RubyGems - rubion - Versions diffs - 0.3.10 → 0.3.11 - Mend

rubion 0.3.10 → 0.3.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4c4e3c0ca5fe5a8dcb5e1283bee4f507cd40cce64796bfff6fb261cabc944bc7
-  data.tar.gz: 37b74184805f031a5cb839ab5e0fec28079d3735009db697523b0d90639d01bf
+  metadata.gz: 752260b2ea57b15d75df668a60d1e1a93734b3e86da997c57b852f6c77e0d292
+  data.tar.gz: 513e0b0af66f262f8998d481fdcf7eafd9652bb0d2c2381f49f868034cb6a597
 SHA512:
-  metadata.gz: e1547c0bcb405af894e41fbe47607045349ceff8359592c02bef854b2ec7f2d5314ac6f4d3334312cc85196a3bd02633696bda509045f5f17c6369093100a9be
-  data.tar.gz: 57cecf15af4f037567c43d4ae38ef6c5c383b7e4ad33bc59ef65515609d1bc45ee376f413097fa8df050aae29177b9a0079c9d4c5a6f3820efac1dd872e0eb15
+  metadata.gz: 2b4c4b59d717ad577482a6da93ab5fda7cf42940ebcec8c3d695e889c81e63843b631f26324f2a64f9af5b67ab9126e4bb34c37b9bfdd03f55ed36069de928c6
+  data.tar.gz: 379406e86fb8989acbffdd1acf3252e5d1b726525e46b26b6b418e5e66bbe47620008589f0b5f8be56898617162333ba47d2e85885fbe052f3e417b1891bbf7a

data/README.md CHANGED Viewed

@@ -1,8 +1,8 @@
-#  Rubion
+# Rubion
 **Rubion** is a security and version scanner for Ruby and JavaScript projects. It helps you identify vulnerabilities and outdated dependencies in your Ruby gems and NPM/JavaScript packages.
-<img width="1237" height="671" alt="Screenshot 2025-11-14 at 10 48 12 am" src="https://github.com/user-attachments/assets/a3d93452-c442-416a-9697-de59746e16ad" />
+<img width="1237" height="671" alt="Screenshot 2025-11-14 at 10 48 12 am" src="https://github.com/user-attachments/assets/a3d93452-c442-416a-9697-de59746e16ad" />
 ## Features
@@ -10,15 +10,19 @@
 - 📦 **Gem Versions**: Identifies outdated Ruby gems with release dates and version counts
 - 📛 **Package Vulnerabilities**: Scans for known security vulnerabilities in NPM/JavaScript packages using `npm audit` or `yarn audit`
 - 📦 **Package Versions**: Identifies outdated NPM/JavaScript packages with release dates and version counts
+- 🎯 **Direct Dependencies**: Highlights direct dependencies (from `Gemfile`/`package.json`) in bold text
+- 🔍 **Filtering**: Option to show only direct dependencies with `--exclude-dependencies` flag
+- 📊 **Sorting**: Sort results by any column (Name, Current, Date, Latest, Behind By(Time), Behind By(Versions))
 - 📊 **Beautiful Reports**: Organized table output with severity icons (🔴 Critical, 🟠 High, 🟡 Medium, 🟢 Low, ⚪ Unknown)
 - 🚀 **Fast & Efficient**: Parallel API processing (10 concurrent threads) for quick results
 - ⚡ **Incremental Output**: Shows gem results immediately, then scans packages
 - 📅 **Release Dates**: Fetches actual release dates from RubyGems.org and NPM registry
 - 🔢 **Version Analysis**: Shows how many versions behind and time difference
+- 📦 **Multi-Package Manager**: Supports both npm and yarn with automatic detection
 ## Installation
-### Install from RubyGems (when published)
+### Install from RubyGems
 ```bash
 gem install rubion
@@ -27,7 +31,7 @@ gem install rubion
 ### Install from source
 ```bash
-git clone https://github.com/yourusername/rubion.git
+git clone https://github.com/bipashant/rubion.git
 cd rubion
 bundle install
 rake install_local
@@ -35,7 +39,7 @@ rake install_local
 ## Usage
-### Scan your project
+### Basic Scan
 Navigate to your project directory and run:
@@ -49,7 +53,7 @@ This will scan your project for:
 - NPM/JavaScript package vulnerabilities (if `package.json` exists)
 - Outdated NPM/JavaScript packages with release dates
-### Scan options
+### Scan Options
 ```bash
 # Scan only Ruby gems (skip NPM packages)
@@ -66,13 +70,57 @@ rubion scan -p
 rubion scan
 ```
-### View help
+### Sorting Options
+```bash
+# Sort by column name (default: "Behind By(Time)" in descending order)
+rubion scan --sort-by Name
+rubion scan --sort-by Current
+rubion scan --sort-by "Current version released on"
+rubion scan --sort-by Latest
+rubion scan --sort-by "Latest version released on"
+rubion scan --sort-by "Behind By(Time)"
+rubion scan --sort-by "Behind By(Versions)"
+# Short form
+rubion scan -s Name
+# Sort in ascending order
+rubion scan --sort-by Name --asc
+rubion scan --sort-by Name --ascending
+# Sort in descending order (default)
+rubion scan --sort-by Name --desc
+rubion scan --sort-by Name --descending
+```
+**Available columns for sorting:**
+- `Name` - Package/gem name
+- `Current` - Current version
+- `Current version released on` or `Date` - Release date of current version
+- `Latest` - Latest version
+- `Latest version released on` or `Date` - Release date of latest version
+- `Behind By(Time)` - Time difference (default sort, descending)
+- `Behind By(Versions)` - Number of versions behind
+### Filtering Options
+```bash
+# Show only direct dependencies (from Gemfile/package.json)
+rubion scan --exclude-dependencies
+```
+Direct dependencies are automatically highlighted in **bold text** in the output.
