still_active 0.5.0 → 1.0.0

data/lib/helpers/activity_helper.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+require_relative "../still_active/core_ext"
+
+module StillActive
+  module ActivityHelper
+    extend self
+
+    using StillActive::CoreExt
+
+    # Returns :ok, :stale, :critical, or :unknown
+    def activity_level(gem_data)
+      most_recent = [
+        gem_data[:last_commit_date],
+        gem_data[:latest_version_release_date],
+        gem_data[:latest_pre_release_version_release_date],
+      ].compact.max
+
+      return :unknown if most_recent.nil?
+
+      config = StillActive.config
+      if most_recent >= config.no_warning_range_end.years.ago
+        :ok
+      elsif most_recent >= config.warning_range_end.years.ago
+        :stale
+      else
+        :critical
+      end
+    end
+  end
+end

data/lib/helpers/ansi_helper.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module StillActive
+  module AnsiHelper
+    extend self
+
+    RESET = "\e[0m"
+    ANSI_PATTERN = /\e\[[0-9;]*m/
+
+    def green(text) = "\e[32m#{text}#{RESET}"
+    def yellow(text) = "\e[33m#{text}#{RESET}"
+    def red(text) = "\e[31m#{text}#{RESET}"
+    def dim(text) = "\e[2m#{text}#{RESET}"
+    def bold(text) = "\e[1m#{text}#{RESET}"
+
+    def visible_length(text)
+      text.gsub(ANSI_PATTERN, "").length
+    end
+
+    def pad(text, width)
+      padding = width - visible_length(text)
+      padding > 0 ? "#{text}#{" " * padding}" : text
+    end
+  end
+end

data/lib/helpers/emoji_helper.rb

@@ -1,26 +1,17 @@
 # frozen_string_literal: true
 
-require "active_support/isolated_execution_state"
-require "active_support/core_ext/integer/time"
+require_relative "activity_helper"
 
 module StillActive
   module EmojiHelper
     extend self
-    def inactive_gem_emoji(result_hash)
-      most_recent_activity = [
-        result_hash.dig(:last_commit_date),
-        result_hash.dig(:latest_version_release_date),
-        result_hash.dig(:latest_pre_release_version_release_date),
-      ].compact.sort.last
-      return StillActive.config.unsure_emoji if most_recent_activity.nil?
 
-      case most_recent_activity
-      when (StillActive.config.no_warning_range_end.years.ago)..(Time.now)
-        ""
-      when (StillActive.config.warning_range_end.years.ago)..(StillActive.config.no_warning_range_end.years.ago)
-        StillActive.config.warning_emoji
-      else
-        StillActive.config.critical_warning_emoji
+    def inactive_gem_emoji(result_hash)
+      case ActivityHelper.activity_level(result_hash)
+      when :ok then ""
+      when :stale then StillActive.config.warning_emoji
+      when :critical then StillActive.config.critical_warning_emoji
+      when :unknown then StillActive.config.unsure_emoji
       end
     end
 

data/lib/helpers/http_helper.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+require "net/http"
+require "json"
+
+module StillActive
+  module HttpHelper
+    extend self
+
+    def get_json(base_uri, path, headers: {}, params: {})
+      uri = base_uri.dup
+      uri.path = path
+      uri.query = URI.encode_www_form(params) unless params.empty?
+
+      http = Net::HTTP.new(uri.host, uri.port)
+      http.use_ssl = true
+      http.open_timeout = 10
+      http.read_timeout = 10
+
+      request = Net::HTTP::Get.new(uri)
+      headers.each { |key, value| request[key] = value }
+
+      response = http.request(request)
+      return unless response.is_a?(Net::HTTPSuccess)
+
+      JSON.parse(response.body)
+    rescue Net::OpenTimeout, Net::ReadTimeout, SocketError, Errno::ECONNREFUSED, JSON::ParserError
+      nil
+    end
+  end
+end

data/lib/helpers/markdown_helper.rb

@@ -3,78 +3,89 @@
 module StillActive
   module MarkdownHelper
     extend self
+
     def markdown_table_header_line
-      "| gem activity old? | up to date? | name | version used | release date | latest version | release date | latest pre-release version  | release date | last commit date |\n" \
-        "| ----------------- | ----------- | ---- | ------------ | ------------ | -------------- | ------------ | --------------------------- | ------------ | ---------------- |"
+      "| activity | up to date? | OpenSSF | vulns | name | version used | latest version | latest pre-release | last commit |\n" \
+        "| -------- | ----------- | ------- | ----- | ---- | ------------ | -------------- | ------------------ | ----------- |"
     end
 
     def markdown_table_body_line(gem_name:, data:)
       repository_url = data[:repository_url]
       ruby_gems_url = data[:ruby_gems_url]
 
