gem_changelog_diff 0.7.0 → 0.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cb1f64ee5cd989dcb791da00dde70d752f297d0cc640e455cac541eedf09bc8b
-  data.tar.gz: 303b4fa0ce947b0ad9dab918294674f8fb90881c9017d30279e6afbf8e02ca03
+  metadata.gz: c69caa73eea6c508419eff5debb1b5b75bd56edf29140519fb451a433ed67272
+  data.tar.gz: 310b2803925afeb1a107d5805d8f20e681c3257962bb762fcf0db11fb5c78c60
 SHA512:
-  metadata.gz: 7f9897600fc4fd863d2f99d2152c6e2c4ae68669be8ec6fa37e824356dd952cd80367742587a91a53e13ffd6e1b4d5bbe7cc435e2fe96aac4970b9fe6dc9b443
-  data.tar.gz: c3f9b5411ac024a224b0f0b25926a2f33dda76cf6a1a5689831c4a616788aa8659310a68bd379558ee9ed1fe9e5eeb2166127953147f8b30580d4be0a36d3453
+  metadata.gz: 919f9f8da6bd23c1b2e5210ac0d4bd7f66217f4dd897b735006605858552c757eeffdf962acb23f97ec307fc2c1957964acd787ee9704ccf9061758cde4adb16
+  data.tar.gz: 1808e80f094a1035fc34245dd21a3965fd63a35d794e66c9a66d74b4405deba9fb84e0f15360419561b160a1b21807d82f170141aa2a666060b0d0777f8a7a8b

data/CHANGELOG.md

@@ -7,6 +7,35 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [0.8.0] - 2026-06-18
+
+### Added
+
+- `UriResolver` class for source URI resolution with non-GitHub host detection
+- Informative skip messages for gems hosted on GitLab, Codeberg, Bitbucket, and SourceHut
+- Automatic redirect following for renamed GitHub repositories (up to 3 hops)
+- `RepoNotFoundError` raised with descriptive messages for non-GitHub gems
+- `TagMatcher` class for tag format normalization (`v1.2.3`, `1.2.3`, `gem_name-1.2.3`, `release-1.2.3`)
+- GitHub API pagination for gems with 100+ releases (up to 1000 releases)
+- Early termination when paginated releases pass the current version
+- Per-request timeout (10s default) and total timeout (120s default)
+- `--timeout` flag to set per-request timeout
+- `request_timeout` and `total_timeout` config file options
+- Interactive mode help hint: "(Space to select, Enter to confirm)"
+- `JSON::ParserError` handling in gem report builder to prevent worker thread crashes
+- Wider network error handling: `Errno::ETIMEDOUT`, `Errno::ECONNRESET`, `OpenSSL::SSL::SSLError`
+
+### Changed
+
+- `RubygemsClient` delegates URI resolution to `UriResolver` (extracted `extract_github_repo`)
+- Error message for missing repo changed from "Could not find GitHub repository" to "Could not determine source repository"
+- `GithubClient` uses `TagMatcher` for version extraction (replaced `TAG_VERSION_REGEX`)
+- `GithubClient` fetches 100 releases per page (was 30) with pagination support
+- `GithubClient` returns empty array for HTTP 301 responses (redirects handled by `UriResolver`)
+- All `Gem::Version.new` calls wrapped in `safe_gem_version` helper to prevent `ArgumentError` crashes
+- `ConcurrentFetcher` wrapped in total timeout to prevent runaway operations
+- HTTP requests in `Cache`, `RubygemsClient`, and `ChangelogParser` use configurable timeouts
+
 ## [0.7.0] - 2026-06-18
 
 ### Added
@@ -89,7 +118,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Plain text formatter for changelog output
 - Full end-to-end pipeline: detect → lookup → fetch → format
 
-[Unreleased]: https://github.com/eclectic-coding/gem_changelog_diff/compare/v0.7.0...HEAD
+[Unreleased]: https://github.com/eclectic-coding/gem_changelog_diff/compare/v0.8.0...HEAD
+[0.8.0]: https://github.com/eclectic-coding/gem_changelog_diff/releases/tag/v0.8.0
 [0.7.0]: https://github.com/eclectic-coding/gem_changelog_diff/releases/tag/v0.7.0
 [0.6.0]: https://github.com/eclectic-coding/gem_changelog_diff/releases/tag/v0.6.0
 [0.5.0]: https://github.com/eclectic-coding/gem_changelog_diff/releases/tag/v0.5.0

data/README.md

@@ -21,7 +21,8 @@ CLI that shows you the changelog diff for each gem before you `bundle update`, p
   - [Show Subcommand](#show-subcommand)
   - [Caching](#caching)
   - [Dry Run](#dry-run)
-  - [Configuration File](#configuration-file)
+  - [Timeouts](#timeouts)
+- [Configuration File](#configuration-file)
 - [Development](#development)
 - [Contributing](#contributing)
 - [License](#license)
@@ -55,6 +56,10 @@ gem_changelog_diff version    # Print version
 gem_changelog_diff --version  # Same as above
 ```
 
+### Non-GitHub Gems
+
+Gems hosted on GitHub are fully supported. Gems on other platforms (GitLab, Codeberg, Bitbucket, SourceHut) are detected and skipped with an informative message. Renamed GitHub repositories are followed automatically via redirect.