+### View Help
 ```bash
 rubion help
+# or
+rubion -h
 ```
-### Check version
+### Check Version
 ```bash
 rubion version
@@ -82,6 +130,8 @@ rubion -v
 ## Output Example
+### Complete Scan Output
 ```
 🔍 Scanning project at: /path/to/project
@@ -94,16 +144,22 @@ Gem Vulnerabilities:
 +----------+--------+---------+------------------------------------------+
 | 🔴 Critical | rexml | 3.4.1   | REXML has DoS condition when parsing... |
 | 🟠 High  | rack   | 2.0.8   | Denial of Service vulnerability         |
+| 🟡 Medium | nokogiri | 1.13.8 | XML parsing vulnerability              |
+| 🟢 Low   | json   | 2.6.1   | JSON parsing issue                      |
 +----------+--------+---------+------------------------------------------+
 Gem Versions:
-+----------+---------+-----------+---------+-----------+-----------+----------+
-| Name     | Current | Date      | Latest  | Date      | Behind By | Versions |
-+----------+---------+-----------+---------+-----------+-----------+----------+
-| sidekiq  | 7.30    | 3/5/2024  | 8.1     | 11/11/2025| 1 year    | 15       |
-| fastimage| 2.2.7   | 2/2/2025  | 2.3.2   | 9/9/2025  | 7 months  | 3        |
-+----------+---------+-----------+---------+-----------+-----------+----------+
++------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
+| Name             | Current | Current version released on | Latest  | Latest version released on | Behind By(Time) ↓ | Behind By(Versions) |
++------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
+| sidekiq          | 7.30    | 3/5/2024                 | 8.1     | 11/11/2025               | 1 year           | 15                |
+| rails             | 7.0.0   | 12/15/2022               | 7.1.0   | 10/4/2024                | 1 year 10 months | 8                 |
+| fastimage         | 2.2.7   | 2/2/2025                  | 2.3.2   | 9/9/2025                 | 7 months         | 3                 |
+| nokogiri          | 1.13.8 | 5/10/2023                 | 1.15.0  | 8/20/2024                | 1 year 3 months  | 12                |
+| redis             | 4.8.0  | 1/15/2023                 | 5.0.0   | 11/1/2024                | 1 year 9 months  | 20                |
+| pg                | 1.4.0  | 3/20/2023                 | 1.5.0   | 9/15/2024                | 1 year 5 months  | 6                 |
++------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
 📦 Checking NPM packages... 45/45 ✓
@@ -112,18 +168,44 @@ Package Vulnerabilities:
 +----------+--------+---------+------------------------------------------+
 | Level    | Name   | Version | Vulnerability                            |
 +----------+--------+---------+------------------------------------------+
-| 🟠 High  | moment | 1.2.3   | Wrong timezone date calculation         |
+| 🔴 Critical | lodash | 4.17.20 | Prototype pollution vulnerability    |
+| 🟠 High  | moment | 2.29.1  | Wrong timezone date calculation         |
+| 🟡 Medium | axios  | 0.21.1  | Server-Side Request Forgery (SSRF)      |
+| 🟢 Low   | debug  | 4.3.1   | Regular Expression Denial of Service   |
 +----------+--------+---------+------------------------------------------+
 Package Versions:
-+----------+---------+-----------+---------+-----------+-----------+----------+
-| Name     | Current | Date      | Latest  | Date      | Behind By | Versions |
-+----------+---------+-----------+---------+-----------+-----------+----------+
-| jquery   | 3.7.1   | 4/5/2024  | 3.9.1   | 10/11/2025| 1 year    | 8        |
-+----------+---------+-----------+---------+-----------+-----------+----------+
++------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
+| Name             | Current | Current version released on | Latest  | Latest version released on | Behind By(Time) ↓ | Behind By(Versions) |
++------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
+| react             | 17.0.2 | 3/3/2021                  | 18.2.0  | 6/14/2023                | 2 years 3 months | 45                |