-      version_used = data.dig(:version_used)
-      version_used_url =
-        if version_used && ruby_gems_url
-          "#{ruby_gems_url}/versions/#{version_used}"
-        end
-      version_used_release_date = data.dig(:version_used_release_date)
-
-      latest_version = data[:latest_version]
-      latest_version_url =
-        if latest_version && ruby_gems_url
-          "#{ruby_gems_url}/versions/#{latest_version}"
-        end
-      latest_version_release_date = data.dig(:latest_version_release_date)
-
-      latest_version_prerelease = data.dig(:latest_pre_release_version)
-      latest_version_prerelease_url =
-        if latest_version_prerelease && ruby_gems_url
-          "#{ruby_gems_url}/versions/#{latest_version_prerelease}"
-        end
-      latest_version_prerelease_date = data.dig(:latest_pre_release_version_release_date)
-
-      last_commit_date = data.dig(:last_commit_date)
-      last_commit_url = repository_url
-
-      inactive_repository_emoji = data.dig(:last_activity_warning_emoj)
-      using_latest_version_emoji = data.dig(:up_to_date_emoji)
+      inactive_repository_emoji = data[:last_activity_warning_emoji]
+      using_latest_version_emoji = data[:up_to_date_emoji]
 
       formatted_name = markdown_url(text: gem_name, url: repository_url)
 
-      formatted_version_used = markdown_url(text: version_used, url: version_used_url)
-      formatted_version_used_date = year_month(version_used_release_date)
+      formatted_version_used = version_with_date(
+        text: data[:version_used],
+        url: version_url(ruby_gems_url, data[:version_used]),
+        date: data[:version_used_release_date],
+      )
 
-      formatted_latest_release_version = markdown_url(text: latest_version, url: latest_version_url)
-      formatted_latest_release_date = year_month(latest_version_release_date)
+      formatted_latest_version = version_with_date(
+        text: data[:latest_version],
+        url: version_url(ruby_gems_url, data[:latest_version]),
+        date: data[:latest_version_release_date],
+      )
 
-      formatted_latest_pre_release_version = markdown_url(
-        text: latest_version_prerelease,
-        url: latest_version_prerelease_url,
+      formatted_latest_pre_release = version_with_date(
+        text: data[:latest_pre_release_version],
+        url: version_url(ruby_gems_url, data[:latest_pre_release_version]),
+        date: data[:latest_pre_release_version_release_date],
       )
-      formatted_latest_pre_release_date = year_month(latest_version_prerelease_date)
-
-      formatted_last_commit_date = markdown_url(text: year_month(last_commit_date), url: last_commit_url)
-
-      formatted_markdown_table_line =
-        [
-          inactive_repository_emoji || StillActive.config.unsure_emoji,
-          using_latest_version_emoji || StillActive.config.unsure_emoji,
-          formatted_name,
-          formatted_version_used,
-          formatted_version_used_date || StillActive.config.unsure_emoji,
-          formatted_latest_release_version || StillActive.config.unsure_emoji,
-          formatted_latest_release_date || StillActive.config.unsure_emoji,
-          formatted_latest_pre_release_version || StillActive.config.unsure_emoji,
-          formatted_latest_pre_release_date || StillActive.config.unsure_emoji,
-          formatted_last_commit_date || StillActive.config.unsure_emoji,
-        ]
-          .join(" | ")
-
-      "| #{formatted_markdown_table_line} |"
+
+      formatted_last_commit = markdown_url(text: year_month(data[:last_commit_date]), url: repository_url)
+
+      unsure = StillActive.config.unsure_emoji
+
+      cells = [
+        inactive_repository_emoji || unsure,
+        using_latest_version_emoji || unsure,
+        format_scorecard(data[:scorecard_score]),
+        format_vulns(data[:vulnerability_count]),
+        formatted_name,
+        formatted_version_used || unsure,
+        formatted_latest_version || unsure,
+        formatted_latest_pre_release || unsure,
+        formatted_last_commit || unsure,
+      ]
+
+      "| #{cells.join(" | ")} |"
     end
 
     private
 
+    def version_with_date(text:, url:, date:)
+      version_part = markdown_url(text: text, url: url)
+      return if version_part.nil?
+
+      date_part = year_month(date)
+      return version_part unless date_part
+
+      "#{version_part} (#{date_part})"
+    end
+
+    def version_url(ruby_gems_url, version)
+      return if ruby_gems_url.nil? || version.nil?
+
+      "#{ruby_gems_url}/versions/#{version}"
+    end
+
+    def format_scorecard(score)
+      return StillActive.config.unsure_emoji if score.nil?
+
+      "#{score}/10"
+    end
+
+    def format_vulns(count)
+      return StillActive.config.unsure_emoji if count.nil?
+      return StillActive.config.success_emoji if count.zero?
+
+      count.to_s
+    end
+
     def markdown_url(text:, url:)
       return text if url.nil?
 

data/lib/helpers/terminal_helper.rb

@@ -0,0 +1,118 @@
+# frozen_string_literal: true
+
+require_relative "activity_helper"
+require_relative "ansi_helper"
+require_relative "version_helper"
+
+module StillActive
+  module TerminalHelper
+    extend self
+
+    HEADERS = ["Name", "Version", "Activity", "OpenSSF", "Vulns"].freeze
+
+    def render(result)
+      rows = result.keys.sort.map { |name| build_row(name, result[name]) }
+      widths = column_widths(rows)
+
+      lines = []
+      lines << header_line(widths)
+      lines << separator_line(widths)
+      rows.each { |row| lines << row_line(row, widths) }
+      lines << ""
+      lines << summary_line(result)
+      lines.join("\n")
+    end
+
+    private
+
+    def build_row(name, data)
+      [
+        name,
+        format_version(data),
+        format_activity(data),
+        format_scorecard(data[:scorecard_score]),
+        format_vulns(data[:vulnerability_count]),
+      ]
+    end
+
+    def format_version(data)
+      used = data[:version_used]
+      latest = data[:latest_version]
+      return AnsiHelper.dim("-") if used.nil? && latest.nil?
+
+      if VersionHelper.up_to_date(version_used: used, latest_version: latest)
+        AnsiHelper.green("#{used} (latest)")
+      elsif latest
+        AnsiHelper.yellow("#{used} → #{latest}")
+      else
+        used.to_s
+      end
+    end
+
+    def format_activity(data)
+      case ActivityHelper.activity_level(data)
+      when :ok then AnsiHelper.green("ok")
+      when :stale then AnsiHelper.yellow("stale")
+      when :critical then AnsiHelper.red("critical")
+      when :unknown then AnsiHelper.dim("-")
+      end
+    end
+
+    def format_scorecard(score)
+      score.nil? ? AnsiHelper.dim("-") : "#{score}/10"
+    end
+
+    def format_vulns(count)
+      return AnsiHelper.dim("-") if count.nil?
+      return AnsiHelper.green("0") if count.zero?
+
+      AnsiHelper.red(count.to_s)
+    end
+
+    def column_widths(rows)
+      return HEADERS.map { |h| h.length + 2 } if rows.empty?
+
+      HEADERS.zip(rows.transpose).map do |header, cells|
+        widths = cells.map { AnsiHelper.visible_length(_1) }
+        [header.length, *widths].max + 2
+      end
+    end
+
+    def header_line(widths)
+      HEADERS.zip(widths)
+        .map { |h, w| AnsiHelper.pad(AnsiHelper.bold(h), w) }
+        .join
+    end
+
+    def separator_line(widths)
+      AnsiHelper.dim(widths.map { |w| "─" * w }.join)
+    end
+
+    def row_line(row, widths)
+      row.zip(widths)
+        .map { |cell, w| AnsiHelper.pad(cell, w) }
+        .join
+    end
+
+    def summary_line(result)
+      total = result.size
+      level_counts = result.each_value.map { |d| ActivityHelper.activity_level(d) }.tally
+      version_counts = result.each_value
+        .map { |d| VersionHelper.up_to_date(version_used: d[:version_used], latest_version: d[:latest_version]) }
+        .tally
+
+      up_to_date = version_counts.fetch(true, 0)
+      outdated = version_counts.fetch(false, 0)
+      active = level_counts.fetch(:ok, 0)
+      stale = level_counts.fetch(:stale, 0) + level_counts.fetch(:critical, 0)
+      vulns = result.each_value.sum { |d| d[:vulnerability_count] || 0 }
+
+      parts = [
+        "#{total} gems: #{up_to_date} up to date, #{outdated} outdated",
+        "#{active} active, #{stale} stale",
+        "#{vulns} vulnerabilities",
+      ]
+      parts.join(" · ")
+    end
+  end
+end

data/lib/helpers/version_helper.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require "time"
+
 module StillActive
   module VersionHelper
     extend self
@@ -14,27 +16,16 @@ module StillActive
       end
     end
 
-    def up_to_date?(version_used:, latest_version: nil, latest_pre_release_version: nil)
-      return nil if latest_version.nil? && latest_pre_release_version.nil?
+    def up_to_date(version_used:, latest_version: nil, latest_pre_release_version: nil)
+      return if latest_version.nil? && latest_pre_release_version.nil?
 
-      version_used = if version_used.is_a?(String)
-        version_used
-      else
-        gem_version(version_hash: version_used)
-      end
+      used = to_gem_version(version_used)
+      return if used.nil?
 
-      latest_version = if latest_version.is_a?(String)
-        latest_version
-      else
-        gem_version(version_hash: latest_version)
-      end
-      latest_pre_release_version = if latest_pre_release_version.is_a?(String)
-        latest_pre_release_version
-      else
-        gem_version(version_hash: latest_pre_release_version)
-      end
-
-      [latest_version, latest_pre_release_version].include?(version_used)
+      [latest_version, latest_pre_release_version]
+        .compact
+        .filter_map { |v| to_gem_version(v) }
+        .any? { |v| used >= v }
     end
 
     def gem_version(version_hash:)
@@ -46,5 +37,16 @@ module StillActive
 
       Time.parse(release_date) unless release_date.nil?
     end
+
+    private
+
+    def normalize_version(version)
+      version.is_a?(String) ? version : gem_version(version_hash: version)
+    end
+
+    def to_gem_version(version)
+      str = normalize_version(version)
+      Gem::Version.new(str) if str
+    end
   end
 end

data/lib/still_active/cli.rb

@@ -1,16 +1,16 @@
 # frozen_string_literal: true
 
 require_relative "options"
+require_relative "../helpers/activity_helper"
 require_relative "../helpers/bundler_helper"
 require_relative "../helpers/emoji_helper"
 require_relative "../helpers/markdown_helper"
+require_relative "../helpers/terminal_helper"
 require_relative "../helpers/version_helper"
 require_relative "workflow"
-# require "cli/ui"
 
 module StillActive
   class CLI
-    include VersionHelper
     def run(args)
       options = Options.new.parse!(args)
       if options[:provided_gems]
@@ -20,27 +20,54 @@ module StillActive
       end
 
       result = Workflow.call
-      case StillActive.config.output_format
+
+      case resolve_format
       when :json
         puts result.to_json
+      when :terminal
+        puts TerminalHelper.render(result)
       when :markdown
-        puts MarkdownHelper.markdown_table_header_line
-        result.keys.sort.each do |name|
-          result[name].merge!({
-            last_activity_warning_emoj: EmojiHelper.inactive_gem_emoji(result[name]),
-            up_to_date_emoji: EmojiHelper.using_latest_emoji(
-              using_last_release: VersionHelper.up_to_date?(
-                version_used: result[name].dig(:version_used), latest_version: result[name].dig(:latest_version),
-              ),
-              using_last_pre_release: VersionHelper.up_to_date?(
-                version_used: result[name].dig(:version_used), latest_version: result[name].dig(:latest_pre_release_version),
-              ),
-            ),
-          })
-
-          puts MarkdownHelper.markdown_table_body_line(gem_name: name, data: result[name])
-        end
+        render_markdown(result)
+      end
+
+      check_exit_status(result)
+    end
+
+    private
+
+    def resolve_format
+      format = StillActive.config.output_format
+      return format unless format == :auto
+
+      $stdout.tty? ? :terminal : :json
+    end
+
+    def render_markdown(result)
+      puts MarkdownHelper.markdown_table_header_line
+      result.keys.sort.each do |name|
+        gem_data = result[name]
+        gem_data[:last_activity_warning_emoji] = EmojiHelper.inactive_gem_emoji(gem_data)
+        gem_data[:up_to_date_emoji] = EmojiHelper.using_latest_emoji(
+          using_last_release: VersionHelper.up_to_date(
+            version_used: gem_data[:version_used], latest_version: gem_data[:latest_version],
+          ),
+          using_last_pre_release: VersionHelper.up_to_date(
+            version_used: gem_data[:version_used], latest_pre_release_version: gem_data[:latest_pre_release_version],
+          ),
+        )
+
+        puts MarkdownHelper.markdown_table_body_line(gem_name: name, data: gem_data)
       end
     end
+
+    def check_exit_status(result)
+      config = StillActive.config
+      return unless config.fail_if_critical || config.fail_if_warning
+
+      levels = result.each_value.map { |gem_data| ActivityHelper.activity_level(gem_data) }
+
+      exit(1) if config.fail_if_warning && levels.intersect?([:stale, :critical])
+      exit(1) if config.fail_if_critical && levels.include?(:critical)
+    end
   end
 end