+
 ### GitHub Authentication
 
 To avoid the 60 requests/hour unauthenticated rate limit, provide a GitHub personal access token:
@@ -157,6 +162,14 @@ gem_changelog_diff --dry-run --format json       # JSON array of gem objects
 gem_changelog_diff --dry-run --format markdown   # Markdown bullet list
 ```
 
+### Timeouts
+
+```bash
+gem_changelog_diff --timeout 30  # Per-request timeout in seconds (default: 10)
+```
+
+The total operation timeout (default: 120s) limits how long concurrent fetching can run. Both values are configurable via the config file.
+
 ### Configuration File
 
 Generate a config file template:
@@ -181,6 +194,8 @@ ignore_gems:
   - rake
   - bundler
 no_color: false
+request_timeout: 10        # per-request timeout in seconds
+total_timeout: 120         # total operation timeout in seconds
 ```
 
 CLI flags always take priority over config file values.

data/ROADMAP.md

@@ -2,20 +2,6 @@
 
 Feature roadmap for gem_changelog_diff. Each section is auto-pruned by `bin/release` when that version ships.
 
-## 0.8.0 -- Robustness & Edge Cases
-
-Handle the long tail of real-world gem repository patterns.
-
-- Source URI resolution: detect and skip GitLab/Codeberg gracefully, follow redirects for renamed repos, handle monorepo subdirectory URIs
-- Tag format normalization: `v1.2.3`, `1.2.3`, `gem_name-1.2.3`, `release-1.2.3`
-- Proper version comparison via `Gem::Version` (handles pre-release: `1.0.0.rc1`, `1.0.0.beta2`)
-- GitHub API pagination for gems with 100+ releases
-- Per-request timeout (10s default), total timeout (120s default), configurable via `--timeout`
-
-**New files:** `tag_matcher.rb`, `uri_resolver.rb`
-
----
-
 ## 0.9.0 -- Pre-1.0 Stabilization
 
 Freeze the public API. Harden the test suite. Prepare documentation for stable release.

data/lib/gem_changelog_diff/cache.rb

@@ -84,10 +84,13 @@ module GemChangelogDiff
     end
 
     def fetch_from_network(uri, headers)
+      timeout = GemChangelogDiff.configuration.request_timeout
       request = Net::HTTP::Get.new(uri)
       headers.each { |k, v| request[k] = v }
 
-      Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
+      Net::HTTP.start(uri.hostname, uri.port,
+                      use_ssl: uri.scheme == "https",
+                      open_timeout: timeout, read_timeout: timeout) do |http|
         http.request(request)
       end
     end

data/lib/gem_changelog_diff/changelog_parser.rb

@@ -19,7 +19,9 @@ module GemChangelogDiff
 
       parse_entries(content, current_version, newest_version)
     rescue SocketError, Errno::ECONNREFUSED, Errno::EHOSTUNREACH,
-           Net::OpenTimeout, Net::ReadTimeout => e
+           Errno::ETIMEDOUT, Errno::ECONNRESET,
+           Net::OpenTimeout, Net::ReadTimeout,
+           OpenSSL::SSL::SSLError => e
       raise NetworkError, "GitHub API request failed: #{e.message}"
     end
 
@@ -47,9 +49,13 @@ module GemChangelogDiff
       headers = request_headers
       return @cache.get(uri, headers: headers) if @cache
 
+      timeout = GemChangelogDiff.configuration.request_timeout
       request = Net::HTTP::Get.new(uri)
       headers.each { |k, v| request[k] = v }
-      Net::HTTP.start(uri.hostname, uri.port, use_ssl: true) { |http| http.request(request) }
+      Net::HTTP.start(uri.hostname, uri.port,
+                      use_ssl: true, open_timeout: timeout, read_timeout: timeout) do |http|
+        http.request(request)
+      end
     end
 
     def request_headers
@@ -63,21 +69,28 @@ module GemChangelogDiff
     end
 
     def parse_entries(content, current_version, newest_version)
-      current = Gem::Version.new(current_version)
-      newest = Gem::Version.new(newest_version)
-      sections = split_sections(content)
+      current = safe_gem_version(current_version)