+| vue               | 3.2.0  | 8/5/2021                  | 3.3.0   | 5/18/2023                | 1 year 9 months  | 8                 |
+| jquery            | 3.7.1  | 4/5/2024                  | 3.9.1   | 10/11/2025               | 1 year           | 8                 |
+| express           | 4.18.0 | 4/25/2022                 | 4.18.2  | 8/15/2023                | 1 year 3 months  | 2                 |
+| webpack           | 5.70.0 | 3/1/2022                  | 5.88.0  | 6/1/2023                 | 1 year 3 months  | 18                |
+| typescript        | 4.7.0  | 5/24/2022                 | 5.1.0   | 5/25/2023                | 1 year           | 12                |
++------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
 ```
+### Direct Dependencies Only (with --exclude-dependencies)
+When using `rubion scan --exclude-dependencies`, only direct dependencies are shown:
+```
+Gem Versions:
++----------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
+| Name     | Current | Current version released on | Latest  | Latest version released on | Behind By(Time) ↓ | Behind By(Versions) |
++----------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
+| **rails**| 7.0.0   | 12/15/2022               | 7.1.0   | 10/4/2024                | 1 year 10 months | 8                 |
+| **sidekiq**| 7.30  | 3/5/2024                 | 8.1     | 11/11/2025               | 1 year           | 15                |
+| **pg**   | 1.4.0  | 3/20/2023                 | 1.5.0   | 9/15/2024                | 1 year 5 months  | 6                 |
++----------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
+```
+**Note:** Direct dependencies (from `Gemfile` or `package.json`) are displayed in **bold text** in the version tables. In the example above, `rails`, `sidekiq`, and `pg` are direct dependencies from the `Gemfile`.
 ## Requirements
 - Ruby 2.6 or higher
@@ -131,7 +213,7 @@ Package Versions:
 - NPM or Yarn (optional, for JavaScript package scanning)
 - `bundler-audit` (optional, for enhanced gem vulnerability detection)
-**Note:** If both npm and yarn are available, Rubion will prompt you to choose which one to use.
+**Note:** If both npm and yarn are available, Rubion will prompt you to choose which one to use. You can respond with 'y' for yarn or 'n' for npm.
 ### Installing bundler-audit (recommended)
@@ -141,6 +223,48 @@ gem install bundler-audit
 **Note:** Without `bundler-audit`, gem vulnerability scanning will be skipped.
+## How It Works
+Rubion uses a modular architecture:
+1. **Scanner** (`lib/rubion/scanner.rb`): Executes various commands to scan for vulnerabilities and outdated versions
+   - `bundle-audit check` for gem vulnerabilities
+   - `bundle outdated --parseable` for gem versions
+   - `npm audit --json` or `yarn audit --json` for package vulnerabilities (auto-detects which is available)
+   - `npm outdated --json` or `yarn outdated` for package versions (auto-detects which is available)
+   - Fetches release dates and version data from RubyGems.org and NPM registry APIs
+   - Uses parallel processing (10 concurrent threads) for fast API calls
+   - Prompts user to choose between npm and yarn if both are available
+   - Parses `Gemfile` and `package.json` to identify direct dependencies
+2. **Reporter** (`lib/rubion/reporter.rb`): Formats scan results into beautiful terminal tables using `terminal-table`
+   - Adds severity icons (🔴 🟠 🟡 🟢 ⚪)
+   - Formats dates, time differences, and version counts
+   - Supports incremental output (gems first, then packages)
+   - Highlights direct dependencies in bold text
+   - Supports sorting by any column with visual indicators (↑/↓)
+   - Filters results based on `--exclude-dependencies` flag
+3. **CLI** (`lib/rubion.rb`): Provides the command-line interface
+   - Parses command-line options (`--gems-only`, `--packages-only`, `--sort-by`, `--asc`, `--desc`, `--exclude-dependencies`)
+   - Coordinates scanning and reporting
+For detailed information about data collection and mapping, see [HOW_IT_WORKS.md](HOW_IT_WORKS.md).
