{"id":614,"name":null,"description":"Minimal authorization through OO design and pure Ruby classes","url":"https://github.com/varvet/pundit","last_synced_at":"2026-04-30T05:01:24.042Z","repository":{"id":5343473,"uuid":"6529205","full_name":"varvet/pundit","owner":"varvet","description":"Minimal authorization through OO design and pure Ruby classes","archived":false,"fork":false,"pushed_at":"2026-03-16T10:04:41.000Z","size":730,"stargazers_count":8500,"open_issues_count":15,"forks_count":643,"subscribers_count":98,"default_branch":"main","last_synced_at":"2026-04-29T01:03:39.579Z","etag":null,"topics":["ruby"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/varvet.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.txt","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2012-11-04T09:20:19.000Z","updated_at":"2026-04-26T10:16:08.000Z","dependencies_parsed_at":"2024-03-25T23:27:38.111Z","dependency_job_id":"ee1e3f1a-f374-4939-9ef5-91b487dc8d72","html_url":"https://github.com/varvet/pundit","commit_stats":{"total_commits":448,"total_committers":146,"mean_commits":"3.0684931506849313","dds":0.8526785714285714,"last_synced_commit":"2b0ca28bd2b0f0fe46155b2561903146c57513bb"},"previous_names":["elabs/pundit"],"tags_count":22,"template":false,"template_full_name":null,"purl":"pkg:github/varvet/pundit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/varvet","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/sbom","scorecard":{"id":916634,"data":{"date":"2025-08-11","repo":{"name":"github.com/varvet/pundit","commit":"a45734349b075d67089c27e1e96dc2fa4477e4bc"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":6,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":3,"reason":"Found 3/8 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/main.yml:89","Warn: jobLevel 'checks' permission set to 'write': .github/workflows/main.yml:90","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/push_gem.yml:15","Info: topLevel 'contents' permission set to 'read': .github/workflows/main.yml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/push_gem.yml:7"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":3,"reason":"dependency not pinned by hash detected -- score normalized to 3","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: downloadThenRun not pinned by hash: .github/workflows/main.yml:70","Warn: downloadThenRun not pinned by hash: .github/workflows/main.yml:83","Info:   1 out of   8 GitHub-owned GitHubAction dependencies pinned","Info:   4 out of   8 third-party GitHubAction dependencies pinned","Info:   0 out of   2 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.txt:0","Info: FSF or OSI recognized license: MIT License: LICENSE.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-24T21:15:26.051Z","repository_id":5343473,"created_at":"2025-08-24T21:15:26.051Z","updated_at":"2025-08-24T21:15:26.051Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32406193,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-28T19:38:08.556Z","status":"ssl_error","status_checked_at":"2026-04-28T19:37:55.688Z","response_time":56,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"owner":{"login":"varvet","name":"Varvet","uuid":"3612746","kind":"organization","description":"","email":"hello@varvet.com","website":"https://www.varvet.com","location":"Gothenburg, Sweden","twitter":"varvet","company":null,"icon_url":"https://avatars.githubusercontent.com/u/3612746?v=4","repositories_count":127,"last_synced_at":"2024-04-14T19:00:51.817Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/varvet","funding_links":[],"total_stars":10164,"followers":8,"following":0,"created_at":"2022-11-02T16:34:27.544Z","updated_at":"2024-04-14T19:01:12.699Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/varvet","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/varvet/repositories"},"packages":[{"id":13713055,"name":"ruby-pundit","ecosystem":"debian","description":null,"homepage":"https://github.com/varvet/pundit","licenses":null,"normalized_licenses":[],"repository_url":"https://github.com/varvet/pundit","keywords_array":["misc"],"namespace":"main","versions_count":1,"first_release_published_at":"2026-02-12T23:38:00.065Z","latest_release_published_at":"2026-02-12T23:38:00.065Z","latest_release_number":"2.1.0-1","last_synced_at":"2026-03-13T15:47:52.461Z","created_at":"2026-02-12T23:37:59.886Z","updated_at":"2026-03-13T16:01:55.808Z","registry_url":"https://tracker.debian.org/pkg/ruby-pundit","install_command":"apt-get install ruby-pundit","documentation_url":"https://packages.debian.org/bookworm/ruby-pundit","metadata":{"component":"main","architecture":"all","priority":"optional","binary":"ruby-pundit","standards_version":"4.5.0","maintainer":"Debian Ruby Team \u003cpkg-ruby-extras-maintainers@lists.alioth.debian.org\u003e","build_depends":"debhelper-compat (= 13), gem2deb (\u003e= 1), pry, rake, ruby-actionpack, ruby-activemodel, ruby-rspec","build_depends_indep":null,"build_depends_arch":null},"repo_metadata":{},"repo_metadata_updated_at":"2026-02-12T23:38:00.681Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":0.0,"dependent_packages_count":0.0,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":100},"purl":"pkg:deb/debian/ruby-pundit?arch=source\u0026distro=debian-12","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/debian/ruby-pundit","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/debian/ruby-pundit","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/debian/ruby-pundit/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/debian-12/packages/ruby-pundit/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/debian-12/packages/ruby-pundit/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/debian-12/packages/ruby-pundit/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/debian-12/packages/ruby-pundit/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/debian-12/packages/ruby-pundit/codemeta","maintainers":[],"registry":{"name":"debian-12","url":"https://packages.debian.org/bookworm","ecosystem":"debian","default":true,"packages_count":34734,"maintainers_count":0,"namespaces_count":4,"keywords_count":0,"github":"debian","metadata":{"codename":"bookworm"},"icon_url":"https://github.com/debian.png","created_at":"2026-02-04T11:01:49.459Z","updated_at":"2026-04-27T18:20:38.992Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/debian-12/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/debian-12/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/debian-12/namespaces"}},{"id":13761648,"name":"ruby-pundit","ecosystem":"ubuntu","description":null,"homepage":"https://github.com/varvet/pundit","licenses":null,"normalized_licenses":[],"repository_url":"https://github.com/varvet/pundit","keywords_array":["universe/misc"],"namespace":"universe","versions_count":1,"first_release_published_at":"2026-02-13T09:54:17.140Z","latest_release_published_at":"2026-02-13T09:54:17.140Z","latest_release_number":"2.1.0-1","last_synced_at":"2026-03-13T17:13:04.491Z","created_at":"2026-02-13T09:54:16.976Z","updated_at":"2026-03-13T17:13:04.491Z","registry_url":"https://launchpad.net/ubuntu/+source/ruby-pundit","install_command":"apt-get install ruby-pundit","documentation_url":null,"metadata":{"component":"universe","architecture":"all","priority":"optional","binary":"ruby-pundit","standards_version":"4.5.0","maintainer":"Debian Ruby Team \u003cpkg-ruby-extras-maintainers@lists.alioth.debian.org\u003e","build_depends":"debhelper-compat (= 13), gem2deb (\u003e= 1), pry, rake, ruby-actionpack, ruby-activemodel, ruby-rspec","build_depends_indep":null,"build_depends_arch":null},"repo_metadata":{},"repo_metadata_updated_at":"2026-02-13T09:54:17.947Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":0.0,"dependent_packages_count":0.0,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":100},"purl":"pkg:deb/ubuntu/ruby-pundit?arch=source\u0026distro=ubuntu-24.10\u0026repository_url=https://launchpad.net/ubuntu/oracular","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/ubuntu/ruby-pundit","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/ubuntu/ruby-pundit","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/ubuntu/ruby-pundit/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.10/packages/ruby-pundit/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.10/packages/ruby-pundit/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.10/packages/ruby-pundit/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.10/packages/ruby-pundit/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.10/packages/ruby-pundit/codemeta","maintainers":[],"registry":{"name":"ubuntu-24.10","url":"https://launchpad.net/ubuntu/oracular","ecosystem":"ubuntu","default":false,"packages_count":38437,"maintainers_count":0,"namespaces_count":4,"keywords_count":0,"github":"ubuntu","metadata":{"codename":"oracular","mirror":"http://old-releases.ubuntu.com/ubuntu"},"icon_url":"https://github.com/ubuntu.png","created_at":"2026-02-04T11:01:48.028Z","updated_at":"2026-04-27T18:20:37.303Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.10/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.10/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.10/namespaces"}},{"id":13566967,"name":"ruby-pundit","ecosystem":"ubuntu","description":null,"homepage":"https://github.com/varvet/pundit","licenses":null,"normalized_licenses":[],"repository_url":"https://github.com/varvet/pundit","keywords_array":["universe/misc"],"namespace":"universe","versions_count":1,"first_release_published_at":"2026-02-11T06:47:11.081Z","latest_release_published_at":"2026-02-11T06:47:11.081Z","latest_release_number":"2.1.0-1","last_synced_at":"2026-03-11T15:29:58.987Z","created_at":"2026-02-11T06:47:10.851Z","updated_at":"2026-03-11T15:29:58.987Z","registry_url":"https://launchpad.net/ubuntu/+source/ruby-pundit","install_command":"apt-get install ruby-pundit","documentation_url":null,"metadata":{"component":"universe","architecture":"all","priority":"optional","binary":"ruby-pundit","standards_version":"4.5.0","maintainer":"Debian Ruby Team \u003cpkg-ruby-extras-maintainers@lists.alioth.debian.org\u003e","build_depends":"debhelper-compat (= 13), gem2deb (\u003e= 