RubyGems Navigation menu

still_active 2.0.0

Analyses your Gemfile.lock for dependency health across the full transitive graph: whether each gem is actively maintained (last activity on GitHub, GitLab, or Codeberg/Forgejo, plus release recency), outdated versions, archived repos, OpenSSF Scorecard scores, known vulnerabilities (deps.dev merged with ruby-advisory-db), and libyear drift. Ruby version freshness with EOL detection. Handles rubygems, git, path, GitHub Packages, and JFrog Artifactory sources. Outputs coloured terminal tables, markdown, JSON (with a versioned, contract-tested schema), SARIF for GitHub code scanning, and a CycloneDX SBOM. CI quality gates (--fail-if-critical / -warning / -vulnerable / -outdated) with granular, committed suppression via .still_active.yml. A comprehensive alternative to running bundle outdated, bundler-audit, and libyear-bundler separately.

Gemfile:
=

install:
=

Versions:

  1. 2.0.0 June 14, 2026 (76 KB)
  2. 1.6.0 June 08, 2026 (48.5 KB)
  3. 1.5.0 May 23, 2026 (45 KB)
  4. 1.4.2 May 22, 2026 (36 KB)
  5. 1.4.1 May 22, 2026 (35.5 KB)
Show all versions (19 total)

Runtime Dependencies (5):

async >= 2.2
bundler >= 2.0
faraday-retry >= 0
gems >= 0
octokit >= 0

Development Dependencies (8):

bundler-audit >= 0
debug >= 0
faker >= 0
json_schemer >= 0
rubocop >= 0
rubocop-performance >= 0
rubocop-rspec >= 0
rubocop-shopify >= 0
Show all transitive dependencies

Owners:

Pushed by:

GitHub

Authors:

  • Sean Floyd

SHA 256 checksum:

=

Provenance:

Built and signed on

GitHub Actions

Build summary

← Previous version

Total downloads 12,819

For this version 197

Version Released:

License:

MIT

Required Ruby Version: >= 3.3.0

New versions require MFA: true

Version published with MFA: true

Links:

Homepage Changelog Bug Tracker Download Review changes Badge Subscribe RSS Analytics Report abuse Reverse dependencies