+## Performance
+Rubion is optimized for speed:
+- **Parallel API Processing**: Uses 10 concurrent threads to fetch version data from RubyGems.org and NPM registry
+- **Single API Call Per Package**: Fetches all necessary data (dates, version list) in one request
+- **Incremental Output**: Shows gem results immediately, then scans packages (better UX)
+- **Progress Indicators**: Shows real-time progress like "Checking Ruby gems... 10/54"
+Typical scan times:
+- Gems only: ~4-5 seconds (for ~140 gems)
+- Packages only: ~3-4 seconds (for ~50 packages)
+- Both: ~7-9 seconds total
 ## Development
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt.
@@ -169,30 +293,6 @@ gem build rubion.gemspec
 rake install_local
 ```
-## How It Works
-Rubion uses a modular architecture:
-1. **Scanner** (`lib/rubion/scanner.rb`): Executes various commands to scan for vulnerabilities and outdated versions
-   - `bundle-audit check` for gem vulnerabilities
-   - `bundle outdated --parseable` for gem versions
-   - `npm audit --json` or `yarn audit --json` for package vulnerabilities (auto-detects which is available)
-   - `npm outdated --json` or `yarn outdated --json` for package versions (auto-detects which is available)
-   - Fetches release dates and version data from RubyGems.org and NPM registry APIs
-   - Uses parallel processing (10 concurrent threads) for fast API calls
-   - Prompts user to choose between npm and yarn if both are available
-2. **Reporter** (`lib/rubion/reporter.rb`): Formats scan results into beautiful terminal tables using `terminal-table`
-   - Adds severity icons (🔴 🟠 🟡 🟢 ⚪)
-   - Formats dates, time differences, and version counts
-   - Supports incremental output (gems first, then packages)
-3. **CLI** (`lib/rubion.rb`): Provides the command-line interface
-   - Parses command-line options (`--gems-only`, `--packages-only`)
-   - Coordinates scanning and reporting
-For detailed information about data collection and mapping, see [HOW_IT_WORKS.md](HOW_IT_WORKS.md).
 ## Extending Rubion
 Rubion is designed to be easily extensible. To add new scanners:
@@ -218,7 +318,7 @@ end
 ## Contributing
-Bug reports and pull requests are welcome on GitHub at https://github.com/yourusername/rubion.
+Bug reports and pull requests are welcome on GitHub at https://github.com/bipashant/rubion.
 1. Fork it
 2. Create your feature branch (`git checkout -b feature/my-new-feature`)
@@ -230,36 +330,16 @@ Bug reports and pull requests are welcome on GitHub at https://github.com/yourus
 The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
-## Code of Conduct
-Everyone interacting in the Rubion project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the code of conduct.
 ## Support
 If you have any questions or need help, please:
-- Open an issue on GitHub
+- Open an issue on GitHub: https://github.com/bipashant/rubion/issues
 - Check the documentation
-- Contact the maintainers
-## Performance
-Rubion is optimized for speed:
-- **Parallel API Processing**: Uses 10 concurrent threads to fetch version data from RubyGems.org and NPM registry
-- **Single API Call Per Package**: Fetches all necessary data (dates, version list) in one request
-- **Incremental Output**: Shows gem results immediately, then scans packages (better UX)
-- **Progress Indicators**: Shows real-time progress like "Checking Ruby gems... 10/54"
-Typical scan times:
-- Gems only: ~4-5 seconds (for ~140 gems)
-- Packages only: ~3-4 seconds (for ~50 packages)
-- Both: ~7-9 seconds total
+- Review the [CHANGELOG.md](CHANGELOG.md) for recent changes
 ## Roadmap
 Future features planned:
-- [ ] Sorting options (by severity, name, date, etc.)
-- [ ] Filtering options (by severity, outdated threshold, etc.)
 - [ ] Export formats (JSON, CSV, HTML)
 - [ ] Summary statistics
 - [ ] Update command suggestions
@@ -275,4 +355,3 @@ Future features planned:
 - Built with [terminal-table](https://github.com/tj/terminal-table)
 - Inspired by tools like `bundle-audit` and `npm audit`

data/lib/rubion/version.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 module Rubion
-  VERSION = "0.3.10"
+  VERSION = "0.3.11"
 end

data/rubion.gemspec CHANGED Viewed

@@ -1,36 +1,179 @@
 # frozen_string_literal: true
-require_relative "lib/rubion/version"
+require_relative 'lib/rubion/version'
 Gem::Specification.new do |spec|
-  spec.name = "rubion"
+  spec.name = 'rubion'
   spec.version = Rubion::VERSION
-  spec.authors = ["bipashant"]
-  spec.email = ["bs_chapagain@hotmail.com"]
+  spec.authors = ['bipashant']
+  spec.email = ['bs_chapagain@hotmail.com']
-  spec.summary = "Security and version scanner for Ruby and JavaScript projects"
-  spec.description = "Rubion scans your project for Ruby gem vulnerabilities, outdated gems, NPM package vulnerabilities, and outdated packages. It provides a clean, organized report with actionable insights."
