Hello 👋
I’m the lead developer behind **GemTracker** (https://github.com/spaquet/gemtracker), and I built it because I wear two hats: Ruby developer and compliance officer.
I got tired of jumping between `bundle outdated`, `bundler-audit`, and manual GitHub checks just to know if my dependencies were safe. So I created a single tool that gives you complete visibility — direct and transitive gems, their relationships, security risks, and maintenance health — all in one fast terminal interface.
**GemTracker 1.2.6** currently offers:
- Direct + transitive dependency view with forward and reverse trees (see exactly what’s using what)
- CVE scanning with risk levels and remediation advice (powered by OSV.dev)
- Outdated gem detection with version gaps
- Gem health indicators (Healthy / Warning / Critical) based on release activity
- Interactive tab-based TUI (Gems, Search, CVE) with full keyboard navigation
- Clean exports: JSON, CSV, and text (perfect for CI/CD or reports)
- Project & gem size estimates
It’s completely free, open source, and works instantly — no setup required.
If you’re a Rails dev who wants to stop worrying about dependency debt, I’d love for you to try it.
Drop a star on the repo if it helps you: https://github.com/spaquet/gemtracker
Questions, feedback, or PRs are all very welcome — happy to squash bugs or add features you actually need.
Looking forward to hearing what you think!
Stephane PAQUET
posted on
2026-04-13 15:43:45 UTC