+      newest = safe_gem_version(newest_version)
+      return [] unless current && newest
 
+      sections = split_sections(content)
       matched = sections.filter_map { |v, body| build_entry(v, body, current, newest) }
-      matched.sort_by { |e| Gem::Version.new(e[:tag_name]) }.reverse
+      matched.sort_by { |e| safe_gem_version(e[:tag_name]) || Gem::Version.new("0") }.reverse
     end
 
     def build_entry(version_str, body, current, newest)
-      gem_version = Gem::Version.new(version_str)
-      return unless gem_version > current && gem_version <= newest
+      gem_version = safe_gem_version(version_str)
+      return unless gem_version && gem_version > current && gem_version <= newest
 
       { tag_name: version_str, name: version_str, published_at: nil, body: body.strip }
     end
 
+    def safe_gem_version(version_str)
+      Gem::Version.new(version_str)
+    rescue ArgumentError
+      nil
+    end
+
     def split_sections(content)
       sections = []
       current_version = nil

data/lib/gem_changelog_diff/cli.rb

@@ -26,13 +26,12 @@ module GemChangelogDiff
     class_option :interactive, type: :boolean, default: false, aliases: "-i",
                                desc: "Interactively select gems to check"
     class_option :dry_run, type: :boolean, default: false, desc: "Show which gems would be checked"
+    class_option :timeout, type: :numeric, desc: "Per-request timeout in seconds (default: 10)"
 
     desc "check [GEM...]", "Show changelog diffs for outdated gems"
     def check(*gem_names)
-      load_config
-      configure_token
-      gems = detect_gems
-      gems = filter_gems(gems, gem_names)
+      setup_environment
+      gems = filter_gems(detect_gems, gem_names)
       return say("All gems are up to date!") if gems.empty?
 
       gems = Interactive.new(gems: gems).select if options[:interactive]
@@ -44,8 +43,7 @@ module GemChangelogDiff
 
     desc "show GEM FROM_VERSION TO_VERSION", "Show changelog between two versions of a gem"
     def show(gem_name, from_version, to_version)
-      load_config
-      configure_token
+      setup_environment
       gem = OutdatedGem.new(name: gem_name, current_version: from_version, newest_version: to_version)
       report = build_single_report(gem)
       formatter = Formatters.build(format: resolved_format, color: color_enabled?)
@@ -84,6 +82,12 @@ module GemChangelogDiff
 
     private
 
+    def setup_environment
+      load_config
+      configure_token
+      configure_timeout
+    end
+
     def load_config
       config = ConfigLoader.new.load
       GemChangelogDiff.configuration.apply(config)
@@ -96,6 +100,11 @@ module GemChangelogDiff
       GemChangelogDiff.configuration.github_token = token if token
     end
 
+    def configure_timeout
+      timeout = options[:timeout] || GemChangelogDiff.configuration.request_timeout
+      GemChangelogDiff.configuration.request_timeout = timeout
+    end
+
     def rails_credentials_token
       return unless defined?(Rails) && Rails.application.respond_to?(:credentials)
 
@@ -157,15 +166,26 @@ module GemChangelogDiff
 
     def build_gem_report(gem, rubygems_client, source_resolver)
       log "Checking #{gem.name}..."
+      fetch_gem_releases(gem, rubygems_client, source_resolver)
+    rescue GemChangelogDiff::Error => e
+      log_warning "  Skipping #{gem.name}: #{e.message}"
+      gem_error(gem, e.message)
+    rescue JSON::ParserError => e
+      log_warning "  Skipping #{gem.name}: malformed API response"
+      gem_error(gem, "Malformed API response: #{e.message}")
+    end
+
+    def fetch_gem_releases(gem, rubygems_client, source_resolver)
       repo = rubygems_client.repo_url(gem.name)
-      return { gem: gem, releases: [], error: "  Could not find GitHub repository." } if repo.nil?