-  spec.homepage = "https://github.com/bipashant/rubion"
-  spec.license = "MIT"
-  spec.required_ruby_version = ">= 2.6.0"
+  spec.summary = 'Security and version scanner for Ruby and JavaScript projects'
+  spec.description = <<~DESC
+    Rubion is a comprehensive security and version scanner for Ruby and JavaScript projects.
+    It helps you identify vulnerabilities and outdated dependencies in your Ruby gems and NPM/JavaScript packages.
-  spec.metadata["homepage_uri"] = spec.homepage
-  spec.metadata["source_code_uri"] = "https://github.com/bipashant/rubion"
-  spec.metadata["changelog_uri"] = "https://github.com/bipashant/rubion/blob/main/CHANGELOG.md"
-  spec.metadata["bug_tracker_uri"] = "https://github.com/bipashant/rubion/issues"
+    ## Features
+    - 📛 Gem Vulnerabilities: Scans for known security vulnerabilities in Ruby gems using bundle-audit
+    - 📦 Gem Versions: Identifies outdated Ruby gems with release dates and version counts
+    - 📛 Package Vulnerabilities: Scans for known security vulnerabilities in NPM/JavaScript packages
+    - 📦 Package Versions: Identifies outdated NPM/JavaScript packages with release dates
+    - 🎯 Direct Dependencies: Highlights direct dependencies (from Gemfile/package.json) in bold text
+    - 🔍 Filtering: Option to show only direct dependencies with --exclude-dependencies flag
+    - 📊 Sorting: Sort results by any column (Name, Current, Date, Latest, Behind By(Time), Behind By(Versions))
+    - 🚀 Fast & Efficient: Parallel API processing (10 concurrent threads) for quick results
+    - 📦 Multi-Package Manager: Supports both npm and yarn with automatic detection
+    ## Installation
+    ```bash
+    gem install rubion
+    ```
+    Or add to your Gemfile:
+    ```ruby
+    gem 'rubion', '~> 0.3.10'
+    ```
+    ## Usage
+    ### Basic Scan
+    ```bash
+    rubion scan
+    ```
+    ### Scan Options
+    ```bash
+    # Scan only Ruby gems
+    rubion scan --gems-only
+    # or
+    rubion scan -g
+    # Scan only NPM packages
+    rubion scan --packages-only
+    # or
+    rubion scan -p
+    # Sort by column
+    rubion scan --sort-by Name
+    rubion scan --sort-by "Behind By(Time)" --desc
+    # Show only direct dependencies
+    rubion scan --exclude-dependencies
+    ```
+    ### Example Output
+    Complete Scan Output:
+    ```
+    🔍 Scanning project at: /path/to/project
+    📦 Checking Ruby gems... 139/139 ✓
+    Gem Vulnerabilities:
+    +----------+--------+---------+------------------------------------------+
+    | Level    | Name   | Version | Vulnerability                            |
+    +----------+--------+---------+------------------------------------------+
+    | 🔴 Critical | rexml | 3.4.1   | REXML has DoS condition when parsing... |
+    | 🟠 High  | rack   | 2.0.8   | Denial of Service vulnerability         |
+    | 🟡 Medium | nokogiri | 1.13.8 | XML parsing vulnerability              |
+    | 🟢 Low   | json   | 2.6.1   | JSON parsing issue                      |
+    +----------+--------+---------+------------------------------------------+
+    Gem Versions:
+    +------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
+    | Name             | Current | Current version released on | Latest  | Latest version released on | Behind By(Time) ↓ | Behind By(Versions) |
+    +------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
+    | sidekiq          | 7.30    | 3/5/2024                 | 8.1     | 11/11/2025               | 1 year           | 15                |
+    | rails             | 7.0.0   | 12/15/2022               | 7.1.0   | 10/4/2024                | 1 year 10 months | 8                 |
+    | fastimage         | 2.2.7   | 2/2/2025                  | 2.3.2   | 9/9/2025                 | 7 months         | 3                 |
+    | nokogiri          | 1.13.8 | 5/10/2023                 | 1.15.0  | 8/20/2024                | 1 year 3 months  | 12                |
+    | redis             | 4.8.0  | 1/15/2023                 | 5.0.0   | 11/1/2024                | 1 year 9 months  | 20                |