1), pry, rake, ruby-actionpack, ruby-activemodel, ruby-rspec","build_depends_indep":null,"build_depends_arch":null},"repo_metadata":{},"repo_metadata_updated_at":"2026-02-11T14:57:09.061Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":0.0,"dependent_packages_count":0.0,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":100},"purl":"pkg:deb/ubuntu/ruby-pundit?arch=source\u0026distro=ubuntu-23.04\u0026repository_url=https://launchpad.net/ubuntu/lunar","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/ubuntu/ruby-pundit","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/ubuntu/ruby-pundit","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/ubuntu/ruby-pundit/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.04/packages/ruby-pundit/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.04/packages/ruby-pundit/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.04/packages/ruby-pundit/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.04/packages/ruby-pundit/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.04/packages/ruby-pundit/codemeta","maintainers":[],"registry":{"name":"ubuntu-23.04","url":"https://launchpad.net/ubuntu/lunar","ecosystem":"ubuntu","default":false,"packages_count":36116,"maintainers_count":0,"namespaces_count":4,"keywords_count":0,"github":"ubuntu","metadata":{"codename":"lunar","mirror":"http://old-releases.ubuntu.com/ubuntu"},"icon_url":"https://github.com/ubuntu.png","created_at":"2026-02-04T11:01:49.117Z","updated_at":"2026-04-27T18:20:38.741Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.04/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.04/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.04/namespaces"}},{"id":13805032,"name":"ruby-pundit","ecosystem":"ubuntu","description":null,"homepage":"https://github.com/varvet/pundit","licenses":null,"normalized_licenses":[],"repository_url":"https://github.com/varvet/pundit","keywords_array":["universe/misc"],"namespace":"universe","versions_count":1,"first_release_published_at":"2026-02-13T18:30:04.372Z","latest_release_published_at":"2026-02-13T18:30:04.372Z","latest_release_number":"2.1.0-1","last_synced_at":"2026-03-14T03:13:46.847Z","created_at":"2026-02-13T18:30:04.091Z","updated_at":"2026-03-14T03:13:46.848Z","registry_url":"https://launchpad.net/ubuntu/+source/ruby-pundit","install_command":"apt-get install ruby-pundit","documentation_url":null,"metadata":{"component":"universe","architecture":"all","priority":"optional","binary":"ruby-pundit","standards_version":"4.5.0","maintainer":"Debian Ruby Team \u003cpkg-ruby-extras-maintainers@lists.alioth.debian.org\u003e","build_depends":"debhelper-compat (= 13), gem2deb (\u003e= 1), pry, rake, ruby-actionpack, ruby-activemodel, ruby-rspec","build_depends_indep":null,"build_depends_arch":null},"repo_metadata":{},"repo_metadata_updated_at":"2026-02-13T18:30:04.944Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":0.0,"dependent_packages_count":0.0,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":100},"purl":"pkg:deb/ubuntu/ruby-pundit?arch=source\u0026distro=ubuntu-23.10\u0026repository_url=https://launchpad.net/ubuntu/mantic","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/ubuntu/ruby-pundit","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/ubuntu/ruby-pundit","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/ubuntu/ruby-pundit/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.10/packages/ruby-pundit/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.10/packages/ruby-pundit/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.10/packages/ruby-pundit/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.10/packages/ruby-pundit/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.10/packages/ruby-pundit/codemeta","maintainers":[],"registry":{"name":"ubuntu-23.10","url":"https://launchpad.net/ubuntu/mantic","ecosystem":"ubuntu","default":false,"packages_count":36642,"maintainers_count":0,"namespaces_count":4,"keywords_count":0,"github":"ubuntu","metadata":{"codename":"mantic","mirror":"http://old-releases.ubuntu.com/ubuntu"},"icon_url":"https://github.com/ubuntu.png","created_at":"2026-02-04T11:01:48.636Z","updated_at":"2026-04-27T18:20:38.051Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.10/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.10/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.10/namespaces"}},{"id":12298839,"name":"pundit","ecosystem":"rubygems","description":"Object oriented authorization for Rails applications","homepage":"https://github.com/varvet/pundit","licenses":"MIT","normalized_licenses":["MIT"],"repository_url":"https://github.com/varvet/pundit","keywords_array":[],"namespace":null,"versions_count":22,"first_release_published_at":"2012-11-19T14:16:13.105Z","latest_release_published_at":"2025-09-24T12:07:13.691Z","latest_release_number":"2.5.2","last_synced_at":"2026-04-29T08:31:07.960Z","created_at":"2025-10-07T05:05:47.438Z","updated_at":"2026-04-29T08:31:19.562Z","registry_url":"https://gem.coop/gems/pundit","install_command":"gem install pundit -s https://gem.coop","documentation_url":"http://www.rubydoc.info/gems/pundit/","metadata":{"funding":null},"repo_metadata":{"id":5343473,"uuid":"6529205","full_name":"varvet/pundit","owner":"varvet","description":"Minimal authorization through OO design and pure Ruby classes","archived":false,"fork":false,"pushed_at":"2026-03-16T10:04:41.000Z","size":730,"stargazers_count":8501,"open_issues_count":15,"forks_count":643,"subscribers_count":98,"default_branch":"main","last_synced_at":"2026-04-21T22:03:11.098Z","etag":null,"topics":["ruby"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/varvet.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.txt","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2012-11-04T09:20:19.000Z","updated_at":"2026-04-21T00:24:57.000Z","dependencies_parsed_at":"2024-03-25T23:27:38.111Z","dependency_job_id":"ee1e3f1a-f374-4939-9ef5-91b487dc8d72","html_url":"https://github.com/varvet/pundit","commit_stats":{"total_commits":448,"total_committers":146,"mean_commits":"3.0684931506849313","dds":0.8526785714285714,"last_synced_commit":"2b0ca28bd2b0f0fe46155b2561903146c57513bb"},"previous_names":["elabs/pundit"],"tags_count":22,"template":false,"template_full_name":null,"purl":"pkg:github/varvet/pundit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/varvet","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/sbom","scorecard":{"id":916634,"data":{"date":"2025-08-11","repo":{"name":"github.com/varvet/pundit","commit":"a45734349b075d67089c27e1e96dc2fa4477e4bc"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":6,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":3,"reason":"Found 3/8 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/main.yml:89","Warn: jobLevel 'checks' permission set to 'write': .github/workflows/main.yml:90","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/push_gem.yml:15","Info: topLevel 'contents' permission set to 'read': .github/workflows/main.yml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/push_gem.yml:7"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":3,"reason":"dependency not pinned by hash detected -- score normalized to 3","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: downloadThenRun not pinned by hash: .github/workflows/main.yml:70","Warn: downloadThenRun not pinned by hash: .github/workflows/main.yml:83","Info:   1 out of   8 GitHub-owned GitHubAction dependencies pinned","Info:   4 out of   8 third-party GitHubAction dependencies pinned","Info:   0 out of   2 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.txt:0","Info: FSF or OSI recognized license: MIT License: LICENSE.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-24T21:15:26.051Z","repository_id":5343473,"created_at":"2025-08-24T21:15:26.051Z","updated_at":"2025-08-24T21:15:26.051Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32116514,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-22T00:31:26.853Z","status":"ssl_error","status_checked_at":"2026-04-22T00:30:22.894Z","response_time":128,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"varvet","name":"Varvet","uuid":"3612746","kind":"organization","description":"","email":"hello@varvet.com","website":"https://www.varvet.com","location":"Gothenburg, Sweden","twitter":"varvet","company":null,"icon_url":"https://avatars.githubusercontent.com/u/3612746?v=4","repositories_count":127,"last_synced_at":"2024-04-14T19:00:51.817Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/varvet","funding_links":[],"total_stars":10164,"followers":8,"following":0,"created_at":"2022-11-02T16:34:27.544Z","updated_at":"2024-04-14T19:01:12.699Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/varvet","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/varvet/repositories"},"tags":[]},"repo_metadata_updated_at":"2026-04-29T08:31:19.542Z","dependent_packages_count":0,"downloads":99541850,"downloads_period":"total","dependent_repos_count":0,"rankings":{"downloads":0.2789716973481469,"dependent_repos_count":0.0,"dependent_packages_count":0.0,"stargazers_count":null,"forks_count":null,"docker_downloads_count":0.49901332684561944,"average":0.1944962560484416},"purl":"pkg:gem/pundit?repository_url=https://gem.coop","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/rubygems/pundit","docker_dependents_count":112,"docker_downloads_count":133640098,"usage_url":"https://repos.ecosyste.ms/usage/rubygems/pundit","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/rubygems/pundit/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":{"last_synced_at":"2026-04-02T14:01:20.809Z","issues_count":80,"pull_requests_count":159,"avg_time_to_close_issue":25257539.0,"avg_time_to_close_pull_request":14098385.820143884,"issues_closed_count":67,"pull_requests_closed_count":139,"pull_request_authors_count":59,"issue_authors_count":74,"avg_comments_per_issue":3.7375,"avg_comments_per_pull_request":1.748427672955975,"merged_pull_requests_count":96,"bot_issues_count":0,"bot_pull_requests_count":0,"past_year_issues_count":5,"past_year_pull_requests_count":17,"past_year_avg_time_to_close_issue":5589899.2,"past_year_avg_time_to_close_pull_request":8312.357142857143,"past_year_issues_closed_count":5,"past_year_pull_requests_closed_count":14,"past_year_pull_request_authors_count":3,"past_year_issue_authors_count":4,"past_year_avg_comments_per_issue":1.8,"past_year_avg_comments_per_pull_request":0.5294117647058824,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":0,"past_year_merged_pull_requests_count":12,"issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/issues","maintainers":[{"login":"Burgestrand","count":72,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Burgestrand"},{"login":"Linuus","count":3,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Linuus"},{"login":"dgmstuart","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