command_args, spawn_error_message:, fail_error_message:)
+        begin
+          begin
+            io = IO.popen(command_args)
+          rescue SystemCallError => e
+            raise Error, "#{spawn_error_message}: #{e}"
+          end
+
+          result = yield io
+        ensure
+          io.close if io
+        end
+
+        if $?.success?
+          result
+        else
+          raise Error, "#{fail_error_message}: #{$?}"
+        end
+      end
+
+      private
+
+      def read_string_envvar(name)
+        value = ENV[name]
+        value if value && !value.empty?
+      end
+    end
+  end
+end

data/lib/debendencies/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+class Debendencies
+  VERSION_STRING = "1.0.0.pre1"
+end

data/lib/debendencies.rb

@@ -0,0 +1,116 @@
+# frozen_string_literal: true
+require "set"
+require_relative "debendencies/elf_analysis"
+require_relative "debendencies/package_finding"
+require_relative "debendencies/package_dependency"
+require_relative "debendencies/errors"
+require_relative "debendencies/utils"
+
+class Debendencies
+  def initialize(logger: nil)
+    @logger = logger
+
+    # Shared libraries (sonames) that have been scanned.
+    @scanned_libs = Set.new
+
+    # Shared libraries (sonames) that the scanned ELF files depend on.
+    # Maps each soname to an array of ELF file path that depend on it (the dependents).
+    @dependency_libs = {}
+
+    @symbol_extraction_cache = {}
+  end
+
+  def scan(*paths)
+    paths.each do |path|
+      if File.directory?(path)
+        scan_directory(path)
+      else
+        scan_file(path)
+      end
+    end
+  end
+
+  # Resolves the Debian package dependencies of all scanned ELF files.
+  # Returns an array of PackageDependency objects:
+  #
+  #   [
+  #     PackageDependency.new('libc6', [VersionConstraint.new('>=', '2.28')]),
+  #     PackageDependency.new('libfoo1'),
+  #   ]
+  #
+  # @return [Array<PackageDependency>]
+  def resolve
+    result = []
+
+    @dependency_libs.each_pair do |dependency_soname, dependent_elf_file_paths|
+      # ELF files in a package could depend on libraries included in the same package,
+      # so omit resolving scanned libraries.
+      if @scanned_libs.include?(dependency_soname)
+        @logger&.info("Skipping dependency resolution for scanned library: #{dependency_soname}")
+        next
+      end
+
+      package_name = Private.find_package_providing_lib(dependency_soname)
+      raise Error, "Error resolving package dependencies: no package provides #{dependency_soname}" if package_name.nil?
+      @logger&.info("Resolved package providing #{dependency_soname}: #{package_name}")
+      version_constraints = maybe_create_version_constraints(package_name, dependency_soname, dependent_elf_file_paths)
+      @logger&.info("Resolved version constraints: #{version_constraints&.map { |vc| vc.as_json }.inspect}")
+
+      result << PackageDependency.new(package_name, version_constraints)
+    end
+
+    result.uniq!
+    result
+  end
+
+  private
+
+  def scan_directory(dir)
+    Dir.glob("**/*", base: dir) do |entry|
+      path = File.join(dir, entry)
+
+      if File.symlink?(path)
+        # Libraries tend to have multiple symlinks (e.g. libfoo.so -> libfoo.so.1 -> libfoo.so.1.2.3)
+        # and we only want to process libraries once, so ignore symlinks.
+        @logger&.warn("Skipping symlink: #{path}")
+        next
+      end
+
+      scan_file(path) if File.file?(path) && File.executable?(path)
+    end
+  end
+
+  def scan_file(path)
+    @logger&.info("Scanning ELF file: #{path}")
+    return @logger&.warn("Skipping non-ELF file: #{path}") if !Private.elf_file?(path)
+
+    soname, dependency_libs = Private.extract_soname_and_dependency_libs(path)
+    @logger&.info("Detected soname: #{soname || "(none)"}")
+    @logger&.info("Detected dependencies: #{dependency_libs.inspect}")
+    if Private.path_resembles_library?(path) && soname.nil?
+      raise Error, "Error scanning ELF file: cannot determine shared library name (soname) for #{path}"
+    end
+
+    @scanned_libs << soname if soname
+    dependency_libs.each do |dependency_soname|
+      dependents = (@dependency_libs[dependency_soname] ||= [])
+      dependents << path
+    end
+  end
+
+  def maybe_create_version_constraints(package_name, soname, dependent_elf_files)
+    symbols_file_path = Private.find_symbols_file(package_name, Private.dpkg_architecture)
+    if symbols_file_path
+      @logger&.info("Found symbols file for #{package_name}: #{symbols_file_path}")
+      min_version = Private.find_min_package_version(soname,
+                                                     symbols_file_path,
+                                                     dependent_elf_files,
+                                                     @symbol_extraction_cache,
+                                                     @logger)
+      [VersionConstraint.new(">=", min_version.to_s)] if min_version
+    else
+      @logger&.warn("No symbols file found for #{package_name}")
+      nil
+    end
+  end
+end

metadata

@@ -0,0 +1,192 @@
+--- !ruby/object:Gem::Specification
+name: debendencies
+version: !ruby/object:Gem::Version
+  version: 1.0.0.pre1
+platform: ruby
+authors:
+- Hongli Lai
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2024-08-21 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: set
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+- !ruby/object:Gem::Dependency
+  name: stringio
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3'
+- !ruby/object:Gem::Dependency
+  name: json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2'
+- !ruby/object:Gem::Dependency
+  name: optparse
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0.4'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0.4'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2'
+- !ruby/object:Gem::Dependency
+  name: open3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0.1'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0.1'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2'
+- !ruby/object:Gem::Dependency
+  name: tmpdir
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0.1'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0.1'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2'
+- !ruby/object:Gem::Dependency
+  name: fileutils
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+- !ruby/object:Gem::Dependency
+  name: tempfile
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0.1'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0.1'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2'
+description: Scans executables and shared libraries for their shared library dependencies,
+  and outputs a list of Debian package names that provide those libraries.
+email:
+- hongli@hongli.nl
+executables:
+- debendencies
+extensions: []
+extra_rdoc_files: []
+files:
+- bin/debendencies
+- lib/debendencies.rb
+- lib/debendencies/cli.rb
+- lib/debendencies/elf_analysis.rb
+- lib/debendencies/errors.rb
+- lib/debendencies/package_dependency.rb
+- lib/debendencies/package_finding.rb
+- lib/debendencies/package_version.rb
+- lib/debendencies/symbols_file_parsing.rb
+- lib/debendencies/utils.rb
+- lib/debendencies/version.rb
+homepage: https://github.com/FooBarWidget/debendencies
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.5.3
+signing_key:
+specification_version: 4
+summary: Debian package shared library dependencies inferer
+test_files: []