+      return gem_error(gem, "Could not determine source repository.") unless repo
 
       log "  Found repo: #{repo}"
       releases = source_resolver.resolve(repo, gem.current_version, gem.newest_version)
       { gem: gem, releases: releases }
-    rescue GemChangelogDiff::Error => e
-      log_warning "  Skipping #{gem.name}: #{e.message}"
-      { gem: gem, releases: [], error: "  #{e.message}" }
+    end
+
+    def gem_error(gem, message)
+      { gem: gem, releases: [], error: "  #{message}" }
     end
 
     def with_spinner
@@ -257,6 +277,12 @@ module GemChangelogDiff
 
         # Disable colored output
         # no_color: false
+
+        # Per-request timeout in seconds (default: 10)
+        # request_timeout: 10
+
+        # Total timeout in seconds (default: 120)
+        # total_timeout: 120
       YAML
     end
 

data/lib/gem_changelog_diff/concurrent_fetcher.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require "timeout"
+
 module GemChangelogDiff
   class ConcurrentFetcher
     def initialize(concurrency: 4)
@@ -9,6 +11,15 @@ module GemChangelogDiff
     def fetch_all(items, &)
       return items.map(&) if @concurrency <= 1
 
+      total_timeout = GemChangelogDiff.configuration.total_timeout
+      Timeout.timeout(total_timeout, NetworkError, "Total timeout of #{total_timeout}s exceeded") do
+        run_workers(items, &)
+      end
+    end
+
+    private
+
+    def run_workers(items, &)
       results = Array.new(items.size)
       queue = Queue.new
       items.each_with_index { |item, i| queue << [item, i] }
@@ -18,8 +29,6 @@ module GemChangelogDiff
       results
     end
 
-    private
-
     def spawn_workers(queue, results, &block)
       worker_count = [@concurrency, queue.size].min
       worker_count.times.map do

data/lib/gem_changelog_diff/configuration.rb

@@ -3,9 +3,11 @@
 module GemChangelogDiff
   class Configuration
     attr_accessor :github_token, :cache_enabled, :cache_ttl,
-                  :default_format, :concurrency, :ignore_gems, :no_color
+                  :default_format, :concurrency, :ignore_gems, :no_color,
+                  :request_timeout, :total_timeout
 
-    VALID_KEYS = %i[github_token cache_enabled cache_ttl default_format concurrency ignore_gems no_color].freeze
+    VALID_KEYS = %i[github_token cache_enabled cache_ttl default_format concurrency
+                    ignore_gems no_color request_timeout total_timeout].freeze
 
     def initialize
       @cache_enabled = true
@@ -14,6 +16,8 @@ module GemChangelogDiff
       @concurrency = 4
       @ignore_gems = []
       @no_color = false
+      @request_timeout = 10
+      @total_timeout = 120
     end
 
     def apply(hash)

data/lib/gem_changelog_diff/github_client.rb

@@ -6,39 +6,88 @@ require "json"
 module GemChangelogDiff
   class GithubClient
     RELEASES_URL = "https://api.github.com/repos/%<repo>s/releases"
-    TAG_VERSION_REGEX = /\Av?(\d+\..+)\z/
     RATE_LIMIT_WARNING_THRESHOLD = 10
+    MAX_PAGES = 10
 
     def initialize(cache: nil)
       @cache = cache
     end
 
     def releases_between(repo, current_version, newest_version)
-      releases = fetch_releases(repo)
+      gem_name = repo.split("/").last
+      @active_matcher = TagMatcher.new(gem_name: gem_name)
+      releases = fetch_releases(repo, current_version)
       filter_releases(releases, current_version, newest_version)
     end
 
     private
 
-    def fetch_releases(repo)
-      uri = URI(format(RELEASES_URL, repo: repo))
-      uri.query = URI.encode_www_form(per_page: 30)
+    def fetch_releases(repo, current_version = nil)
+      current = current_version ? safe_gem_version(current_version) : nil
+      paginate_releases(repo, current)
+    rescue SocketError, Errno::ECONNREFUSED, Errno::EHOSTUNREACH,
+           Errno::ETIMEDOUT, Errno::ECONNRESET,
+           Net::OpenTimeout, Net::ReadTimeout,
+           OpenSSL::SSL::SSLError => e
+      raise NetworkError, "GitHub API request failed: #{e.message}"
+    end
+
+    def paginate_releases(repo, current)
+      all_releases = []
+
+      (1..MAX_PAGES).each do |page|
+        response, page_releases = fetch_release_page(repo, page)
+        break if page_releases.empty?