+    | pg                | 1.4.0  | 3/20/2023                 | 1.5.0   | 9/15/2024                | 1 year 5 months  | 6                 |
+    +------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
+    📦 Checking NPM packages... 45/45 ✓
+    Package Vulnerabilities:
+    +----------+--------+---------+------------------------------------------+
+    | Level    | Name   | Version | Vulnerability                            |
+    +----------+--------+---------+------------------------------------------+
+    | 🔴 Critical | lodash | 4.17.20 | Prototype pollution vulnerability    |
+    | 🟠 High  | moment | 2.29.1  | Wrong timezone date calculation         |
+    | 🟡 Medium | axios  | 0.21.1  | Server-Side Request Forgery (SSRF)      |
+    | 🟢 Low   | debug  | 4.3.1   | Regular Expression Denial of Service   |
+    +----------+--------+---------+------------------------------------------+
+    Package Versions:
+    +------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
+    | Name             | Current | Current version released on | Latest  | Latest version released on | Behind By(Time) ↓ | Behind By(Versions) |
+    +------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
+    | react             | 17.0.2 | 3/3/2021                  | 18.2.0  | 6/14/2023                | 2 years 3 months | 45                |
+    | vue               | 3.2.0  | 8/5/2021                  | 3.3.0   | 5/18/2023                | 1 year 9 months  | 8                 |
+    | jquery            | 3.7.1  | 4/5/2024                  | 3.9.1   | 10/11/2025               | 1 year           | 8                 |
+    | express           | 4.18.0 | 4/25/2022                 | 4.18.2  | 8/15/2023                | 1 year 3 months  | 2                 |
+    | webpack           | 5.70.0 | 3/1/2022                  | 5.88.0  | 6/1/2023                 | 1 year 3 months  | 18                |
+    | typescript        | 4.7.0  | 5/24/2022                 | 5.1.0   | 5/25/2023                | 1 year           | 12                |
+    +------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
+    ```
+    Direct Dependencies Only (with --exclude-dependencies):
+    ```
+    Gem Versions:
+    +----------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
+    | Name     | Current | Current version released on | Latest  | Latest version released on | Behind By(Time) ↓ | Behind By(Versions) |
+    +----------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
+    | **rails**| 7.0.0   | 12/15/2022               | 7.1.0   | 10/4/2024                | 1 year 10 months | 8                 |
+    | **sidekiq**| 7.30  | 3/5/2024                 | 8.1     | 11/11/2025               | 1 year           | 15                |
+    | **pg**   | 1.4.0  | 3/20/2023                 | 1.5.0   | 9/15/2024                | 1 year 5 months  | 6                 |
+    +----------+---------+--------------------------+---------+--------------------------+------------------+-------------------+
+    ```
+    Note: Direct dependencies (from Gemfile or package.json) are displayed in bold text in the version tables.
+    ## Requirements
+    - Ruby 2.6 or higher
+    - Bundler (for Ruby gem scanning)
+    - NPM or Yarn (optional, for JavaScript package scanning)
+    - bundler-audit (optional, install with: gem install bundler-audit)
+    ## Documentation
+    For more information, visit: https://github.com/bipashant/rubion
+  DESC
+  spec.homepage = 'https://github.com/bipashant/rubion'
+  spec.license = 'MIT'
+  spec.required_ruby_version = '>= 2.6.0'
+  spec.metadata['homepage_uri'] = spec.homepage
+  spec.metadata['source_code_uri'] = 'https://github.com/bipashant/rubion'
+  spec.metadata['changelog_uri'] = 'https://github.com/bipashant/rubion/blob/main/CHANGELOG.md'
+  spec.metadata['bug_tracker_uri'] = 'https://github.com/bipashant/rubion/issues'
+  spec.metadata['rubygems_mfa_required'] = 'true'