/dgmstuart"}],"active_maintainers":[{"login":"Burgestrand","count":15,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Burgestrand"}]},"versions_url":"https://packages.ecosyste.ms/api/v1/registries/gem.coop/packages/pundit/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/gem.coop/packages/pundit/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/gem.coop/packages/pundit/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/gem.coop/packages/pundit/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/gem.coop/packages/pundit/codemeta","maintainers":[{"uuid":"296","login":"jnicklas","name":null,"email":null,"url":null,"packages_count":32,"html_url":"https://gem.coop/profiles/jnicklas","role":null,"created_at":"2025-10-08T02:59:21.452Z","updated_at":"2025-10-08T02:59:21.452Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/gem.coop/maintainers/jnicklas/packages"},{"uuid":"6731","login":"varvet","name":null,"email":null,"url":null,"packages_count":28,"html_url":"https://gem.coop/profiles/varvet","role":null,"created_at":"2025-10-08T02:59:21.851Z","updated_at":"2025-10-08T02:59:21.851Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/gem.coop/maintainers/varvet/packages"},{"uuid":"44779","login":"Burgestrand","name":null,"email":null,"url":null,"packages_count":32,"html_url":"https://gem.coop/profiles/Burgestrand","role":null,"created_at":"2025-10-08T02:59:21.975Z","updated_at":"2025-10-08T02:59:21.975Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/gem.coop/maintainers/Burgestrand/packages"}],"registry":{"name":"gem.coop","url":"https://gem.coop","ecosystem":"rubygems","default":false,"packages_count":190402,"maintainers_count":67481,"namespaces_count":0,"keywords_count":0,"github":"gem-coop","metadata":{"funded_packages_count":6507},"icon_url":"https://github.com/gem-coop.png","created_at":"2025-10-06T17:24:20.932Z","updated_at":"2026-04-03T06:45:05.763Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/gem.coop/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/gem.coop/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/gem.coop/namespaces"}},{"id":13530798,"name":"ruby-pundit","ecosystem":"debian","description":null,"homepage":"https://github.com/varvet/pundit","licenses":null,"normalized_licenses":[],"repository_url":"https://github.com/varvet/pundit","keywords_array":["misc"],"namespace":"main","versions_count":1,"first_release_published_at":"2026-02-10T23:36:27.935Z","latest_release_published_at":"2026-02-10T23:36:27.935Z","latest_release_number":"2.1.0-1","last_synced_at":"2026-03-14T07:17:32.982Z","created_at":"2026-02-10T23:36:27.749Z","updated_at":"2026-03-14T07:17:32.982Z","registry_url":"https://tracker.debian.org/pkg/ruby-pundit","install_command":"apt-get install ruby-pundit","documentation_url":"https://packages.debian.org/bullseye/ruby-pundit","metadata":{"component":"main","architecture":"all","priority":"optional","binary":"ruby-pundit","standards_version":"4.5.0","maintainer":"Debian Ruby Team \u003cpkg-ruby-extras-maintainers@lists.alioth.debian.org\u003e","build_depends":"debhelper-compat (= 13), gem2deb (\u003e= 1), pry, rake, ruby-actionpack, ruby-activemodel, ruby-rspec","build_depends_indep":null,"build_depends_arch":null},"repo_metadata":{},"repo_metadata_updated_at":"2026-02-11T14:26:48.360Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":0.0,"dependent_packages_count":0.0,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":100},"purl":"pkg:deb/debian/ruby-pundit?arch=source\u0026distro=debian-11\u0026repository_url=https://packages.debian.org/bullseye","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/debian/ruby-pundit","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/debian/ruby-pundit","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/debian/ruby-pundit/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/debian-11/packages/ruby-pundit/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/debian-11/packages/ruby-pundit/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/debian-11/packages/ruby-pundit/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/debian-11/packages/ruby-pundit/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/debian-11/packages/ruby-pundit/codemeta","maintainers":[],"registry":{"name":"debian-11","url":"https://packages.debian.org/bullseye","ecosystem":"debian","default":false,"packages_count":31268,"maintainers_count":0,"namespaces_count":3,"keywords_count":0,"github":"debian","metadata":{"codename":"bullseye"},"icon_url":"https://github.com/debian.png","created_at":"2026-02-04T11:01:49.702Z","updated_at":"2026-04-27T18:20:39.352Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/debian-11/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/debian-11/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/debian-11/namespaces"}},{"id":7412855,"name":"github.com/varvet/pundit","ecosystem":"go","description":null,"homepage":null,"licenses":"mit","normalized_licenses":["MIT"],"repository_url":"https://github.com/varvet/pundit","keywords_array":[],"namespace":"github.com/varvet","versions_count":21,"first_release_published_at":"2012-11-19T12:52:52.000Z","latest_release_published_at":"2025-09-24T12:03:34.000Z","latest_release_number":"v2.5.2+incompatible","last_synced_at":"2026-04-28T04:01:41.557Z","created_at":"2023-04-06T01:53:58.844Z","updated_at":"2026-04-28T04:01:41.558Z","registry_url":"https://pkg.go.dev/github.com/varvet/pundit","install_command":"go get github.com/varvet/pundit","documentation_url":"https://pkg.go.dev/github.com/varvet/pundit#section-documentation","metadata":{},"repo_metadata":{"id":5343473,"uuid":"6529205","full_name":"varvet/pundit","owner":"varvet","description":"Minimal authorization through OO design and pure Ruby classes","archived":false,"fork":false,"pushed_at":"2025-09-24T12:07:12.000Z","size":713,"stargazers_count":8437,"open_issues_count":17,"forks_count":641,"subscribers_count":98,"default_branch":"main","last_synced_at":"2025-10-09T01:32:09.068Z","etag":null,"topics":["ruby"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/varvet.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.txt","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2012-11-04T09:20:19.000Z","updated_at":"2025-10-05T21:23:33.000Z","dependencies_parsed_at":"2024-03-25T23:27:38.111Z","dependency_job_id":"ee1e9fdb-8a88-47a6-8256-6c6248969fcc","html_url":"https://github.com/varvet/pundit","commit_stats":{"total_commits":448,"total_committers":146,"mean_commits":"3.0684931506849313","dds":0.8526785714285714,"last_synced_commit":"2b0ca28bd2b0f0fe46155b2561903146c57513bb"},"previous_names":["elabs/pundit"],"tags_count":22,"template":false,"template_full_name":null,"purl":"pkg:github/varvet/pundit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/varvet","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/sbom","scorecard":{"id":916634,"data":{"date":"2025-08-11","repo":{"name":"github.com/varvet/pundit","commit":"a45734349b075d67089c27e1e96dc2fa4477e4bc"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":6,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":3,"reason":"Found 3/8 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/main.yml:89","Warn: jobLevel 'checks' permission set to 'write': .github/workflows/main.yml:90","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/push_gem.yml:15","Info: topLevel 'contents' permission set to 'read': .github/workflows/main.yml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/push_gem.yml:7"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":3,"reason":"dependency not pinned by hash detected -- score normalized to 3","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: downloadThenRun not pinned by hash: .github/workflows/main.yml:70","Warn: downloadThenRun not pinned by hash: .github/workflows/main.yml:83","Info:   1 out of   8 GitHub-owned GitHubAction dependencies pinned","Info:   4 out of   8 third-party GitHubAction dependencies pinned","Info:   0 out of   2 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.txt:0","Info: FSF or OSI recognized license: MIT License: LICENSE.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-24T21:15:26.051Z","repository_id":5343473,"created_at":"2025-08-24T21:15:26.051Z","updated_at":"2025-08-24T21:15:26.051Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279002408,"owners_count":26083375,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-10T02:00:06.843Z","response_time":62,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"varvet","name":"Varvet","uuid":"3612746","kind":"organization","description":"","email":"hello@varvet.com","website":"https://www.varvet.com","location":"Gothenburg, Sweden","twitter":"varvet","company":null,"icon_url":"https://avatars.githubusercontent.com/u/3612746?v=4","repositories_count":127,"last_synced_at":"2024-04-14T19:00:51.817Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/varvet","funding_links":[],"total_stars":10164,"followers":8,"following":0,"created_at":"2022-11-02T16:34:27.544Z","updated_at":"2024-04-14T19:01:12.699Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/varvet","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/varvet/repositories"},"tags":[{"name":"v2.5.2","sha":"2d665d67a26f794987df926e49676948fe115289","kind":"tag","published_at":"2025-09-24T12:07:12.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.5.2","html_url":"https://github.com/varvet/pundit/releases/tag/v2.5.2","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.5.2","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.5.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.5.2/manifests"},{"name":"v2.5.1","sha":"27a840bedadf0ef3d66f1857edd966c2e01cc18e","kind":"tag","published_at":"2025-09-12T11:29:56.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.5.1","html_url":"https://github.com/varvet/pundit/releases/tag/v2.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.5.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.5.1/manifests"},{"name":"v2.5.0","sha":"be91242e4faed5d07bb78f8496d6c69cc76c5196","kind":"tag","published_at":"2025-03-03T13:42:35.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.5.0","html_url":"https://github.com/varvet/pundit/releases/tag/v2.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.5.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.5.0/manifests"},{"name":"v2.4.0","sha":"ec75796fbb6ff2e8c03e888f2c0028e10231810c","kind":"tag","published_at":"2024-08-26T13:03:35.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.4.0","html_url":"https://github.com/varvet/pundit/releases/tag/v2.