 
+        all_releases.concat(page_releases)
+        break if current && oldest_before_current?(page_releases, current)
+        break unless next_page?(response)
+      end
+
+      all_releases
+    end
+
+    def fetch_release_page(repo, page)
+      uri = build_releases_uri(repo, page)
       response = execute_request(uri)
       check_rate_limit(response)
-      handle_response(response)
-    rescue SocketError, Errno::ECONNREFUSED, Errno::EHOSTUNREACH,
-           Net::OpenTimeout, Net::ReadTimeout => e
-      raise NetworkError, "GitHub API request failed: #{e.message}"
+      [response, handle_response(response)]
+    end
+
+    def build_releases_uri(repo, page)
+      uri = URI(format(RELEASES_URL, repo: repo))
+      uri.query = URI.encode_www_form(per_page: 100, page: page)
+      uri
+    end
+
+    def next_page?(response)
+      link = response["Link"]
+      return false unless link
+
+      link.include?('rel="next"')
+    end
+
+    def oldest_before_current?(releases, current)
+      releases.any? do |r|
+        version = @active_matcher.extract_version(r["tag_name"])
+        next false unless version
+
+        gem_version = safe_gem_version(version)
+        gem_version && gem_version < current
+      end
     end
 
     def execute_request(uri)
       headers = request_headers
       return @cache.get(uri, headers: headers) if @cache
 
+      timeout = GemChangelogDiff.configuration.request_timeout
       request = Net::HTTP::Get.new(uri)
       headers.each { |k, v| request[k] = v }
-      Net::HTTP.start(uri.hostname, uri.port, use_ssl: true) { |http| http.request(request) }
+      Net::HTTP.start(uri.hostname, uri.port,
+                      use_ssl: true, open_timeout: timeout, read_timeout: timeout) do |http|
+        http.request(request)
+      end
     end
 
     def request_headers
@@ -52,7 +101,7 @@ module GemChangelogDiff
     end
 
     def handle_response(response)
-      return [] if response.code == "404"
+      return [] if %w[301 404].include?(response.code)
 
       if response.code == "403" && response["X-RateLimit-Remaining"] == "0"
         raise RateLimitError, "GitHub API rate limit exceeded. Use --token to authenticate."
@@ -71,31 +120,35 @@ module GemChangelogDiff
     end
 
     def filter_releases(releases, current_version, newest_version)
-      current = Gem::Version.new(current_version)
-      newest = Gem::Version.new(newest_version)
+      current = safe_gem_version(current_version)
+      newest = safe_gem_version(newest_version)
+      return [] unless current && newest
 
       matched = releases.filter_map { |r| build_release(r, current, newest) }
       sort_releases(matched)
     end
 
     def build_release(release, current, newest)
-      version = extract_version(release["tag_name"])
-      return unless version
+      version_str = @active_matcher.extract_version(release["tag_name"])
+      return unless version_str
 
-      gem_version = Gem::Version.new(version)
-      return unless gem_version > current && gem_version <= newest
+      gem_version = safe_gem_version(version_str)
+      return unless gem_version && gem_version > current && gem_version <= newest
 
       { tag_name: release["tag_name"], name: release["name"],
         published_at: release["published_at"], body: release["body"] }
     end
 
     def sort_releases(releases)
-      releases.sort_by { |r| Gem::Version.new(extract_version(r[:tag_name])) }.reverse
+      releases.sort_by do |r|
+        safe_gem_version(@active_matcher.extract_version(r[:tag_name])) || Gem::Version.new("0")
+      end.reverse
     end
 
-    def extract_version(tag)
-      match = tag&.match(TAG_VERSION_REGEX)
-      match ? match[1] : nil
+    def safe_gem_version(version_str)
+      Gem::Version.new(version_str)
+    rescue ArgumentError
+      nil
     end
   end
 end

data/lib/gem_changelog_diff/interactive.rb

@@ -10,7 +10,8 @@ module GemChangelogDiff
 
     def select
       prompt = TTY::Prompt.new
-      prompt.multi_select("Select gems to check:", per_page: 15) do |menu|
+      prompt.multi_select("Select gems to check:",
+                          per_page: 15, help: "(Space to select, Enter to confirm)") do |menu|
         @gems.each do |gem|