   # Specify which files should be added to the gem when it is released.
-  spec.files = Dir.glob("{bin,lib}/**/*") + %w[README.md LICENSE Gemfile rubion.gemspec]
-  spec.bindir = "bin"
-  spec.executables = ["rubion"]
-  spec.require_paths = ["lib"]
+  spec.files = Dir.glob('{bin,lib}/**/*') + %w[README.md LICENSE Gemfile rubion.gemspec]
+  spec.bindir = 'bin'
+  spec.executables = ['rubion']
+  spec.require_paths = ['lib']
   # Runtime dependencies
-  spec.add_dependency "terminal-table", "~> 3.0"
+  spec.add_dependency 'terminal-table', '~> 3.0'
   # Development dependencies
-  spec.add_development_dependency "rake", "~> 13.0"
-  spec.add_development_dependency "rspec", "~> 3.12"
-  spec.add_development_dependency "rubocop", "~> 1.21"
+  spec.add_development_dependency 'rake', '~> 13.0'
+  spec.add_development_dependency 'rspec', '~> 3.12'
+  spec.add_development_dependency 'rubocop', '~> 1.21'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rubion
 version: !ruby/object:Gem::Version
-  version: 0.3.10
+  version: 0.3.11
 platform: ruby
 authors:
 - bipashant
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-11-14 00:00:00.000000000 Z
+date: 2025-11-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: terminal-table
@@ -66,9 +66,76 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.21'
-description: Rubion scans your project for Ruby gem vulnerabilities, outdated gems,
-  NPM package vulnerabilities, and outdated packages. It provides a clean, organized
-  report with actionable insights.
+description: "Rubion is a comprehensive security and version scanner for Ruby and
+  JavaScript projects.\nIt helps you identify vulnerabilities and outdated dependencies
+  in your Ruby gems and NPM/JavaScript packages.\n\n## Features\n\n- \U0001F4DB Gem
+  Vulnerabilities: Scans for known security vulnerabilities in Ruby gems using bundle-audit\n-
+  \U0001F4E6 Gem Versions: Identifies outdated Ruby gems with release dates and version
+  counts\n- \U0001F4DB Package Vulnerabilities: Scans for known security vulnerabilities
+  in NPM/JavaScript packages\n- \U0001F4E6 Package Versions: Identifies outdated NPM/JavaScript
+  packages with release dates\n- \U0001F3AF Direct Dependencies: Highlights direct
+  dependencies (from Gemfile/package.json) in bold text\n- \U0001F50D Filtering: Option
+  to show only direct dependencies with --exclude-dependencies flag\n- \U0001F4CA
+  Sorting: Sort results by any column (Name, Current, Date, Latest, Behind By(Time),
+  Behind By(Versions))\n- \U0001F680 Fast & Efficient: Parallel API processing (10
+  concurrent threads) for quick results\n- \U0001F4E6 Multi-Package Manager: Supports
+  both npm and yarn with automatic detection\n\n## Installation\n\n```bash\ngem install
+  rubion\n```\n\nOr add to your Gemfile:\n\n```ruby\ngem 'rubion', '~> 0.3.10'\n```\n\n##
+  Usage\n\n### Basic Scan\n\n```bash\nrubion scan\n```\n\n### Scan Options\n\n```bash\n#
+  Scan only Ruby gems\nrubion scan --gems-only\n# or\nrubion scan -g\n\n# Scan only
+  NPM packages\nrubion scan --packages-only\n# or\nrubion scan -p\n\n# Sort by column\nrubion
+  scan --sort-by Name\nrubion scan --sort-by \"Behind By(Time)\" --desc\n\n# Show
+  only direct dependencies\nrubion scan --exclude-dependencies\n```\n\n### Example
+  Output\n\nComplete Scan Output:\n\n```\n\U0001F50D Scanning project at: /path/to/project\n\n\U0001F4E6
+  Checking Ruby gems... 139/139 ✓\n\nGem Vulnerabilities:\n\n+----------+--------+---------+------------------------------------------+\n|
+  Level    | Name   | Version | Vulnerability                            |\n+----------+--------+---------+------------------------------------------+\n|
+  \U0001F534 Critical | rexml | 3.4.1   | REXML has DoS condition when parsing...