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.4.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.4.0/manifests"},{"name":"v2.3.2","sha":"18994ac508d2853fbdda1fbfc5ec358827638193","kind":"tag","published_at":"2024-05-08T19:26:13.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.3.2","html_url":"https://github.com/varvet/pundit/releases/tag/v2.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.3.2","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.3.2/manifests"},{"name":"v2.3.1","sha":"4e75805ac863741aae4afa0ecec9a002955c38af","kind":"tag","published_at":"2023-07-17T13:36:43.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.3.1","html_url":"https://github.com/varvet/pundit/releases/tag/v2.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.3.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.3.1/manifests"},{"name":"v2.3.0","sha":"16554a5fe814153d05cec133705bd583709a4124","kind":"tag","published_at":"2022-12-19T15:23:51.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.3.0","html_url":"https://github.com/varvet/pundit/releases/tag/v2.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.3.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.3.0/manifests"},{"name":"v2.2.0","sha":"d569083cdabdf10e935dcb79f982516bcf6e46e0","kind":"tag","published_at":"2022-02-11T12:10:12.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.2.0","html_url":"https://github.com/varvet/pundit/releases/tag/v2.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.2.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.2.0/manifests"},{"name":"v2.1.1","sha":"0b5c0824c1d35709f992a5fc73abbacddc7bcc45","kind":"tag","published_at":"2021-08-13T08:52:47.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.1.1","html_url":"https://github.com/varvet/pundit/releases/tag/v2.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.1.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.1.1/manifests"},{"name":"v2.1.0","sha":"a77abf82fd4a30a3c4ac52d5e4287387d73bd089","kind":"commit","published_at":"2019-08-14T11:30:17.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.1.0","html_url":"https://github.com/varvet/pundit/releases/tag/v2.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.1.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.1.0/manifests"},{"name":"v2.0.1","sha":"669744d949412557433b20fbb3184116d3c4d05c","kind":"commit","published_at":"2019-01-18T13:04:08.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.0.1","html_url":"https://github.com/varvet/pundit/releases/tag/v2.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.0.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.0.1/manifests"},{"name":"v2.0.0","sha":"a89cb3df21f010c26bea0e66f05c7f9c74b88469","kind":"commit","published_at":"2018-07-21T18:35:16.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.0.0","html_url":"https://github.com/varvet/pundit/releases/tag/v2.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.0.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.0.0/manifests"},{"name":"v2.0.0.beta1","sha":"66e49fa55b7eda82e850cfb7b2db2fce923b7bd3","kind":"commit","published_at":"2018-07-04T18:47:45.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.0.0.beta1","html_url":"https://github.com/varvet/pundit/releases/tag/v2.0.0.beta1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.0.0.beta1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.0.0.beta1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.0.0.beta1/manifests"},{"name":"v1.1.0","sha":"b0bdfbc0db601ea4cc6cfcb243a657396c3e0f82","kind":"tag","published_at":"2016-01-14T15:06:54.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v1.1.0","html_url":"https://github.com/varvet/pundit/releases/tag/v1.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v1.1.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v1.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v1.1.0/manifests"},{"name":"v1.0.1","sha":"145d7592c0028c26e61e8a9569ed3440323eaa40","kind":"tag","published_at":"2015-05-27T16:39:00.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v1.0.1","html_url":"https://github.com/varvet/pundit/releases/tag/v1.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v1.0.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v1.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v1.0.1/manifests"},{"name":"v1.0.0","sha":"582ee78c2b83cbd01d17e6768ff0f004a2c73eda","kind":"tag","published_at":"2015-04-19T11:27:30.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v1.0.0","html_url":"https://github.com/varvet/pundit/releases/tag/v1.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v1.0.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v1.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v1.0.0/manifests"},{"name":"v0.3.0","sha":"c5e7babdfedd7c539aa36e5b99e41b407e9495ee","kind":"tag","published_at":"2014-08-22T09:22:02.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v0.3.0","html_url":"https://github.com/varvet/pundit/releases/tag/v0.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v0.3.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.3.0/manifests"},{"name":"v0.2.3","sha":"0d6ed71adeec53794e43328ba19ce50c0f5ad001","kind":"tag","published_at":"2014-04-06T22:08:52.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v0.2.3","html_url":"https://github.com/varvet/pundit/releases/tag/v0.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v0.2.3","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.2.3/manifests"},{"name":"v0.2.2","sha":"41b3e61fba42d063f1824f2e5cdf69876663bd4f","kind":"tag","published_at":"2014-02-07T17:17:52.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v0.2.2","html_url":"https://github.com/varvet/pundit/releases/tag/v0.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v0.2.2","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.2.2/manifests"},{"name":"v0.2.1","sha":"f88d39b34f373e7bb9ddb09412b31ed608364652","kind":"commit","published_at":"2013-06-18T07:23:13.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v0.2.1","html_url":"https://github.com/varvet/pundit/releases/tag/v0.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v0.2.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.2.1/manifests"},{"name":"v0.2.0","sha":"f71aae268d24cd54ab716f557c7ddee47b1601b7","kind":"commit","published_at":"2013-01-08T08:48:57.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v0.2.0","html_url":"https://github.com/varvet/pundit/releases/tag/v0.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v0.2.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.2.0/manifests"},{"name":"v0.1.0","sha":"1a257bdcb16b69c9b1cd72f16e354ca2dde790f2","kind":"commit","published_at":"2012-11-19T12:52:52.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v0.1.0","html_url":"https://github.com/varvet/pundit/releases/tag/v0.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v0.1.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.1.0/manifests"}]},"repo_metadata_updated_at":"2025-10-10T18:54:07.544Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":1,"rankings":{"downloads":null,"dependent_repos_count":4.789587293940285,"dependent_packages_count":8.46323085852288,"stargazers_count":0.7319876527699762,"forks_count":1.1485457326158124,"docker_downloads_count":null,"average":3.7833378844622385},"purl":"pkg:golang/github.com/varvet/pundit","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/go/github.com/varvet/pundit","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/go/github.com/varvet/pundit","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/go/github.com/varvet/pundit/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":{"last_synced_at":"2025-09-25T17:03:37.962Z","issues_count":79,"pull_requests_count":155,"avg_time_to_close_issue":25620585.56923077,"avg_time_to_close_pull_request":14304199.474452555,"issues_closed_count":65,"pull_requests_closed_count":137,"pull_request_authors_count":58,"issue_authors_count":72,"avg_comments_per_issue":3.7341772151898733,"avg_comments_per_pull_request":1.767741935483871,"merged_pull_requests_count":94,"bot_issues_count":0,"bot_pull_requests_count":0,"past_year_issues_count":11,"past_year_pull_requests_count":39,"past_year_avg_time_to_close_issue":905731.5,"past_year_avg_time_to_close_pull_request":1159924.0,"past_year_issues_closed_count":6,"past_year_pull_requests_closed_count":30,"past_year_pull_request_authors_count":7,"past_year_issue_authors_count":8,"past_year_avg_comments_per_issue":1.3636363636363635,"past_year_avg_comments_per_pull_request":1.0,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":0,"past_year_merged_pull_requests_count":28,"issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/issues","maintainers":[{"login":"Burgestrand","count":70,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Burgestrand"},{"login":"Linuus","count":3,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Linuus"},{"login":"dgmstuart","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/dgmstuart"}],"active_maintainers":[{"login":"Burgestrand","count":29,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Burgestrand"},{"login":"Linuus","count":3,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Linuus"}]},"versions_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fvarvet%2Fpundit/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fvarvet%2Fpundit/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fvarvet%2Fpundit/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fvarvet%2Fpundit/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fvarvet%2Fpundit/codemeta","maintainers":[],"registry":{"name":"proxy.golang.org","url":"https://proxy.golang.org","ecosystem":"go","default":true,"packages_count":2118894,"maintainers_count":0,"namespaces_count":782439,"keywords_count":112823,"github":"golang","metadata":{"funded_packages_count":53495},"icon_url":"https://github.com/golang.png","created_at":"2022-04-04T15:19:22.939Z","updated_at":"2026-04-19T05:14:45.920Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/namespaces"}},{"id":277147,"name":"pundit","ecosystem":"rubygems","description":"Object oriented authorization for Rails applications","homepage":"https://github.com/varvet/pundit","licenses":"MIT","normalized_licenses":["MIT"],"repository_url":"https://github.com/varvet/pundit","keywords_array":[],"namespace":null,"versions_count":22,"first_release_published_at":"2012-11-19T14:16:13.105Z","latest_release_published_at":"2025-09-24T12:07:13.691Z","latest_release_number":"2.5.2","last_synced_at":"2026-04-30T04:01:12.397Z","created_at":"2022-04-06T07:39:32.058Z","updated_at":"2026-04-30T04:03:11.899Z","registry_url":"https://rubygems.org/gems/pundit","install_command":"gem install pundit -s https://rubygems.org","documentation_url":"http://www.rubydoc.info/gems/pundit/","metadata":{"funding":null},"repo_metadata":{"id":5343473,"uuid":"6529205","full_name":"varvet/pundit","owner":"varvet","description":"Minimal authorization through OO design and pure Ruby classes","archived":false,"fork":false,"pushed_at":"2026-03-16T10:04:41.000Z","size":730,"stargazers_count":8500,"open_issues_count":15,"forks_count":643,"subscribers_count":98,"default_branch":"main","last_synced_at":"2026-04-29T01:03:39.579Z","etag":null,"topics":["ruby"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/varvet.