           menu.choice "#{gem.name} (#{gem.current_version} → #{gem.newest_version})", gem
         end

data/lib/gem_changelog_diff/rubygems_client.rb

@@ -6,17 +6,17 @@ require "json"
 module GemChangelogDiff
   class RubygemsClient
     RUBYGEMS_API = "https://rubygems.org/api/v1/gems/%<name>s.json"
-    GITHUB_REPO_REGEX = %r{github\.com/([^/]+)/([^/]+)}
 
-    def initialize(cache: nil)
+    def initialize(cache: nil, uri_resolver: UriResolver.new)
       @cache = cache
+      @uri_resolver = uri_resolver
     end
 
     def repo_url(gem_name)
       data = fetch_gem_data(gem_name)
       return nil unless data
 
-      extract_github_repo(data)
+      @uri_resolver.resolve(data)
     end
 
     def latest_version(gem_name)
@@ -28,29 +28,23 @@ module GemChangelogDiff
 
     def fetch_gem_data(gem_name)
       uri = URI(format(RUBYGEMS_API, name: gem_name))
-      response = @cache ? @cache.get(uri) : Net::HTTP.get_response(uri)
+      response = @cache ? @cache.get(uri) : fetch_from_api(uri)
       return nil unless response.is_a?(Net::HTTPSuccess)
 
       JSON.parse(response.body)
     rescue SocketError, Errno::ECONNREFUSED, Errno::EHOSTUNREACH,
-           Net::OpenTimeout, Net::ReadTimeout => e
+           Errno::ETIMEDOUT, Errno::ECONNRESET,
+           Net::OpenTimeout, Net::ReadTimeout,
+           OpenSSL::SSL::SSLError, JSON::ParserError => e
       raise NetworkError, "RubyGems API request failed: #{e.message}"
     end
 
-    def extract_github_repo(data)
-      %w[source_code_uri homepage_uri bug_tracker_uri].each do |field|
-        url = data[field]
-        next if url.nil? || url.empty?
-
-        match = url.match(GITHUB_REPO_REGEX)
-        next unless match
-
-        owner = match[1]
-        repo = match[2].sub(/\.git\z/, "").sub(%r{/.*}, "")
-        return "#{owner}/#{repo}"
+    def fetch_from_api(uri)
+      timeout = GemChangelogDiff.configuration.request_timeout
+      Net::HTTP.start(uri.hostname, uri.port,
+                      use_ssl: true, open_timeout: timeout, read_timeout: timeout) do |http|
+        http.request(Net::HTTP::Get.new(uri))
       end
-
-      nil
     end
   end
 end

data/lib/gem_changelog_diff/tag_matcher.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+module GemChangelogDiff
+  class TagMatcher
+    STANDARD_PATTERN = /\A(?:release-)?v?(\d+\..+)\z/
+
+    def initialize(gem_name: nil)
+      @gem_name = gem_name
+    end
+
+    def extract_version(tag)
+      return nil if tag.nil? || tag.strip.empty?
+
+      version = try_gem_prefixed(tag) || try_standard_pattern(tag)
+      return nil unless version
+
+      validate_version(version)
+    end
+
+    private
+
+    def try_gem_prefixed(tag)
+      return nil unless @gem_name
+
+      prefix = "#{@gem_name}-"
+      return nil unless tag.start_with?(prefix)
+
+      raw = tag.delete_prefix(prefix)
+      raw.start_with?("v") ? raw[1..] : raw
+    end
+
+    def try_standard_pattern(tag)
+      match = tag.match(STANDARD_PATTERN)
+      match ? match[1] : nil
+    end
+
+    def validate_version(version_str)
+      Gem::Version.new(version_str)
+      version_str
+    rescue ArgumentError
+      nil
+    end
+  end
+end

data/lib/gem_changelog_diff/uri_resolver.rb

@@ -0,0 +1,101 @@
+# frozen_string_literal: true
+
+require "net/http"
+require "uri"
+
+module GemChangelogDiff
+  class UriResolver
+    GITHUB_REGEX = %r{github\.com/([^/]+)/([^/]+)}
+    NON_GITHUB_HOSTS = {
+      "gitlab.com" => "GitLab",
+      "codeberg.org" => "Codeberg",
+      "bitbucket.org" => "Bitbucket",
+      "sr.ht" => "SourceHut"
+    }.freeze
+    URI_FIELDS = %w[source_code_uri homepage_uri bug_tracker_uri].freeze
+    MAX_REDIRECTS = 3
+
+    def resolve(gem_data)
+      uris = extract_uris(gem_data)
+      return nil if uris.empty?
+
+      non_github = detect_non_github(uris)
+      raise RepoNotFoundError, "hosted on #{non_github} (not supported)" if non_github
+
+      slug = extract_github_slug(uris)
+      return nil unless slug
+
+      follow_redirects(slug)
+    end
+
+    private
+
+    def extract_uris(data)
+      URI_FIELDS.filter_map do |field|
+        value = data[field]
+        value unless value.nil? || value.to_s.strip.empty?
+      end
+    end
+
+    def detect_non_github(uris)
+      uris.each do |url|
+        host = URI.parse(url).host&.downcase
+        NON_GITHUB_HOSTS.each do |domain, name|
+          return name if host&.end_with?(domain)
+        end
+      rescue URI::InvalidURIError
+        next
+      end
+      nil
+    end
+
+    def extract_github_slug(uris)
+      uris.each do |url|
+        match = url.match(GITHUB_REGEX)
+        next unless match
+
+        owner = match[1]
+        repo = match[2].sub(/\.git\z/, "").sub(%r{/.*}, "")
+        return "#{owner}/#{repo}"
+      end
+      nil
+    end
+
+    def follow_redirects(slug, remaining = MAX_REDIRECTS)
+      return slug if remaining <= 0
+
+      response = execute_head_request(URI("https://api.github.com/repos/#{slug}"))
+      return slug unless response.is_a?(Net::HTTPRedirection)
+
+      new_slug = extract_slug_from_location(response["Location"])
+      new_slug ? follow_redirects(new_slug, remaining - 1) : slug
+    rescue SocketError, Errno::ECONNREFUSED, Errno::EHOSTUNREACH,
+           Errno::ETIMEDOUT, Errno::ECONNRESET,
+           Net::OpenTimeout, Net::ReadTimeout, OpenSSL::SSL::SSLError
+      slug
+    end
+
+    def extract_slug_from_location(location)
+      location&.match(%r{repos/([^/]+/[^/]+)})&.then { |m| m[1] }
+    end
+
+    def execute_head_request(uri)
+      request = Net::HTTP::Head.new(uri)
+      request_headers.each { |k, v| request[k] = v }
+      Net::HTTP.start(uri.hostname, uri.port,
+                      use_ssl: true, open_timeout: 5, read_timeout: 5) do |http|
+        http.request(request)
+      end
+    end
+
+    def request_headers
+      headers = {
+        "Accept" => "application/vnd.github.v3+json",
+        "User-Agent" => "gem_changelog_diff/#{VERSION}"
+      }
+      token = GemChangelogDiff.configuration.github_token
+      headers["Authorization"] = "token #{token}" if token
+      headers
+    end
+  end
+end

data/lib/gem_changelog_diff/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module GemChangelogDiff
-  VERSION = "0.7.0"
+  VERSION = "0.8.0"
 end

data/lib/gem_changelog_diff.rb

@@ -12,6 +12,8 @@ require_relative "gem_changelog_diff/errors"
 require_relative "gem_changelog_diff/cache"
 require_relative "gem_changelog_diff/outdated_gem"
 require_relative "gem_changelog_diff/detector"
+require_relative "gem_changelog_diff/uri_resolver"
+require_relative "gem_changelog_diff/tag_matcher"
 require_relative "gem_changelog_diff/rubygems_client"
 require_relative "gem_changelog_diff/lockfile_parser"
 require_relative "gem_changelog_diff/github_client"

data/sig/gem_changelog_diff.rbs

@@ -30,6 +30,8 @@ module GemChangelogDiff
     attr_accessor concurrency: Integer
     attr_accessor ignore_gems: Array[String]
     attr_accessor no_color: bool
+    attr_accessor request_timeout: Integer
+    attr_accessor total_timeout: Integer
 
     VALID_KEYS: Array[Symbol]
 
@@ -102,18 +104,48 @@ module GemChangelogDiff
     def parse: (String output) -> Array[OutdatedGem]
   end
 
+  class UriResolver
+    GITHUB_REGEX: Regexp
+    NON_GITHUB_HOSTS: Hash[String, String]
+    URI_FIELDS: Array[String]
+    MAX_REDIRECTS: Integer
+
+    def resolve: (Hash[String, untyped] gem_data) -> String?
+
+    private
+
+    def extract_uris: (Hash[String, untyped] data) -> Array[String]
+    def detect_non_github: (Array[String] uris) -> String?
+    def extract_github_slug: (Array[String] uris) -> String?
+    def follow_redirects: (String slug, ?Integer remaining) -> String
+    def execute_head_request: (URI::Generic uri) -> (Net::HTTPResponse)
+    def request_headers: () -> Hash[String, String]
+  end
+
+  class TagMatcher
+    STANDARD_PATTERN: Regexp
+
+    def initialize: (?gem_name: String?) -> void
+    def extract_version: (String? tag) -> String?