+  |\n| \U0001F7E0 High  | rack   | 2.0.8   | Denial of Service vulnerability         |\n|
+  \U0001F7E1 Medium | nokogiri | 1.13.8 | XML parsing vulnerability              |\n|
+  \U0001F7E2 Low   | json   | 2.6.1   | JSON parsing issue                      |\n+----------+--------+---------+------------------------------------------+\n\nGem
+  Versions:\n\n+------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+\n|
+  Name             | Current | Current version released on | Latest  | Latest version
+  released on | Behind By(Time) ↓ | Behind By(Versions) |\n+------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+\n|
+  sidekiq          | 7.30    | 3/5/2024                 | 8.1     | 11/11/2025               |
+  1 year           | 15                |\n| rails             | 7.0.0   | 12/15/2022
+  \              | 7.1.0   | 10/4/2024                | 1 year 10 months | 8                 |\n|
+  fastimage         | 2.2.7   | 2/2/2025                  | 2.3.2   | 9/9/2025                 |
+  7 months         | 3                 |\n| nokogiri          | 1.13.8 | 5/10/2023
+  \                | 1.15.0  | 8/20/2024                | 1 year 3 months  | 12                |\n|
+  redis             | 4.8.0  | 1/15/2023                 | 5.0.0   | 11/1/2024                |
+  1 year 9 months  | 20                |\n| pg                | 1.4.0  | 3/20/2023
+  \                | 1.5.0   | 9/15/2024                | 1 year 5 months  | 6                 |\n+------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+\n\n\U0001F4E6
+  Checking NPM packages... 45/45 ✓\n\nPackage Vulnerabilities:\n\n+----------+--------+---------+------------------------------------------+\n|
+  Level    | Name   | Version | Vulnerability                            |\n+----------+--------+---------+------------------------------------------+\n|
+  \U0001F534 Critical | lodash | 4.17.20 | Prototype pollution vulnerability    |\n|
+  \U0001F7E0 High  | moment | 2.29.1  | Wrong timezone date calculation         |\n|
+  \U0001F7E1 Medium | axios  | 0.21.1  | Server-Side Request Forgery (SSRF)      |\n|
+  \U0001F7E2 Low   | debug  | 4.3.1   | Regular Expression Denial of Service   |\n+----------+--------+---------+------------------------------------------+\n\nPackage
+  Versions:\n\n+------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+\n|
+  Name             | Current | Current version released on | Latest  | Latest version
+  released on | Behind By(Time) ↓ | Behind By(Versions) |\n+------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+\n|
+  react             | 17.0.2 | 3/3/2021                  | 18.2.0  | 6/14/2023                |
+  2 years 3 months | 45                |\n| vue               | 3.2.0  | 8/5/2021
+  \                 | 3.3.0   | 5/18/2023                | 1 year 9 months  | 8                 |\n|
+  jquery            | 3.7.1  | 4/5/2024                  | 3.9.1   | 10/11/2025               |
+  1 year           | 8                 |\n| express           | 4.18.0 | 4/25/2022
+  \                | 4.18.2  | 8/15/2023                | 1 year 3 months  | 2                 |\n|
+  webpack           | 5.70.0 | 3/1/2022                  | 5.88.0  | 6/1/2023                 |
+  1 year 3 months  | 18                |\n| typescript        | 4.7.0  | 5/24/2022
+  \                | 5.1.0   | 5/25/2023                | 1 year           | 12                |\n+------------------+---------+--------------------------+---------+--------------------------+------------------+-------------------+\n```\n\nDirect
+  Dependencies Only (with --exclude-dependencies):\n\n```\nGem Versions:\n\n+----------+---------+--------------------------+---------+--------------------------+------------------+-------------------+\n|
+  Name     | Current | Current version released on | Latest  | Latest version released
+  on | Behind By(Time) ↓ | Behind By(Versions) |\n+----------+---------+--------------------------+---------+--------------------------+------------------+-------------------+\n|
+  **rails**| 7.0.0   | 12/15/2022               | 7.1.0   | 10/4/2024                |
+  1 year 10 months | 8                 |\n| **sidekiq**| 7.30  | 3/5/2024                 |
+  8.1     | 11/11/2025               | 1 year           | 15                |\n| **pg**
+  \  | 1.4.0  | 3/20/2023                 | 1.5.0   | 9/15/2024                | 1
+  year 5 months  | 6                 |\n+----------+---------+--------------------------+---------+--------------------------+------------------+-------------------+\n```\n\nNote:
+  Direct dependencies (from Gemfile or package.json) are displayed in bold text in
+  the version tables.\n\n## Requirements\n\n- Ruby 2.6 or higher\n- Bundler (for Ruby
+  gem scanning)\n- NPM or Yarn (optional, for JavaScript package scanning)\n- bundler-audit
+  (optional, install with: gem install bundler-audit)\n\n## Documentation\n\nFor more
+  information, visit: https://github.com/bipashant/rubion\n"
 email:
 - bs_chapagain@hotmail.com
 executables:
@@ -93,6 +160,7 @@ metadata:
   source_code_uri: https://github.com/bipashant/rubion
   changelog_uri: https://github.com/bipashant/rubion/blob/main/CHANGELOG.md
   bug_tracker_uri: https://github.com/bipashant/rubion/issues
+  rubygems_mfa_required: 'true'
 post_install_message:
 rdoc_options: []
 require_paths: