still_active 1.0.0 → 1.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 336b101db0d44c21bc01fa71954c4aea16c4187e051cfb07c2dae674b03efe87
-  data.tar.gz: 5f4cf5bf46f0394f1cea692704c569713eaf37590d3fe34b576d4172cdaf2cbc
+  metadata.gz: f4f584514824888d1b457c3b3662c449d5aa5ef8244cb31760ed005afc2204d3
+  data.tar.gz: 9e2c109064b073de04025c36730a171760beae79866e97bff44d4008d7cf1187
 SHA512:
-  metadata.gz: 0744ecad97a50140981afa1ad7d0083caa20b33949e973cc79bc52f0ef525d9043d70d9cabbae9954ab0841cf6790e269ba95ea7df9918f4d473d54806f3f0d5
-  data.tar.gz: 01b02c7b86fae1895880845d17be49f9d692aa1c2090fc3642fc37c2280f176b2a07dc258b9c6dd785dceb9d261f5bdfa56247399ad827907ec1c5c8b6b5f74a
+  metadata.gz: 00a1c67f51fc48961185bfcab6f6ec1a30cfa15f417a8feec70606d673f2ac7278d7dd267376af27e6670d88316ba31ae7d8d63ad3f470f94b5c483e03cbbd1e
+  data.tar.gz: bb4bc6f91c96a3f24381179cc295ea21f3f9545ef9a148f95fc53525195e6cda4111887c8d247c1bf50e59f2edd9e94ac5987609ab588300f3a612aae5228e5c

data/.gitignore

@@ -15,3 +15,4 @@
 
 # claude
 .claude/tasks/
+/docs/plans

data/CHANGELOG.md

@@ -1,5 +1,14 @@
 # Changelog
 
+## [1.0.1] - 2026-02-19
+
+### Changed
+
+- Rewrite gemspec summary and description for discoverability (mentions dependency health, outdated, vulnerabilities, abandoned gems)
+- Restructure README: problem-first opening, terminal output example, comparison table vs bundle outdated/bundler-audit/libyear-bundler, quick start guide
+- Add 13 GitHub topics for search visibility
+- Update GitHub repo description
+
 ## [1.0.0] - 2026-02-19
 
 ### Added

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    still_active (1.0.0)
+    still_active (1.0.1)
       async
       bundler (>= 2.0)
       faraday-retry
@@ -225,7 +225,7 @@ CHECKSUMS
   rubocop-shopify (2.18.0) sha256=dafa25e5617ce4600ff86b1de3d5b78e43ab3d58cc5729df38e492b8e10294eb
   ruby-progressbar (1.13.0) sha256=80fc9c47a9b640d6834e0dc7b3c94c9df37f08cb072b7761e4a71e22cff29b33
   sawyer (0.9.3) sha256=0d0f19298408047037638639fe62f4794483fb04320269169bd41af2bdcf5e41
-  still_active (1.0.0)
+  still_active (1.0.1)
   stringio (3.2.0) sha256=c37cb2e58b4ffbd33fe5cd948c05934af997b36e0b6ca6fdf43afa234cf222e1
   traces (0.18.2) sha256=80f1649cb4daace1d7174b81f3b3b7427af0b93047759ba349960cb8f315e214
   tsort (0.2.0) sha256=9650a793f6859a43b6641671278f79cfead60ac714148aabe4e3f0060480089f

data/README.md

@@ -1,23 +1,74 @@
 # `still_active`
 
-Analyses your Gemfile dependencies for staleness: latest releases, last commit dates (GitHub and GitLab), OpenSSF Scorecard scores, and known vulnerabilities via deps.dev. Outputs coloured terminal tables, markdown, or JSON with CI gating support.
+**How do you know if your Ruby dependencies are still maintained?**
 
-[![Gem Version](https://badge.fury.io/rb/still_active.svg)](https://badge.fury.io/rb/still_active)
+`bundle outdated` tells you version drift. `bundler-audit` catches known CVEs. Neither tells you whether anyone is still working on the thing. `still_active` checks maintenance activity, version freshness, security scores, and vulnerabilities for every gem in your Gemfile -- in one pass.
 
