obituary 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 4f4cdf9f9835202c98cc63e88ad67118e118452dcbc685377300db5f931758ba
+  data.tar.gz: 381d5992bc0e4450700095fef0a967f951adbceee8328e6f8a3d7f504d81657d
+SHA512:
+  metadata.gz: 865223eb644a0a2cd994d885b521d747d051b04c20c177898278f8cd80e920d22fe1ef55705617289468b3e03ac3b14ecde25d948855e8030ce909ac701afa12
+  data.tar.gz: 0dfe545e0847c6233217c133f563204b4bf866be060c9e04a8194ed6d6ab8c306353b58d06b8e2d9a4b2f1f6d7858e2f9ff1b01f4ea03db07c1055cc81d08c04

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2026 Yudai Takada
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,94 @@
+# Obituary
+
+Obituary detects archived GitHub repositories for your RubyGem dependencies. It can be used as a CLI command in CI or as an RSpec matcher to keep dependency health visible.
+
+## Installation
+
+Install the gem and add to the application's Gemfile by executing:
+
+```bash
+bundle add obituary
+```
+
+If bundler is not being used to manage dependencies, install the gem by executing:
+
+```bash
+gem install obituary
+```
+
+## Setup
+
+Set your GitHub token in the environment so the GitHub API can be queried.
+
+```bash
+export GITHUB_TOKEN=your_token_here
+```
+
+## Configuration
+
+Obituary reads `.obituary.yml` from the project root by default.
+
+```yaml
+include_transitive: false
+github_token_env: "GITHUB_TOKEN"
+ignore:
+  - some_archived_but_ok_gem
+overrides:
+  some_gem: "https://github.com/owner/repo"
+```
+
+## Usage (CLI)
+
+```bash
+bundle exec obituary
+bundle exec obituary --include-transitive
+bundle exec obituary --format json
+```
+
+## Usage (RSpec)
+
+```ruby
+require "obituary/rspec"
+
+RSpec.describe "Dependency health" do
+  it "does not depend on archived gems" do
+    expect(:bundle).not_to have_archived_gems
+  end
+end
+```
+
+## CI Example
+
+```yaml
+name: Dependency Health Check
+on:
+  schedule:
+    - cron: '0 9 * * 1'
+  workflow_dispatch:
+
+jobs:
+  check-archived:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: ruby/setup-ruby@v1
+        with:
+          bundler-cache: true
+      - run: gem install obituary
+      - run: obituary check
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+```
+
+## Limitations
+
+- Only GitHub repositories are supported.
+- Private repositories require a token with access.
+
+## Development
+
+After checking out the repo, run `bundle exec rspec` to run the tests.
+
+## License
+
+The gem is available as open source under the terms of the MIT License.

data/Rakefile

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec)
+
+task default: :spec

data/exe/obituary

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'obituary'
+
+Obituary::CLI.start(ARGV)

data/lib/obituary/archive_checker.rb

@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+
+require 'json'
+require 'net/http'
+require 'uri'
+
+module Obituary
+  class ArchiveChecker
+    API_ENDPOINT = 'https://api.github.com/repos'
+    WARNING_THRESHOLD = 100
+
+    def initialize(github_token:)
+      @github_token = github_token
+    end
+
+    def archived?(owner_repo)
+      url = URI.join("#{API_ENDPOINT}/", owner_repo)
+      request = Net::HTTP::Get.new(url)
+      request['Authorization'] = "Bearer #{@github_token}"
+      request['Accept'] = 'application/vnd.github.v3+json'
+
+      response = Net::HTTP.start(url.hostname, url.port, use_ssl: true) do |http|
+        http.request(request)
+      end
+
+      warn_if_rate_limit_low(response)
+
+      case response
+      when Net::HTTPSuccess
+        data = JSON.parse(response.body)
+        data.fetch('archived', nil)
+      when Net::HTTPNotFound
+        warn("Repository not found for #{owner_repo}")
+        nil
+      when Net::HTTPUnauthorized
+        raise Obituary::Error, 'GitHub token unauthorized'
+      when Net::HTTPForbidden
+        raise Obituary::Error, 'GitHub API rate limit exceeded'
+      else
+        warn("GitHub API error for #{owner_repo}: #{response.code}")
+        nil
+      end
+    rescue JSON::ParserError
+      warn("Unable to parse GitHub response for #{owner_repo}")
+      nil
+    end
+
+    private
+
+    def warn_if_rate_limit_low(response)
+      remaining = response['X-RateLimit-Remaining']
+      return unless remaining
+
+      remaining_value = remaining.to_i
+      return if remaining_value > WARNING_THRESHOLD
+
+      warn("GitHub rate limit low: #{remaining_value} remaining")
+    end
+  end
+end