data/lib/still_active/config.rb

@@ -1,14 +1,18 @@
 # frozen_string_literal: true
 
 require "bundler"
+require "octokit"
 
 module StillActive
   class Config
     attr_accessor :critical_warning_emoji,
+      :fail_if_critical,
+      :fail_if_warning,
       :futurist_emoji,
       :gemfile_path,
       :gems,
       :github_oauth_token,
+      :gitlab_token,
       :output_format,
       :parallelism,
       :no_warning_range_end,
@@ -18,12 +22,16 @@ module StillActive
       :warning_range_end
 
     def initialize
+      @fail_if_critical = false
+      @fail_if_warning = false
       @gemfile_path = Bundler.default_gemfile.to_s
       @gems = []
+      @github_oauth_token = ENV["GITHUB_TOKEN"]
+      @gitlab_token = ENV["GITLAB_TOKEN"]
 
       @parallelism = 10
 
-      @output_format = :markdown
+      @output_format = :auto
 
       @critical_warning_emoji = "🚩"
       @futurist_emoji = "🔮"
@@ -37,7 +45,7 @@ module StillActive
 
     def github_client
       @github_client ||=
-        Github.new(oauth_token: github_oauth_token)
+        Octokit::Client.new(access_token: github_oauth_token)
     end
   end
 end

data/lib/still_active/core_ext.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module StillActive
+  module CoreExt
+    SECONDS_PER_YEAR = 31_556_952 # Gregorian average (365.2425 days)
+
+    refine Numeric do
+      def days = self * 86_400
+      def years = self * SECONDS_PER_YEAR
+      def ago = Time.now - self
+    end
+  end
+end

data/lib/still_active/deps_dev_client.rb

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+require_relative "../helpers/http_helper"
+
+module StillActive
+  module DepsDevClient
+    extend self
+
+    BASE_URI = URI("https://api.deps.dev/")
+
+    def version_info(gem_name:, version:)
+      return if gem_name.nil? || version.nil?
+
+      path = "/v3alpha/systems/rubygems/packages/#{encode(gem_name)}/versions/#{encode(version)}"
+      body = HttpHelper.get_json(BASE_URI, path)
+      return if body.nil?
+
+      {
+        advisory_keys: body.dig("advisoryKeys")&.map { |a| a["id"] } || [],
+        project_id: extract_project_id(body),
+      }
+    end
+
+    def project_scorecard(project_id:)
+      return if project_id.nil?
+
+      path = "/v3alpha/projects/#{encode(project_id)}"
+      body = HttpHelper.get_json(BASE_URI, path)
+      return if body.nil?
+
+      scorecard = body["scorecard"]
+      return if scorecard.nil?
+
+      {
+        score: scorecard["overallScore"],
+        date: scorecard["date"],
+      }
+    end
+
+    private
+
+    # Extracts "host/owner/repo" from the SOURCE_REPO link URL.
+    # URLs may have trailing slashes or extra path segments (e.g. /tree/v1.0).
+    def extract_project_id(body)
+      url = body.dig("links")&.find { |l| l["label"] == "SOURCE_REPO" }&.dig("url")
+      return if url.nil?
+
+      path = url.delete_prefix("https://").delete_prefix("http://")
+      segments = path.split("/")
+      segments[0..2].join("/") if segments.length >= 3
+    end
+
+    def encode(value)
+      URI.encode_www_form_component(value)
+    end
+  end
+end

data/lib/still_active/gitlab_client.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+require "time"
+require_relative "../helpers/http_helper"
+
+module StillActive
+  module GitlabClient
+    extend self
+
+    BASE_URI = URI("https://gitlab.com/")
+
+    def last_commit_date(owner:, name:)
+      return if owner.nil? || name.nil?
+
+      project_id = URI.encode_www_form_component("#{owner}/#{name}")
+      headers = {}
+      token = StillActive.config.gitlab_token
+      headers["PRIVATE-TOKEN"] = token if token
+
+      path = "/api/v4/projects/#{project_id}/repository/commits"
+      body = HttpHelper.get_json(BASE_URI, path, headers: headers, params: { per_page: 1 })
+      return if body.nil? || body.empty?
+
+      date = body.first["committed_date"]
+      Time.parse(date) if date
+    rescue ArgumentError
+      nil
+    end
+  end
+end