+[![Gem Version](https://badge.fury.io/rb/still_active.svg)](https://badge.fury.io/rb/still_active)
 ![Code Quality analysis](https://github.com/SeanLF/still_active/actions/workflows/codeql-analysis.yml/badge.svg)
 ![RSpec](https://github.com/SeanLF/still_active/actions/workflows/rspec.yml/badge.svg)
 ![Rubocop analysis](https://github.com/SeanLF/still_active/actions/workflows/rubocop-analysis.yml/badge.svg)
 
+```
+Name                   Version          Activity  OpenSSF  Vulns
+──────────────────────────────────────────────────────────────────
+code-scanning-rubocop  0.6.1 (latest)   stale     3.1/10   0
+debug                  1.11.1 (latest)  ok        5.2/10   0
+faker                  3.6.0 (latest)   ok        7.4/10   0
+rake                   13.3.1 (latest)  ok        5.3/10   0
+rspec                  3.13.2 (latest)  ok        6.9/10   0
+rubocop                1.84.2 (latest)  ok        5.9/10   0
+
+12 gems: 12 up to date, 0 outdated · 11 active, 1 stale · 0 vulnerabilities
+```
+
+## Why `still_active`?
+
+Most dependency tools answer one question. `still_active` answers all of them at once:
+
+|                              | `bundle outdated` | `bundler-audit` | `libyear-bundler` | **`still_active`**           |
+| ---------------------------- | ----------------- | --------------- | ----------------- | ---------------------------- |
+| Outdated versions            | Yes               | -               | Yes               | **Yes**                      |
+| Known vulnerabilities (CVEs) | -                 | Yes             | -                 | **Yes**                      |
+| OpenSSF Scorecard            | -                 | -               | -                 | **Yes**                      |
+| Last commit activity         | -                 | -               | -                 | **Yes**                      |
+| GitLab support               | -                 | -               | -                 | **Yes**                      |
+| CI quality gates             | -                 | Exit code       | -                 | **Yes**                      |
+| Multiple output formats      | -                 | -               | -                 | **Terminal, JSON, Markdown** |
+| Single command               | Yes               | Yes             | Yes               | **Yes**                      |
+
+`still_active` tells you whether a dependency is outdated, insecure, _and_ abandoned -- not just one of the three.
+
 ## Installation
 
 ```bash
 gem install still_active
 ```
 
+## Quick Start
+
+```bash
+# audit your Gemfile (auto-detects output format)
+still_active
+
+# check specific gems
+still_active --gems=rails,nokogiri,sidekiq
+
+# CI pipeline: fail if any gem is critically stale
+still_active --fail-if-critical
+
+# markdown table for pull requests or documentation
+still_active --markdown
+```
+
 ## Usage
 
+### Authentication
+
 Tokens are read from `GITHUB_TOKEN` and `GITLAB_TOKEN` environment variables by default. Without a GitHub token you will most certainly get rate limited. The GitLab token is optional for public repos but required for private ones. CLI flags override the env vars.
 
+### CLI options
+
 ```text
 Usage: still_active [options]
 
@@ -44,14 +95,16 @@ Usage: still_active [options]
     -v, --version                    Show version
 ```
 
-### Examples
+### Output formats
+
+**Terminal** (default on TTY) -- coloured table with summary line. Shown above.
+
+**JSON** (default when piped) -- structured data for automation:
 
 ```bash
 still_active --json --gems=rails,nokogiri
 ```
 
-Will output:
-
 ```json
 {
   "rails": {
@@ -79,26 +132,17 @@ Will output:
 }
 ```
 
+**Markdown** -- table for pull requests, documentation, or wikis:
+
 ```bash
-# run against this gem's own Gemfile
 still_active --markdown
 ```
 