data/lib/obituary/cli.rb

@@ -0,0 +1,107 @@
+# frozen_string_literal: true
+
+require 'json'
+require 'optparse'
+
+module Obituary
+  class CLI
+    DEFAULT_CONFIG = '.obituary.yml'
+
+    def self.start(argv)
+      new.start(argv)
+    end
+
+    def start(argv)
+      summary = run(argv)
+      exit(summary)
+    rescue SystemExit
+      raise
+    rescue StandardError => e
+      warn(e.message)
+      exit(2)
+    end
+
+    def run(argv)
+      options = {
+        include_transitive: nil,
+        config: DEFAULT_CONFIG,
+        format: 'text',
+        no_fail: false
+      }
+
+      parser = OptionParser.new do |opts|
+        opts.banner = 'Usage: obituary check [options]'
+        opts.on('--include-transitive', 'Include transitive dependencies') { options[:include_transitive] = true }
+        opts.on('--config PATH', 'Path to config file') { |value| options[:config] = value }
+        opts.on('--format FORMAT', 'Output format: text or json') { |value| options[:format] = value }
+        opts.on('--no-fail', 'Always return exit code 0') { options[:no_fail] = true }
+      end
+
+      args = argv.dup
+      if args.first == 'check'
+        args.shift
+      end
+
+      parser.parse!(args)
+
+      config = Configuration.load(path: options[:config])
+      config.include_transitive = options[:include_transitive] unless options[:include_transitive].nil?
+
+      summary = Runner.new(config: config).run
+
+      output(summary, options[:format])
+
+      summary.passed? || options[:no_fail] ? 0 : 1
+    end
+
+    private
+
+    def output(summary, format)
+      case format
+      when 'json'
+        payload = {
+          archived: format_results(summary.archived_gems),
+          active: format_results(summary.active_gems),
+          unresolved: format_results(summary.unresolved_gems),
+          passed: summary.passed?
+        }
+        puts JSON.pretty_generate(payload)
+      else
+        puts "obituary - Checking #{summary.results.size} gems for archived repositories..."
+        puts ''
+
+        if summary.archived_gems.any?
+          puts "\e[31m✗ ARCHIVED:\e[0m"
+          summary.archived_gems.each do |result|
+            puts "  - #{result.gem_name} (https://github.com/#{result.repository})"
+          end
+          puts ''
+        end
+
+        if summary.unresolved_gems.any?
+          puts "\e[33m⚠ UNRESOLVED (repository not found):\e[0m"
+          summary.unresolved_gems.each do |result|
+            puts "  - #{result.gem_name}"
+          end
+          puts ''
+        end
+
+        ok_count = summary.active_gems.count
+        archived_count = summary.archived_gems.count
+        unresolved_count = summary.unresolved_gems.count
+        puts "\e[32m✓ #{ok_count} gems OK, #{archived_count} archived, #{unresolved_count} unresolved\e[0m"
+
+        if archived_count.positive?
+          puts ''
+          puts "FAILED: #{archived_count} archived gems detected."
+        end
+      end
+    end
+
+    def format_results(results)
+      results.map do |result|
+        { gem: result.gem_name, repository: result.repository, archived: result.archived, error: result.error }
+      end
+    end
+  end
+end