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.txt","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2012-11-04T09:20:19.000Z","updated_at":"2026-04-26T10:16:08.000Z","dependencies_parsed_at":"2024-03-25T23:27:38.111Z","dependency_job_id":"ee1e3f1a-f374-4939-9ef5-91b487dc8d72","html_url":"https://github.com/varvet/pundit","commit_stats":{"total_commits":448,"total_committers":146,"mean_commits":"3.0684931506849313","dds":0.8526785714285714,"last_synced_commit":"2b0ca28bd2b0f0fe46155b2561903146c57513bb"},"previous_names":["elabs/pundit"],"tags_count":22,"template":false,"template_full_name":null,"purl":"pkg:github/varvet/pundit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/varvet","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/sbom","scorecard":{"id":916634,"data":{"date":"2025-08-11","repo":{"name":"github.com/varvet/pundit","commit":"a45734349b075d67089c27e1e96dc2fa4477e4bc"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":6,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":3,"reason":"Found 3/8 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/main.yml:89","Warn: jobLevel 'checks' permission set to 'write': .github/workflows/main.yml:90","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/push_gem.yml:15","Info: topLevel 'contents' permission set to 'read': .github/workflows/main.yml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/push_gem.yml:7"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":3,"reason":"dependency not pinned by hash detected -- score normalized to 3","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/varvet/pundit/main.yml/main?enable=pin","Warn: downloadThenRun not pinned by hash: .github/workflows/main.yml:70","Warn: downloadThenRun not pinned by hash: .github/workflows/main.yml:83","Info:   1 out of   8 GitHub-owned GitHubAction dependencies pinned","Info:   4 out of   8 third-party GitHubAction dependencies pinned","Info:   0 out of   2 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.txt:0","Info: FSF or OSI recognized license: MIT License: LICENSE.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-24T21:15:26.051Z","repository_id":5343473,"created_at":"2025-08-24T21:15:26.051Z","updated_at":"2025-08-24T21:15:26.051Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32406193,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-28T19:38:08.556Z","status":"ssl_error","status_checked_at":"2026-04-28T19:37:55.688Z","response_time":56,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"varvet","name":"Varvet","uuid":"3612746","kind":"organization","description":"","email":"hello@varvet.com","website":"https://www.varvet.com","location":"Gothenburg, Sweden","twitter":"varvet","company":null,"icon_url":"https://avatars.githubusercontent.com/u/3612746?v=4","repositories_count":127,"last_synced_at":"2024-04-14T19:00:51.817Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/varvet","funding_links":[],"total_stars":10164,"followers":8,"following":0,"created_at":"2022-11-02T16:34:27.544Z","updated_at":"2024-04-14T19:01:12.699Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/varvet","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/varvet/repositories"},"tags":[{"name":"v2.5.2","sha":"2d665d67a26f794987df926e49676948fe115289","kind":"tag","published_at":"2025-09-24T12:07:12.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.5.2","html_url":"https://github.com/varvet/pundit/releases/tag/v2.5.2","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.5.2","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.5.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.5.2/manifests"},{"name":"v2.5.1","sha":"27a840bedadf0ef3d66f1857edd966c2e01cc18e","kind":"tag","published_at":"2025-09-12T11:29:56.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.5.1","html_url":"https://github.com/varvet/pundit/releases/tag/v2.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.5.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.5.1/manifests"},{"name":"v2.5.0","sha":"be91242e4faed5d07bb78f8496d6c69cc76c5196","kind":"tag","published_at":"2025-03-03T13:42:35.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.5.0","html_url":"https://github.com/varvet/pundit/releases/tag/v2.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.5.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.5.0/manifests"},{"name":"v2.4.0","sha":"ec75796fbb6ff2e8c03e888f2c0028e10231810c","kind":"tag","published_at":"2024-08-26T13:03:35.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.4.0","html_url":"https://github.com/varvet/pundit/releases/tag/v2.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.4.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.4.0/manifests"},{"name":"v2.3.2","sha":"18994ac508d2853fbdda1fbfc5ec358827638193","kind":"tag","published_at":"2024-05-08T19:26:13.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.3.2","html_url":"https://github.com/varvet/pundit/releases/tag/v2.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.3.2","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.3.2/manifests"},{"name":"v2.3.1","sha":"4e75805ac863741aae4afa0ecec9a002955c38af","kind":"tag","published_at":"2023-07-17T13:36:43.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.3.1","html_url":"https://github.com/varvet/pundit/releases/tag/v2.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.3.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.3.1/manifests"},{"name":"v2.3.0","sha":"16554a5fe814153d05cec133705bd583709a4124","kind":"tag","published_at":"2022-12-19T15:23:51.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.3.0","html_url":"https://github.com/varvet/pundit/releases/tag/v2.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.3.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.3.0/manifests"},{"name":"v2.2.0","sha":"d569083cdabdf10e935dcb79f982516bcf6e46e0","kind":"tag","published_at":"2022-02-11T12:10:12.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.2.0","html_url":"https://github.com/varvet/pundit/releases/tag/v2.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.2.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.2.0/manifests"},{"name":"v2.1.1","sha":"0b5c0824c1d35709f992a5fc73abbacddc7bcc45","kind":"tag","published_at":"2021-08-13T08:52:47.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.1.1","html_url":"https://github.com/varvet/pundit/releases/tag/v2.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.1.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.1.1/manifests"},{"name":"v2.1.0","sha":"a77abf82fd4a30a3c4ac52d5e4287387d73bd089","kind":"commit","published_at":"2019-08-14T11:30:17.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.1.0","html_url":"https://github.com/varvet/pundit/releases/tag/v2.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.1.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.1.0/manifests"},{"name":"v2.0.1","sha":"669744d949412557433b20fbb3184116d3c4d05c","kind":"commit","published_at":"2019-01-18T13:04:08.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.0.1","html_url":"https://github.com/varvet/pundit/releases/tag/v2.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.0.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.0.1/manifests"},{"name":"v2.0.0","sha":"a89cb3df21f010c26bea0e66f05c7f9c74b88469","kind":"commit","published_at":"2018-07-21T18:35:16.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.0.0","html_url":"https://github.com/varvet/pundit/releases/tag/v2.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.0.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.0.0/manifests"},{"name":"v2.0.0.beta1","sha":"66e49fa55b7eda82e850cfb7b2db2fce923b7bd3","kind":"commit","published_at":"2018-07-04T18:47:45.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v2.0.0.beta1","html_url":"https://github.com/varvet/pundit/releases/tag/v2.0.0.beta1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v2.0.0.beta1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.0.0.beta1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v2.0.0.beta1/manifests"},{"name":"v1.1.0","sha":"b0bdfbc0db601ea4cc6cfcb243a657396c3e0f82","kind":"tag","published_at":"2016-01-14T15:06:54.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v1.1.0","html_url":"https://github.com/varvet/pundit/releases/tag/v1.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v1.1.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v1.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v1.1.0/manifests"},{"name":"v1.0.1","sha":"145d7592c0028c26e61e8a9569ed3440323eaa40","kind":"tag","published_at":"2015-05-27T16:39:00.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v1.0.1","html_url":"https://github.com/varvet/pundit/releases/tag/v1.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v1.0.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v1.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v1.0.1/manifests"},{"name":"v1.0.0","sha":"582ee78c2b83cbd01d17e6768ff0f004a2c73eda","kind":"tag","published_at":"2015-04-19T11:27:30.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v1.0.0","html_url":"https://github.com/varvet/pundit/releases/tag/v1.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v1.0.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v1.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v1.0.0/manifests"},{"name":"v0.3.0","sha":"c5e7babdfedd7c539aa36e5b99e41b407e9495ee","kind":"tag","published_at":"2014-08-22T09:22:02.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v0.3.0","html_url":"https://github.com/varvet/pundit/releases/tag/v0.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v0.3.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.3.0/manifests"},{"name":"v0.2.3","sha":"0d6ed71adeec53794e43328ba19ce50c0f5ad001","kind":"tag","published_at":"2014-04-06T22:08:52.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v0.2.3","html_url":"https://github.com/varvet/pundit/releases/tag/v0.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v0.2.3","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.2.3/manifests"},{"name":"v0.2.2","sha":"41b3e61fba42d063f1824f2e5cdf69876663bd4f","kind":"tag","published_at":"2014-02-07T17:17:52.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v0.2.2","html_url":"https://github.com/varvet/pundit/releases/tag/v0.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v0.2.2","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.2.2/manifests"},{"name":"v0.2.1","sha":"f88d39b34f373e7bb9ddb09412b31ed608364652","kind":"commit","published_at":"2013-06-18T07:23:13.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v0.2.1","html_url":"https://github.com/varvet/pundit/releases/tag/v0.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v0.2.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.2.1/manifests"},{"name":"v0.2.0","sha":"f71aae268d24cd54ab716f557c7ddee47b1601b7","kind":"commit","published_at":"2013-01-08T08:48:57.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v0.2.0","html_url":"https://github.com/varvet/pundit/releases/tag/v0.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v0.2.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.2.0/manifests"},{"name":"v0.1.0","sha":"1a257bdcb16b69c9b1cd72f16e354ca2dde790f2","kind":"commit","published_at":"2012-11-19T12:52:52.000Z","download_url":"https://codeload.github.com/varvet/pundit/tar.gz/v0.1.0","html_url":"https://github.com/varvet/pundit/releases/tag/v0.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/varvet/pundit@v0.1.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/tags/v0.1.0/manifests"}]},"repo_metadata_updated_at":"2026-04-30T04:03:11.898Z","dependent_packages_count":119,"downloads":99617942,"downloads_period":"total","dependent_repos_count":10667,"rankings":{"downloads":0.33563408079749335,"dependent_repos_count":0.32727110536233983,"dependent_packages_count":0.293261671926049,"stargazers_count":0.1444007091803169,"forks_count":0.9082191322576689,"docker_downloads_count":0.5993465728526667,"average":0.43468887872942247},"purl":"pkg:gem/pundit","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/rubygems/pundit","docker_dependents_count":112,"docker_downloads_count":133640098,"usage_url":"https://repos.ecosyste.ms/usage/rubygems/pundit","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/rubygems/pundit/dependencies","status":null,"funding_links":[],"critical":true,"issue_metadata":{"last_synced_at":"2026-04-02T14:01:20.809Z","issues_count":80,"pull_requests_count":159,"avg_time_to_close_issue":25257539.0,"avg_time_to_close_pull_request":14098385.820143884,"issues_closed_count":67,"pull_requests_closed_count":139,"pull_request_authors_count":59,"issue_authors_count":74,"avg_comments_per_issue":3.7375,"avg_comments_per_pull_request":1.748427672955975,"merged_pull_requests_count":96,"bot_issues_count":0,"bot_pull_requests_count":0,"past_year_issues_count":5,"past_year_pull_requests_count":17,"past_year_avg_time_to_close_issue":5589899.2,"past_year_avg_time_to_close_pull_request":8312.357142857143,"past_year_issues_closed_count":5,"past_year_pull_requests_closed_count":14,"past_year_pull_request_authors_count":3,"past_year_issue_authors_count":4,"past_year_avg_comments_per_issue":1.8,"past_year_avg_comments_per_pull_request":0.5294117647058824,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":0,"past_year_merged_pull_requests_count":12,"issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/issues","maintainers":[{"login":"Burgestrand","count":72,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Burgestrand"},{"login":"Linuus","count":3,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Linuus"},{"login":"dgmstuart","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/dgmstuart"}],"active_maintainers":[{"login":"Burgestrand","count":15,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Burgestrand"}]},"versions_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages/pundit/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages/pundit/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages/pundit/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages/pundit/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages/pundit/codemeta","maintainers":[{"uuid":"296","login":"jnicklas","name":null,"email":null,"url":null,"packages_count":32,"html_url":"https://rubygems.org/profiles/jnicklas","role":null,"created_at":"2022-11-09T09:46:01.940Z","updated_at":"2022-11-09T09:46:01.940Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/jnicklas/packages"},{"uuid":"6731","login":"varvet","name":null,"email":null,"url":null,"packages_count":28,"html_url":"https://rubygems.org/profiles/varvet","role":null,"created_at":"2022-11-09T09:46:01.950Z","updated_at":"2022-11-09T09:46:01.950Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/varvet/packages"},{"uuid":"44779","login":"Burgestrand","name":null,"email":null,"url":null,"packages_count":32,"html_url":"https://rubygems.org/profiles/Burgestrand","role":null,"created_at":"2022-11-09T09:46:01.904Z","updated_at":"2022-11-09T09:46:01.904Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/Burgestrand/packages"}],"registry":{"name":"rubygems.org","url":"https://rubygems.org","ecosystem":"rubygems","default":true,"packages_count":205549,"maintainers_count":68473,"namespaces_count":0,"keywords_count":0,"github":"rubygems","metadata":{"funded_packages_count":7260},"icon_url":"https://github.com/rubygems.png","created_at":"2022-04-04T15:19:23.446Z","updated_at":"2026-04-03T06:42:17.024Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/namespaces"}},{"id":13779538,"name":"ruby-pundit","ecosystem":"ubuntu","description":null,"homepage":"https://github.com/varvet/pundit","licenses":null,"normalized_licenses":[],"repository_url":"https://github.com/varvet/pundit","keywords_array":["universe/misc"],"namespace":"universe","versions_count":1,"first_release_published_at":"2026-02-13T13:23:19.528Z","latest_release_published_at":"2026-02-13T13:23:19.528Z","latest_release_number":"2.1.0-1","last_synced_at":"2026-03-13T22:39:47.410Z","created_at":"2026-02-13T13:23:19.331Z","updated_at":"2026-03-13T22:39:47.410Z","registry_url":"https://launchpad.net/ubuntu/+source/ruby-pundit","install_command":"apt-get install ruby-pundit","documentation_url":null,"metadata":{"component":"universe","architecture":"all","priority":"optional","binary":"ruby-pundit","standards_version":"4.5.0","maintainer":"Debian Ruby Team \u003cpkg-ruby-extras-maintainers@lists.alioth.debian.org\u003e","build_depends":"debhelper-compat (= 13), gem2deb (\u003e= 1), pry, rake, ruby-actionpack, ruby-activemodel, ruby-rspec","build_depends_indep":null,"build_depends_arch":null},"repo_metadata":{},"repo_metadata_updated_at":"2026-02-13T13:23:20.162Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":0.0,"dependent_packages_count":0.0,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":100},"purl":"pkg:deb/ubuntu/ruby-pundit?arch=source\u0026distro=ubuntu-22.04\u0026repository_url=https://launchpad.net/ubuntu/jammy","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/ubuntu/ruby-pundit","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/ubuntu/ruby-pundit","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/ubuntu/ruby-pundit/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-22.04/packages/ruby-pundit/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-22.04/packages/ruby-pundit/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-22.04/packages/ruby-pundit/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-22.04/packages/ruby-pundit/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-22.04/packages/ruby-pundit/codemeta","maintainers":[],"registry":{"name":"ubuntu-22.04","url":"https://launchpad.net/ubuntu/jammy","ecosystem":"ubuntu","default":false,"packages_count":34289,"maintainers_count":0,"namespaces_count":4,"keywords_count":0,"github":"ubuntu","metadata":{"codename":"jammy"},"icon_url":"https://github.com/ubuntu.png","created_at":"2026-02-04T11:01:46.486Z","updated_at":"2026-04-27T18:20:36.155Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-22.04/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-22.04/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-22.04/namespaces"}},{"id":13407137,"name":"ruby-pundit","ecosystem":"ubuntu","description":null,"homepage":"https://github.com/varvet/pundit","licenses":null,"normalized_licenses":[],"repository_url":"https://github.com/varvet/pundit","keywords_array":["universe/misc"],"namespace":"universe","versions_count":1,"first_release_published_at":"2026-02-06T15:47:07.700Z","latest_release_published_at":"2026-02-06T15:47:07.700Z","latest_release_number":"2.1.0-1","last_synced_at":"2026-03-06T17:19:04.849Z","created_at":"2026-02-06T15:47:07.416Z","updated_at":"2026-03-06T17:19:04.850Z","registry_url":"https://launchpad.net/ubuntu/+source/ruby-pundit","install_command":"apt-get install ruby-pundit","documentation_url":null,"metadata":{"component":"universe","architecture":"all","priority":"optional","binary":"ruby-pundit","standards_version":"4.5.0","maintainer":"Debian Ruby Team \u003cpkg-ruby-extras-maintainers@lists.alioth.debian.org\u003e","build_depends":"debhelper-compat (= 13), gem2deb (\u003e= 1), pry, rake, ruby-actionpack, ruby-activemodel, ruby-rspec","build_depends_indep":null,"build_depends_arch":null},"repo_metadata":{},"repo_metadata_updated_at":null,"dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{},"purl":"pkg:deb/ubuntu/ruby-pundit?arch=source\u0026distro=ubuntu-24.04","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/ubuntu/ruby-pundit","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/ubuntu/ruby-pundit","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/ubuntu/ruby-pundit/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.04/packages/ruby-pundit/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.04/packages/ruby-pundit/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.04/packages/ruby-pundit/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.04/packages/ruby-pundit/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.04/packages/ruby-pundit/codemeta","maintainers":[],"registry":{"name":"ubuntu-24.04","url":"https://launchpad.net/ubuntu/noble","ecosystem":"ubuntu","default":true,"packages_count":37306,"maintainers_count":0,"namespaces_count":4,"keywords_count":0,"github":"ubuntu","metadata":{"codename":"noble"},"icon_url":"https://github.com/ubuntu.png","created_at":"2026-02-04T11:01:45.928Z","updated_at":"2026-04-27T18:20:35.701Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.04/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.04/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.04/namespaces"}}],"commits":{"id":3328,"full_name":"varvet/pundit","default_branch":"main","total_commits":509,"total_committers":147,"total_bot_commits":0,"total_bot_committers":0,"mean_commits":3.4625850340136055,"dds":0.7858546168958742,"past_year_total_commits":27,"past_year_total_committers":2,"past_year_total_bot_commits":0,"past_year_total_bot_committers":0,"past_year_mean_commits":13.5,"past_year_dds":0.11111111111111116,"last_synced_at":"2026-04-29T10:05:20.664Z","last_synced_commit":"06318683c960066a2e499341cb372e0ff4540334","created_at":"2023-03-07T09:17:15.389Z","updated_at":"2026-04-29T10:00:34.785Z","committers":[{"name":"Kim