-Outputs:
-
-| activity | up to date? | OpenSSF | vulns | name                                                                       | version used                                                                      | latest version                                                                    | latest pre-release                                                                | last commit                                                  |
-| -------- | ----------- | ------- | ----- | -------------------------------------------------------------------------- | --------------------------------------------------------------------------------- | --------------------------------------------------------------------------------- | --------------------------------------------------------------------------------- | ------------------------------------------------------------ |
-| ⚠️       | ✅          | 3.1/10  | ✅    | [code-scanning-rubocop](https://github.com/arthurnn/code-scanning-rubocop) | [0.6.1](https://rubygems.org/gems/code-scanning-rubocop/versions/0.6.1) (2022/02) | [0.6.1](https://rubygems.org/gems/code-scanning-rubocop/versions/0.6.1) (2022/02) | ❓                                                                                | [2024/06](https://github.com/arthurnn/code-scanning-rubocop) |
-|          | ✅          | 5.2/10  | ✅    | [debug](https://github.com/ruby/debug)                                     | [1.11.1](https://rubygems.org/gems/debug/versions/1.11.1) (2025/12)               | [1.11.1](https://rubygems.org/gems/debug/versions/1.11.1) (2025/12)               | [1.0.0.rc2](https://rubygems.org/gems/debug/versions/1.0.0.rc2) (2021/09)         | [2025/12](https://github.com/ruby/debug)                     |
-|          | ✅          | 7.4/10  | ✅    | [faker](https://github.com/faker-ruby/faker)                               | [3.6.0](https://rubygems.org/gems/faker/versions/3.6.0) (2026/01)                 | [3.6.0](https://rubygems.org/gems/faker/versions/3.6.0) (2026/01)                 | ❓                                                                                | [2026/02](https://github.com/faker-ruby/faker)               |
-|          | ✅          | 5.3/10  | ✅    | [rake](https://github.com/ruby/rake)                                       | [13.3.1](https://rubygems.org/gems/rake/versions/13.3.1) (2025/10)                | [13.3.1](https://rubygems.org/gems/rake/versions/13.3.1) (2025/10)                | [13.0.0.pre.1](https://rubygems.org/gems/rake/versions/13.0.0.pre.1) (2019/09)    | [2026/02](https://github.com/ruby/rake)                      |
-|          | ✅          | 6.9/10  | ✅    | [rspec](https://github.com/rspec/rspec)                                    | [3.13.2](https://rubygems.org/gems/rspec/versions/3.13.2) (2025/10)               | [3.13.2](https://rubygems.org/gems/rspec/versions/3.13.2) (2025/10)               | [4.0.0.beta1](https://rubygems.org/gems/rspec/versions/4.0.0.beta1) (2026/02)     | [2026/02](https://github.com/rspec/rspec)                    |
-|          | ✅          | 5.9/10  | ✅    | [rubocop](https://github.com/rubocop/rubocop)                              | [1.84.2](https://rubygems.org/gems/rubocop/versions/1.84.2) (2026/02)             | [1.84.2](https://rubygems.org/gems/rubocop/versions/1.84.2) (2026/02)             | ❓                                                                                | [2026/02](https://github.com/rubocop/rubocop)                |
-|          | ✅          | ❓      | ✅    | [rubocop-performance](https://github.com/rubocop/rubocop-performance)      | [1.26.1](https://rubygems.org/gems/rubocop-performance/versions/1.26.1) (2025/10) | [1.26.1](https://rubygems.org/gems/rubocop-performance/versions/1.26.1) (2025/10) | ❓                                                                                | [2026/01](https://github.com/rubocop/rubocop-performance)    |
-|          | ✅          | ❓      | ✅    | [rubocop-rspec](https://github.com/rubocop/rubocop-rspec)                  | [3.9.0](https://rubygems.org/gems/rubocop-rspec/versions/3.9.0) (2026/01)         | [3.9.0](https://rubygems.org/gems/rubocop-rspec/versions/3.9.0) (2026/01)         | [3.0.0.pre](https://rubygems.org/gems/rubocop-rspec/versions/3.0.0.pre) (2024/06) | [2026/02](https://github.com/rubocop/rubocop-rspec)          |
-|          | ✅          | ❓      | ✅    | [rubocop-shopify](https://github.com/Shopify/ruby-style-guide)             | [2.18.0](https://rubygems.org/gems/rubocop-shopify/versions/2.18.0) (2025/10)     | [2.18.0](https://rubygems.org/gems/rubocop-shopify/versions/2.18.0) (2025/10)     | ❓                                                                                | [2026/01](https://github.com/Shopify/ruby-style-guide)       |
-|          | ✅          | ❓      | ✅    | [vcr](https://github.com/vcr/vcr)                                          | [6.4.0](https://rubygems.org/gems/vcr/versions/6.4.0) (2025/12)                   | [6.4.0](https://rubygems.org/gems/vcr/versions/6.4.0) (2025/12)                   | [2.0.0.rc2](https://rubygems.org/gems/vcr/versions/2.0.0.rc2) (2012/02)           | [2026/01](https://github.com/vcr/vcr)                        |
-|          | ✅          | 4.2/10  | ✅    | [webmock](https://github.com/bblimke/webmock)                              | [3.26.1](https://rubygems.org/gems/webmock/versions/3.26.1) (2025/10)             | [3.26.1](https://rubygems.org/gems/webmock/versions/3.26.1) (2025/10)             | [2.0.0.beta2](https://rubygems.org/gems/webmock/versions/2.0.0.beta2) (2016/04)   | [2026/01](https://github.com/bblimke/webmock)                |
+| activity | up to date? | OpenSSF | vulns | name                  | version used     | latest version   | latest pre-release  | last commit |
+| -------- | ----------- | ------- | ----- | --------------------- | ---------------- | ---------------- | ------------------- | ----------- |
+| ⚠️       | ✅          | 3.1/10  | ✅    | code-scanning-rubocop | 0.6.1 (2022/02)  | 0.6.1 (2022/02)  | ❓                  | 2024/06     |
+|          | ✅          | 5.2/10  | ✅    | debug                 | 1.11.1 (2025/12) | 1.11.1 (2025/12) | 1.0.0.rc2 (2021/09) | 2025/12     |
+|          | ✅          | 7.4/10  | ✅    | faker                 | 3.6.0 (2026/01)  | 3.6.0 (2026/01)  | ❓                  | 2026/02     |
 