+
+    private
+
+    def try_gem_prefixed: (String tag) -> String?
+    def try_standard_pattern: (String tag) -> String?
+    def validate_version: (String version_str) -> String?
+  end
+
   class RubygemsClient
     RUBYGEMS_API: String
-    GITHUB_REPO_REGEX: Regexp
 
-    def initialize: (?cache: Cache?) -> void
+    def initialize: (?cache: Cache?, ?uri_resolver: UriResolver) -> void
     def repo_url: (String gem_name) -> String?
     def latest_version: (String gem_name) -> String?
 
     private
 
     def fetch_gem_data: (String gem_name) -> Hash[String, untyped]?
-    def extract_github_repo: (Hash[String, untyped] data) -> String?
+    def fetch_from_api: (URI::Generic uri) -> Net::HTTPResponse
   end
 
   class LockfileParser
@@ -153,6 +185,7 @@ module GemChangelogDiff
     def process_line: (String line, Array[[String, String]] sections, String? current_version, Array[String] current_body) -> [String?, Array[String]]
     def flush_section: (Array[[String, String]] sections, String? version, Array[String] body) -> void
     def clean_version: (String raw) -> String
+    def safe_gem_version: (String version_str) -> Gem::Version?
   end
 
   class SourceResolver
@@ -162,15 +195,18 @@ module GemChangelogDiff
 
   class GithubClient
     RELEASES_URL: String
-    TAG_VERSION_REGEX: Regexp
     RATE_LIMIT_WARNING_THRESHOLD: Integer
+    MAX_PAGES: Integer
 
     def initialize: (?cache: Cache?) -> void
     def releases_between: (String repo, String current_version, String newest_version) -> Array[release_hash]
 
     private
 
-    def fetch_releases: (String repo) -> Array[Hash[String, untyped]]
+    def fetch_releases: (String repo, ?String? current_version) -> Array[Hash[String, untyped]]
+    def build_releases_uri: (String repo, Integer page) -> URI::Generic
+    def next_page?: ((Net::HTTPResponse | CachedResponse) response) -> bool
+    def oldest_before_current?: (Array[Hash[String, untyped]] releases, Gem::Version current) -> bool
     def execute_request: (URI::Generic uri) -> (Net::HTTPResponse | CachedResponse)
     def request_headers: () -> Hash[String, String]
     def handle_response: (Net::HTTPResponse | CachedResponse response) -> Array[Hash[String, untyped]]
@@ -178,7 +214,7 @@ module GemChangelogDiff
     def filter_releases: (Array[Hash[String, untyped]] releases, String current_version, String newest_version) -> Array[release_hash]
     def build_release: (Hash[String, untyped] release, Gem::Version current, Gem::Version newest) -> release_hash?
     def sort_releases: (Array[release_hash] releases) -> Array[release_hash]
-    def extract_version: (String? tag) -> String?
+    def safe_gem_version: (String version_str) -> Gem::Version?
   end
 
   class ConcurrentFetcher
@@ -187,6 +223,7 @@ module GemChangelogDiff
 
     private
 
+    def run_workers: [T, U] (Array[T], &) -> Array[U]
     def spawn_workers: (Queue[untyped], Array[untyped], &) -> Array[Thread]
     def process_queue: (Queue[untyped], Array[untyped], &) -> void
   end
@@ -270,6 +307,7 @@ module GemChangelogDiff
     def load_config: () -> void
     def dry_run_output: (Array[OutdatedGem] gems) -> void
     def format_dry_run: (Array[OutdatedGem] gems) -> String
+    def configure_timeout: () -> void
     def rails_credentials_token: () -> String?
     def output_results: (Array[OutdatedGem] gems) -> void
     def resolved_format: () -> String

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gem_changelog_diff
 version: !ruby/object:Gem::Version
-  version: 0.7.0
+  version: 0.8.0
 platform: ruby
 authors:
 - Chuck Smith
@@ -104,6 +104,8 @@ files:
 - lib/gem_changelog_diff/outdated_gem.rb
 - lib/gem_changelog_diff/rubygems_client.rb
 - lib/gem_changelog_diff/source_resolver.rb
+- lib/gem_changelog_diff/tag_matcher.rb
+- lib/gem_changelog_diff/uri_resolver.rb
 - lib/gem_changelog_diff/version.rb
 - sig/gem_changelog_diff.rbs
 homepage: https://github.com/eclectic-coding/gem_changelog_diff