Burgestrand","email":"kim@burgestrand.se","login":"Burgestrand","count":109},{"name":"Jonas Nicklas","email":"jonas.nicklas@gmail.com","login":"jnicklas","count":62},{"name":"Linus Marton","email":"linus.pettersson@gmail.com","login":"Linuus","count":43},{"name":"Duncan Stuart","email":"dgmstuart@gmail.com","login":"dgmstuart","count":28},{"name":"Thomas Klemm","email":"github@tklemm.eu","login":"thomasklemm","count":26},{"name":"Olle Jonsson","email":"olle.jonsson@gmail.com","login":"olleolleolle","count":16},{"name":"Furkan Ural","email":"furkan@furkanural.dev","login":"furkanural","count":10},{"name":"Sjors Smits","email":"smits.sjors@gmail.com","login":"smitssjors","count":9},{"name":"Pablo Crivella","email":"pablocrivella@gmail.com","login":"pcriv","count":7},{"name":"qwyng","email":"ikusawasi@gmail.com","login":"QWYNG","count":6},{"name":"Jiazhen Xie","email":"fdf515@gmail.com","login":"JIAZHEN","count":5},{"name":"Jonas Nicklas and Kim Burgestrand","email":"dev+jonas+kim@elabs.se","login":null,"count":5},{"name":"Étienne Barrié","email":"etienne.barrie@gmail.com","login":"etiennebarrie","count":4},{"name":"John Otander","email":"johnotander@gmail.com","login":"johno","count":4},{"name":"Brendan Thomas","email":"bt331609@gmail.com","login":"brendanthomas1","count":4},{"name":"Jason Daly","email":"me@jasondaly.name","login":null,"count":4},{"name":"Chris Alley","email":"chris@chrisalley.info","login":"chrisalley","count":3},{"name":"Geremia Taglialatela","email":"tagliala.dev@gmail.com","login":"tagliala","count":3},{"name":"Jay Hayes","email":"ur@iamvery.com","login":"iamvery","count":3},{"name":"Johan André","email":"johan@significantbit.se","login":"johanandre","count":3},{"name":"Marcelo Guimarães","email":"marceloguimaraesti@gmail.com","login":"MarceloAGuimaraes","count":3},{"name":"Ryuichiro Suzuki","email":"dragon.aka.scooter@gmail.com","login":"SuzukiRyuichiro","count":3},{"name":"Ulysse Carion","email":"ulyssecarion@gmail.com","login":"ucarion","count":3},{"name":"Yoshiyuki Hirano","email":"yhirano@me.com","login":"yhirano55","count":3},{"name":"Eduardo Gutierrez","email":"eduardo@vermonster.com","login":"ecbypi","count":3},{"name":"Philip Vieira","email":"philip@vallin.se","login":null,"count":3},{"name":"Justin Gordon","email":"justin.gordon@gmail.com","login":"justin808","count":2},{"name":"Max Calabrese","email":"max.calabrese@ymail.com","login":"maxcal","count":2},{"name":"René Föhring","email":"rf@bamaru.de","login":"rrrene","count":2},{"name":"Sean Devine","email":"sean-devine@x-b-e.com","login":"barelyknown","count":2},{"name":"Thomas Walpole","email":"twalpole@gmail.com","login":"twalpole","count":2},{"name":"Timo Lehto","email":"timo@iwa.fi","login":"timolehto","count":2},{"name":"Alex Antonov","email":"asiniy","login":"asiniy","count":2},{"name":"Alex Emelyanov","email":"holyketzer@gmail.com","login":"holyketzer","count":2},{"name":"Andrey Novikov","email":"envek@envek.name","login":"Envek","count":2},{"name":"Ben Koshy","email":"benkoshy@hotmail.com","login":"benkoshy","count":2},{"name":"Brendon Murphy","email":"xternal1+github@gmail.com","login":"bemurphy","count":2},{"name":"Ian Young","email":"ian@iangreenleaf.com","login":"iangreenleaf","count":2},{"name":"Igor Kapkov","email":"igasgeek@me.com","login":null,"count":2},{"name":"nTraum","email":"philipp.press@blacklane.com","login":null,"count":2},{"name":"Jason Daly","email":"jason@deefour.me","login":"deefour","count":2},{"name":"Aaron Manaloto","email":"aaronpomanaloto@gmail.com","login":"aapomm","count":2},{"name":"284km","email":"k.furuhashi10@gmail.com","login":"284km","count":1},{"name":"Adrien","email":"adrien@siami.fr","login":"Intrepidd","count":1},{"name":"Alexander Nickol","email":"a.nickol@trust-nickol.de","login":"a-nickol","count":1},{"name":"Alexandra Ackerman","email":"aaackerman.dev@gmail.com","login":"aaackerman","count":1},{"name":"Anders Carling","email":"anders.carling@makropod.se","login":"anderscarling","count":1},{"name":"Andrew Moore","email":"amoore@babbel.com","login":"drewmoore","count":1},{"name":"Andrew N. Shalaev","email":"isqad88@yandex.ru","login":"ashalaev","count":1},{"name":"Andrey Deryabin","email":"deriabin@gmail.com","login":"aderyabin","count":1},{"name":"Andy Koch","email":"koch.andy@gmail.com","login":"somazx","count":1},{"name":"Andy Lindeman","email":"alindeman@gmail.com","login":"alindeman","count":1},{"name":"Andy Waite","email":"andyw8","login":"andyw8","count":1},{"name":"Anton Katunin","email":"antulik@gmail.com","login":"antulik","count":1},{"name":"Anton Lipich","email":"65355158+ASL20","login":"ASL20","count":1},{"name":"August Toman-Yih","email":"atomanyih","login":"atomanyih","count":1},{"name":"Ayrton De Craene","email":"ayrton.decraene@gmail.com","login":"ayrton","count":1},{"name":"Tom Rothe","email":"tom.rothe@bisdn.de","login":null,"count":1},{"name":"Thomas Carney","email":"thomas@chartmogul.com","login":null,"count":1},{"name":"Thom Mahoney","email":"tmahoney@engineyard.com","login":null,"count":1},{"name":"Ruslan Yakhyaev","email":"ruslan@ruslan.sk","login":null,"count":1},{"name":"Matt Ruzicka","email":"mattruzicka@gmail.com","login":null,"count":1},{"name":"Martin Sereinig","email":"martin.sereinig@lomography.com","login":null,"count":1},{"name":"Julian","email":"julian@asperasoft.com","login":null,"count":1},{"name":"Jonas Nicklas and Kim Burgestrand","email":"dev+jnicklas+burgestrand@elabs.se","login":null,"count":1},{"name":"Joel Cogen","email":"joel@redilio.us","login":null,"count":1},{"name":"Jeremy Weiskotten","email":"jeremy@weiskotten.com","login":null,"count":1},{"name":"Jay Hayes","email":"jay@bignerdranch.com","login":null,"count":1},{"name":"Jan Jedrychowski","email":"jan.jedrychowski@globalapptesting.com","login":null,"count":1},{"name":"Greg Fletcher","email":"greg.fletcher@rewind.io","login":null,"count":1},{"name":"Dillon Benson","email":"dillon.benson93@gmail.com","login":null,"count":1},{"name":"Brook Riggio","email":"brooke.riggio@gmail.com","login":null,"count":1},{"name":"Artem Bolshakov","email":"abolshakov@spbtv.com","login":null,"count":1},{"name":"Semyon Pupkov","email":"semen.pupkov@gmail.com","login":"artofhuman","count":1},{"name":"Samuel Williams","email":"samuel.williams@oriontransfer.co.nz","login":"ioquatix","count":1},{"name":"Ryan Lue","email":"hello@ryanlue.com","login":"rlue","count":1},{"name":"Ryan Hertz","email":"rhertz@fbsdata.com","login":"ryanhertz","count":1},{"name":"Ross-Hunter","email":"ross-hunter@ross-hunter.com","login":"Ross-Hunter","count":1},{"name":"Rob Murray","email":"robmurray17@gmail.com","login":"rob-murray","count":1},{"name":"Radan Skoric","email":"radan.skoric@gmail.com","login":"radanskoric","count":1},{"name":"Quico Moya","email":"me@qmoya.com","login":"qmoya","count":1},{"name":"Peter Goldstein","email":"peter.m.goldstein@gmail.com","login":"petergoldstein","count":1},{"name":"Pavel Shpak","email":"shpakvel@gmail.com","login":"ShPakvel","count":1},{"name":"Patrick Van Stee","email":"patrick@vanstee.me","login":"vanstee","count":1},{"name":"Nicolas Leger","email":"nicolasleger","login":"nicolasleger","count":1},{"name":"Nicolas Brousse","email":"nicolas@pantographe.studio","login":"nicolas-brousse","count":1},{"name":"Nick Rivadeneira","email":"nicholas.rivadeneira@gmail.com","login":"nickrivadeneira","count":1},{"name":"Nathan Long","email":"him@nathanmlong.com","login":"nathanl","count":1},{"name":"Nate Eizenga","email":"eizengan@gmail.com","login":"eizengan","count":1},{"name":"Milovan Zogovic","email":"milovan.zogovic@gmail.com","login":"assembler","count":1},{"name":"Mike Taylor","email":"local.mat@gmail.com","login":"sealocal","count":1},{"name":"y@su","email":"toyasyu@gmail.com","login":"yatmsu","count":1},{"name":"tomholford","email":"tomholford","login":"tomholford","count":1},{"name":"sudeeptarlekar","email":"sudeeptarlekar@gmail.com","login":"sudeeptarlekar","count":1},{"name":"pathouse","email":"patmcgee331@gmail.com","login":"pathouse","count":1},{"name":"natronic","email":"nathanroise@gmail.com","login":"natronic","count":1},{"name":"meganemura","email":"meganemura","login":"meganemura","count":1},{"name":"m-nakamura145","email":"masato.nakamura145@gmail.com","login":"m-nakamura145","count":1},{"name":"beanieboi","email":"beanie@benle.de","login":"beanieboi","count":1},{"name":"akmhmgc","email":"akimuhamaguchi@icloud.com","login":"akmhmgc","count":1},{"name":"Zach Taylor","email":"ztaylor234@gmail.com","login":"zach-taylor","count":1},{"name":"Wung S","email":"wungmathing@gmail.com","login":"wung-s","count":1},{"name":"Wojciech Mach","email":"wojtek@wojtekmach.pl","login":"wojtekmach","count":1},{"name":"Will Schive","email":"lexigram@goodworksonearth.org","login":"kathyonu","count":1},{"name":"Unknown_Guy","email":"janis.pamiljans@tieto.com","login":"Unknown-Guy","count":1},{"name":"Tim Cooper","email":"coop@latrobest.com","login":"coop","count":1},{"name":"Thu Trang Pham","email":"thuutrangpham@gmail.com","login":"TrangPham","count":1},{"name":"Steven Elberger","email":"stevenelberger@gmail.com","login":"StevenElberger","count":1},{"name":"Sergey Stupachenko","email":"sergey.stupachenko@gmail.com","login":"RaZer","count":1},{"name":"Mike Dillon","email":"mike@appropriate.io","login":"md5","count":1},{"name":"Glauco Custódio","email":"glauco.custodio@gmail.com","login":"glaucocustodio","count":1},{"name":"Frank Ploss","email":"mail@fqxp.de","login":"fqxp","count":1},{"name":"Fernando Valverde","email":"fernando@fdo.cr","login":"fdocr","count":1},{"name":"Erick