 ### CI quality gating
 
@@ -108,23 +152,28 @@ Use `--fail-if-critical` or `--fail-if-warning` to fail CI pipelines when depend
 still_active --gemfile=Gemfile --fail-if-warning --json
 ```
 
+### Activity thresholds
+
+Activity is determined by the most recent signal across last commit date, latest release date, and latest pre-release date:
+
+- **ok**: last activity within 1 year (configurable with `--safe-range-end`)
+- **stale**: last activity between 1 and 3 years ago (configurable with `--warning-range-end`)
+- **critical**: last activity over 3 years ago
+
 ### Data sources
 
 - **Versions and release dates** from [RubyGems.org](https://rubygems.org)
 - **Last commit date** from the [GitHub](https://docs.github.com/en/rest) or [GitLab](https://docs.gitlab.com/ee/api/) API
 - **OpenSSF Scorecard** and **vulnerability counts** from Google's [deps.dev](https://deps.dev) API
 
-### Configuration options
-
-- `gemfile_path` uses bundler to detect the Gemfile in your working directory
-- `output_format` auto-detects: coloured terminal on TTY, JSON when piped. Override with `--terminal`, `--markdown`, or `--json`
-- `critical_warning_emoji` 🚩
-- `futurist_emoji` 🔮
-- `success_emoji` ✅
-- `unsure_emoji` ❓
-- `warning_emoji` ⚠️
-- `safe_range_end` 1 (considered safe if last activity is at most 1 year ago)
-- `warning_range_end` 3 (warns if last activity is between 1 and 3 years ago; beyond 3 is critical)
+### Configuration defaults
+
+| Option                  | Default     | Description                                                      |
+| ----------------------- | ----------- | ---------------------------------------------------------------- |
+| `output_format`         | auto-detect | Coloured terminal on TTY, JSON when piped                        |
+| `safe_range_end`        | 1 year      | Last activity within this range is "ok"                          |
+| `warning_range_end`     | 3 years     | Last activity within this range is "stale"; beyond is "critical" |
+| `simultaneous_requests` | 10          | Concurrent API requests                                          |
 
 ## Development
 

data/lib/still_active/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module StillActive
-  VERSION = "1.0.0"
+  VERSION = "1.0.1"
 end

data/still_active.gemspec

@@ -8,11 +8,13 @@ Gem::Specification.new do |spec|
   spec.authors       = ["Sean Floyd"]
   spec.email         = ["contact@seanfloyd.dev"]
 
-  spec.summary       = "Check if your Ruby dependencies are still actively maintained."
-  spec.description   = "Analyses your Gemfile dependencies for staleness: latest releases, " \
-    "last commit dates (GitHub and GitLab), OpenSSF Scorecard scores, " \
-    "and known vulnerabilities via deps.dev. " \
-    "Outputs coloured terminal tables, markdown, or JSON with CI gating support."
+  spec.summary       = "Audit your Ruby dependencies for maintenance health, outdated versions, vulnerabilities, and abandoned gems."
+  spec.description   = "Analyses your Gemfile for dependency health: checks if gems are actively maintained " \
+    "(last commit dates via GitHub and GitLab, release dates), outdated versions, " \
+    "OpenSSF Scorecard security scores, and known vulnerabilities via deps.dev. " \
+    "Outputs coloured terminal tables, markdown, or JSON. " \
+    "CI quality gates with --fail-if-critical. " \
+    "A comprehensive alternative to running bundle outdated, bundler-audit, and libyear-bundler separately."
   spec.homepage      = "https://github.com/SeanLF/still_active"
   spec.license       = "MIT"
   spec.required_ruby_version = ">= 3.2.0"

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: still_active
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.0.1
 platform: ruby
 authors:
 - Sean Floyd
@@ -163,10 +163,12 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-description: 'Analyses your Gemfile dependencies for staleness: latest releases, last
-  commit dates (GitHub and GitLab), OpenSSF Scorecard scores, and known vulnerabilities
-  via deps.dev. Outputs coloured terminal tables, markdown, or JSON with CI gating
-  support.'
+description: 'Analyses your Gemfile for dependency health: checks if gems are actively
+  maintained (last commit dates via GitHub and GitLab, release dates), outdated versions,
+  OpenSSF Scorecard security scores, and known vulnerabilities via deps.dev. Outputs
+  coloured terminal tables, markdown, or JSON. CI quality gates with --fail-if-critical.
+  A comprehensive alternative to running bundle outdated, bundler-audit, and libyear-bundler
+  separately.'
 email:
 - contact@seanfloyd.dev
 executables:
@@ -240,5 +242,6 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements: []
 rubygems_version: 4.0.3
 specification_version: 4
-summary: Check if your Ruby dependencies are still actively maintained.
+summary: Audit your Ruby dependencies for maintenance health, outdated versions, vulnerabilities,
+  and abandoned gems.
 test_files: []