data/lib/obituary/configuration.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+require 'yaml'
+
+module Obituary
+  class Configuration
+    DEFAULT_INCLUDE_TRANSITIVE = false
+    DEFAULT_GITHUB_TOKEN_ENV = 'GITHUB_TOKEN'
+
+    attr_accessor :include_transitive, :github_token_env, :ignore, :overrides
+
+    def self.load(path: '.obituary.yml')
+      return new unless File.exist?(path)
+
+      raw = YAML.safe_load_file(path, aliases: false)
+      data = (raw || {}).transform_keys(&:to_sym)
+
+      new(
+        include_transitive: data.fetch(:include_transitive, DEFAULT_INCLUDE_TRANSITIVE),
+        github_token_env: data.fetch(:github_token_env, DEFAULT_GITHUB_TOKEN_ENV),
+        ignore: Array(data[:ignore]),
+        overrides: data.fetch(:overrides, {})
+      )
+    end
+
+    def initialize(
+      include_transitive: DEFAULT_INCLUDE_TRANSITIVE,
+      github_token_env: DEFAULT_GITHUB_TOKEN_ENV,
+      ignore: [],
+      overrides: {}
+    )
+      @include_transitive = include_transitive
+      @github_token_env = github_token_env
+      @ignore = ignore
+      @overrides = overrides
+    end
+  end
+end

data/lib/obituary/dependency_resolver.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+require 'bundler'
+
+module Obituary
+  class DependencyResolver
+    def resolve(include_transitive:)
+      gems = if include_transitive
+               Bundler.definition.specs.map(&:name)
+             else
+               Bundler.definition.dependencies.map(&:name)
+             end
+
+      gems.reject { |name| name == 'bundler' }.uniq.sort
+    end
+  end
+end

data/lib/obituary/repository_finder.rb

@@ -0,0 +1,82 @@
+# frozen_string_literal: true
+
+require 'json'
+require 'net/http'
+require 'uri'
+
+module Obituary
+  class RepositoryFinder
+    RUBYGEMS_API = 'https://rubygems.org/api/v1/gems'
+    GITHUB_REGEX = %r{github\.com[/:]([^/]+)/([^/.]+)}
+
+    def initialize(config: Obituary.configuration)
+      @config = config
+      @cache = {}
+    end
+
+    def find(gem_name)
+      return @cache[gem_name] if @cache.key?(gem_name)
+
+      override = @config.overrides[gem_name]
+      if override
+        @cache[gem_name] = parse_github_repo(override)
+        return @cache[gem_name]
+      end
+
+      data = fetch_rubygems(gem_name)
+      if data
+        repo = parse_github_repo(data['source_code_uri']) ||
+               parse_github_repo(data['homepage_uri'])
+        return @cache[gem_name] = repo
+      end
+
+      @cache[gem_name] = parse_git_source_from_lock(gem_name)
+    end
+
+    private
+
+    def fetch_rubygems(gem_name)
+      url = URI.join("#{RUBYGEMS_API}/", "#{gem_name}.json")
+      response = Net::HTTP.get_response(url)
+      return nil unless response.is_a?(Net::HTTPSuccess)
+
+      JSON.parse(response.body)
+    rescue JSON::ParserError, URI::InvalidURIError
+      nil
+    end
+
+    def parse_git_source_from_lock(gem_name)
+      lock_path = Bundler.default_lockfile
+      return nil unless File.exist?(lock_path)
+
+      content = File.read(lock_path)
+      content.split(/\n\n+/).each do |section|
+        next unless section.start_with?("GIT\n")
+
+        remote = section.lines.find { |line| line.strip.start_with?('remote:') }
+        next unless remote
+
+        repo = parse_github_repo(remote.split(':', 2).last.to_s.strip)
+        next unless repo
+
+        gems_section = section.split("\n\n").last
+        next unless gems_section
+
+        return repo if gems_section.lines.any? { |line| line.strip.start_with?("#{gem_name} (") }
+      end
+
+      nil
+    end
+
+    def parse_github_repo(url)
+      return nil if url.nil? || url.strip.empty?
+
+      match = url.match(GITHUB_REGEX)
+      return nil unless match
+
+      owner = match[1]
+      repo = match[2]
+      "#{owner}/#{repo}"
+    end
+  end
+end

data/lib/obituary/result.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module Obituary
+  class Result
+    attr_reader :gem_name, :repository, :archived, :error
+
+    def initialize(gem_name:, repository:, archived:, error: nil)
+      @gem_name = gem_name
+      @repository = repository
+      @archived = archived
+      @error = error
+    end
+  end
+
+  class CheckSummary
+    attr_reader :results
+
+    def initialize(results)
+      @results = results
+    end
+
+    def archived_gems
+      results.select { |result| result.archived == true }
+    end
+
+    def active_gems
+      results.select { |result| result.archived == false }
+    end
+
+    def unresolved_gems
+      results.select { |result| result.repository.nil? }
+    end
+
+    def passed?
+      archived_gems.empty?
+    end
+  end
+end

data/lib/obituary/rspec/matchers.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+require 'rspec/expectations'
+
+module Obituary
+  module RSpec
+    module Matchers
+      ::RSpec::Matchers.define :have_archived_gems do |options = {}|
+        supports_block_expectations
+        match do |_|
+          config = Obituary.configuration
+          config = Configuration.new(
+            include_transitive: config.include_transitive,
+            github_token_env: config.github_token_env,
+            ignore: config.ignore,
+            overrides: config.overrides
+          )
+
+          config.include_transitive = options[:include_transitive] if options.key?(:include_transitive)
+
+          @summary = Runner.new(config: config).run
+          @summary.archived_gems.any?
+        end
+
+        failure_message_when_negated do |_|
+          archived = @summary.archived_gems
+          lines = archived.map { |result| "  - #{result.gem_name} (#{result.repository})" }
+          "Expected no archived gems, but found #{archived.size}:\n#{lines.join("\n")}"
+        end
+      end
+    end
+  end
+end

data/lib/obituary/rspec.rb

@@ -0,0 +1,3 @@
+# frozen_string_literal: true
+
+require_relative 'rspec/matchers'

data/lib/obituary/runner.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+module Obituary
+  class Runner
+    def initialize(config: Obituary.configuration)
+      @config = config
+    end
+
+    def run
+      token = ENV.fetch(@config.github_token_env) do
+        raise Obituary::Error, "Missing GitHub token in #{@config.github_token_env}"
+      end
+
+      resolver = DependencyResolver.new
+      finder = RepositoryFinder.new(config: @config)
+      checker = ArchiveChecker.new(github_token: token)
+
+      gems = resolver.resolve(include_transitive: @config.include_transitive)
+      gems = gems.reject { |name| @config.ignore.include?(name) }
+
+      results = gems.map do |gem_name|
+        repository = finder.find(gem_name)
+        archived = repository ? checker.archived?(repository) : nil
+        Result.new(gem_name: gem_name, repository: repository, archived: archived)
+      rescue StandardError => e
+        Result.new(gem_name: gem_name, repository: nil, archived: nil, error: e.message)
+      end
+
+      CheckSummary.new(results)
+    end
+  end
+end

data/lib/obituary/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Obituary
+  VERSION = '0.1.0'
+end

data/lib/obituary.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+require_relative 'obituary/version'
+require_relative 'obituary/configuration'
+require_relative 'obituary/dependency_resolver'
+require_relative 'obituary/repository_finder'
+require_relative 'obituary/archive_checker'
+require_relative 'obituary/result'
+require_relative 'obituary/runner'
+require_relative 'obituary/cli'
+require_relative 'obituary/rspec'
+
+module Obituary
+  class Error < StandardError; end
+
+  class << self
+    def configure
+      yield(configuration)
+    end
+
+    def configuration
+      @configuration ||= Configuration.load
+    end
+  end
+end

metadata

@@ -0,0 +1,74 @@
+--- !ruby/object:Gem::Specification
+name: obituary
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Yudai Takada
+bindir: exe
+cert_chain: []
+date: 1980-01-02 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '2.0'
+description: Checks Gem dependencies against GitHub and reports archived repositories.
+email:
+- t.yudai92@gmail.com
+executables:
+- obituary
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE.txt
+- README.md
+- Rakefile
+- exe/obituary
+- lib/obituary.rb
+- lib/obituary/archive_checker.rb
+- lib/obituary/cli.rb
+- lib/obituary/configuration.rb
+- lib/obituary/dependency_resolver.rb
+- lib/obituary/repository_finder.rb
+- lib/obituary/result.rb
+- lib/obituary/rspec.rb
+- lib/obituary/rspec/matchers.rb
+- lib/obituary/runner.rb
+- lib/obituary/version.rb
+homepage: https://github.com/ydah/obituary
+licenses:
+- MIT
+metadata:
+  allowed_push_host: https://rubygems.org
+  homepage_uri: https://github.com/ydah/obituary
+  source_code_uri: https://github.com/ydah/obituary
+  rubygems_mfa_required: 'true'
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 3.1.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 4.0.6
+specification_version: 4
+summary: Detect archived GitHub repositories for RubyGem dependencies.
+test_files: []