Guan","email":"fantasticfears@gmail.com","login":"erickguan","count":1},{"name":"Eric Kelly","email":"heroiceric@gmail.com","login":"HeroicEric","count":1},{"name":"Eliot Sykes","email":"eliotsykes@gmail.com","login":"eliotsykes","count":1},{"name":"Dāvis Namsons","email":"davisnamsons@gmail.com","login":"dnamsons","count":1},{"name":"Dylan Fogarty-MacDonald","email":"dylan@dylanfm.com","login":"DylanFM","count":1},{"name":"David Singer","email":"david@ramaboo.com","login":"ramaboo","count":1},{"name":"Dave Riess","email":"daveriess@gmail.com","login":"daveriess","count":1},{"name":"Daniel Kehoe","email":"daniel@danielkehoe.com","login":"DanielKehoe","count":1},{"name":"Corneliu Stanciu","email":"scorneliu@gmail.com","login":"an0ther-koni","count":1},{"name":"Christian Nelson","email":"christian@carbonfive.com","login":"christiannelson","count":1},{"name":"Chris Legault","email":"chrislegault2011@gmail.com","login":"chrislegault","count":1},{"name":"Bruce Li","email":"ascendbruce@gmail.com","login":"ascendbruce","count":1},{"name":"Brian Muller","email":"bamuller@gmail.com","login":"bmuller","count":1},{"name":"Benjamin Fleischer","email":"github@benjaminfleischer.com","login":"bf4","count":1},{"name":"Ben Dilley","email":"ben@skillstream.co.uk","login":"bendilley","count":1},{"name":"Michał Darda","email":"michaldarda@gmail.com","login":"michaldarda","count":1},{"name":"Michael Yagudaev","email":"michael@nano3labs.com","login":"yagudaev","count":1},{"name":"Michael Emhofer","email":"michael.emhofer@lomography.com","login":"michaelem","count":1},{"name":"Max Katz","email":"maxwelljkatz@gmail.com","login":"mackshkatz","count":1},{"name":"Matthew Dodds","email":"matthewrusselldodds@gmail.com","login":"MatthewRDodds","count":1},{"name":"Masaki Takeuchi","email":"m.ishihara@gmail.com","login":"m4i","count":1},{"name":"Kir Shatrov","email":"shatrov@me.com","login":"kirs","count":1},{"name":"Juhamatti Niemelä","email":"iiska@iki.fi","login":"iiska","count":1},{"name":"Jordan Maguire","email":"a.jordan.maguire@gmail.com","login":"jordanmaguire","count":1},{"name":"Johannes Barre","email":"igel@igels.net","login":"iGEL","count":1},{"name":"Jerome Dalbert","email":"jerome.dalbert@gmail.com","login":"jeromedalbert","count":1},{"name":"Javier Aranda","email":"javier@aranda.dev","login":"javierav","count":1},{"name":"Ivan Storck","email":"ivan@ivanstorck.com","login":"ivanoats","count":1},{"name":"Henry Work","email":"henry.work@disney.com","login":"hwork","count":1},{"name":"Harm Matthias Harms","email":"harmmatthias.harms@gmail.com","login":"harm-matthias-harms","count":1},{"name":"Hari Gopal","email":"mail@harigopal.in","login":"harigopal","count":1},{"name":"Hallelujah","email":"hery@rails-royce.org","login":"hallelujah","count":1},{"name":"Guillaume","email":"djtal","login":"djtal","count":1},{"name":"Alex Popov","email":"alex.val.popov@gmail.com","login":null,"count":1}],"past_year_committers":[{"name":"Kim Burgestrand","email":"kim@burgestrand.se","login":"Burgestrand","count":24},{"name":"Linus Marton","email":"linus.pettersson@gmail.com","login":"Linuus","count":3}],"commits_url":"https://commits.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/commits","host":{"name":"GitHub","url":"https://github.com","kind":"github","last_synced_at":"2026-04-30T00:00:07.427Z","repositories_count":6223397,"commits_count":900024277,"contributors_count":34899964,"owners_count":1147576,"icon_url":"https://github.com/github.png","host_url":"https://commits.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://commits.ecosyste.ms/api/v1/hosts/GitHub/repositories"}},"issues_stats":{"full_name":"varvet/pundit","html_url":"https://github.com/varvet/pundit","last_synced_at":"2026-04-02T14:01:20.809Z","status":"active","issues_count":80,"pull_requests_count":159,"avg_time_to_close_issue":25257539.0,"avg_time_to_close_pull_request":14098385.820143884,"issues_closed_count":67,"pull_requests_closed_count":139,"pull_request_authors_count":59,"issue_authors_count":74,"avg_comments_per_issue":3.7375,"avg_comments_per_pull_request":1.748427672955975,"merged_pull_requests_count":96,"bot_issues_count":0,"bot_pull_requests_count":0,"past_year_issues_count":5,"past_year_pull_requests_count":17,"past_year_avg_time_to_close_issue":5589899.2,"past_year_avg_time_to_close_pull_request":8312.357142857143,"past_year_issues_closed_count":5,"past_year_pull_requests_closed_count":14,"past_year_pull_request_authors_count":3,"past_year_issue_authors_count":4,"past_year_avg_comments_per_issue":1.8,"past_year_avg_comments_per_pull_request":0.5294117647058824,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":0,"past_year_merged_pull_requests_count":12,"created_at":"2023-05-12T15:28:11.735Z","updated_at":"2026-04-02T14:01:20.809Z","repository_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit","issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/varvet%2Fpundit/issues","issue_labels_count":{"feature request":9,"waiting for response":8,"good first issue":7,"problem":5,"documentation":3,"needs reproduction":3,"question":3,"simmering":2,"wontfix":1},"pull_request_labels_count":{"waiting for response":11,"simmering":5,"good first issue":4,"needs updating":2,"documentation":2,"problem":1,"feature request":1},"issue_author_associations_count":{"NONE":65,"CONTRIBUTOR":8,"MEMBER":6,"COLLABORATOR":1},"pull_request_author_associations_count":{"MEMBER":66,"NONE":48,"CONTRIBUTOR":41,"COLLABORATOR":4},"issue_authors":{"Burgestrand":6,"sedubois":2,"james-em":1,"wonderphil":1,"bmulholland":1,"joelzwarrington":1,"MyklClason":1,"Linuus":1,"rlue":1,"Pharserror":1,"matthewjsummers":1,"martingregoire":1,"jamesst20":1,"alec-c4":1,"viamin":1,"ryanvall":1,"zulquairnain-tx":1,"prschmid":1,"4till2":1,"danielfone":1,"hallelujah":1,"amingilani":1,"evgenyneu":1,"davidkrider":1,"maxjacobson":1,"AndrewSwerlick":1,"mpvosseller":1,"jarosluv":1,"MarceloAGuimaraes":1,"beerlington":1,"yourtallness":1,"a666":1,"barelyknown":1,"muhammedtufekyapan":1,"vivekmiyani":1,"pas256":1,"tbehling":1,"itsNikolay":1,"thisismydesign":1,"eoinkelly":1,"drewmoore":1,"hgsgtk":1,"mattruzicka":1,"joemasilotti":1,"Skulli":1,"nitsujri":1,"metacritical":1,"Stivaros":1,"jasper502":1,"qichunren":1,"itskeerthivasan":1,"eizengan":1,"scarhand":1,"mattzollinhofer":1,"mices":1,"bennyzr":1,"dpaola2":1,"arvind0598":1,"nickjj":1,"3zcurdia":1,"fatfrog":1,"wrkrb33":1,"assembler":1,"ghost":1,"pjezusek":1,"ollpu":1,"oyeanuj":1,"HuaAnhMinh":1,"ioquatix":1,"Leee-xx":1,"kouroubel":1,"JalisoCSP":1,"albertski":1,"sekrett":1},"pull_request_authors":{"Burgestrand":66,"tagliala":8,"hobbypunk90":3,"SuzukiRyuichiro":2,"55728":2,"andyw8":2,"gregfletch":2,"boof":2,"m-nakamura145":2,"eizengan":2,"kenboo0426":2,"barelyknown":2,"langsharpe":2,"Numie":2,"javierav":2,"furkanural":2,"hoverjet":2,"mattzollinhofer":2,"MarceloAGuimaraes":2,"petergoldstein":2,"Linuus":2,"alec-c4":2,"StevenElberger":2,"dgmstuart":2,"a-nickol":2,"mrloop":2,"JasonnnW3000":2,"smitssjors":2,"rlue":2,"anderscarling":1,"natronic":1,"AnatoliiD":1,"jamesst20":1,"bradgessler":1,"fdocr":1,"milgner":1,"xanagi":1,"aurangzaib-danial":1,"bhtabor":1,"madleech":1,"QWYNG":1,"jeromedalbert":1,"ioquatix":1,"johanandre":1,"etiennebarrie":1,"chrisalley":1,"hallelujah":1,"sudeeptarlekar":1,"haruska":1,"gogiel":1,"drewmoore":1,"akmhmgc":1,"craigmcnamara":1,"masarakki":1,"harm-matthias-harms":1,"guppy0356":1,"glaucocustodio":1,"bf4":1,"TheDevJoao":1},"host":{"name":"GitHub","url":"https://github.com","kind":"github","last_synced_at":"2026-04-30T00:00:06.639Z","repositories_count":14448193,"issues_count":34185574,"pull_requests_count":112233628,"authors_count":11249282,"icon_url":"https://github.com/github.png","host_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories","owners_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/owners","authors_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors"},"past_year_issue_labels_count":{"problem":3,"documentation":1},"past_year_pull_request_labels_count":{},"past_year_issue_author_associations_count":{"NONE":3,"MEMBER":2},"past_year_pull_request_author_associations_count":{"MEMBER":13,"NONE":4},"past_year_issue_authors":{"Burgestrand":2,"maxjacobson":1,"mpvosseller":1,"wrkrb33":1},"past_year_pull_request_authors":{"Burgestrand":13,"55728":2,"alec-c4":2},"maintainers":[{"login":"Burgestrand","count":72,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Burgestrand"},{"login":"Linuus","count":3,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Linuus"},{"login":"dgmstuart","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/dgmstuart"}],"active_maintainers":[{"login":"Burgestrand","count":15,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/Burgestrand"}]},"events":{"total":{"DeleteEvent":15,"PullRequestEvent":31,"ForkEvent":26,"IssuesEvent":17,"WatchEvent":213,"IssueCommentEvent":69,"PushEvent":43,"PullRequestReviewCommentEvent":4,"PullRequestReviewEvent":5,"CreateEvent":13},"last_year":{"DeleteEvent":7,"PullRequestEvent":11,"ForkEvent":6,"IssuesEvent":5,"WatchEvent":79,"IssueCommentEvent":21,"PushEvent":22,"PullRequestReviewCommentEvent":2,"CreateEvent":8}},"keywords":["ruby"],"dependencies":[{"ecosystem":"rubygems","filepath":"pundit.gemspec","sha":null,"kind":"manifest","created_at":"2022-07-06T02:00:24.188Z","updated_at":"2022-07-06T02:00:24.188Z","repository_link":"https://github.com/varvet/pundit/blob/main/pundit.gemspec","dependencies":[{"id":107406282,"package_name":"activesupport","ecosystem":"rubygems","requirements":"\u003e= 3.0.0","direct":true,"kind":"runtime","optional":false},{"id":107406283,"package_name":"actionpack","ecosystem":"rubygems","requirements":"\u003e= 3.0.0","direct":true,"kind":"development","optional":false},{"id":107406284,"package_name":"activemodel","ecosystem":"rubygems","requirements":"\u003e= 3.0.0","direct":true,"kind":"development","optional":false},{"id":107406285,"package_name":"bundler","ecosystem":"rubygems","requirements":"\u003e= 0","direct":true,"kind":"development","optional":false},{"id":107406286,"package_name":"pry","ecosystem":"rubygems","requirements":"\u003e= 0","direct":true,"kind":"development","optional":false},{"id":107406287,"package_name":"railties","ecosystem":"rubygems","requirements":"\u003e= 3.0.0","direct":true,"kind":"development","optional":false},{"id":107406288,"package_name":"rake","ecosystem":"rubygems","requirements":"\u003e= 0","direct":true,"kind":"development","optional":false},{"id":107406289,"package_name":"rspec","ecosystem":"rubygems","requirements":"\u003e= 3.0.0","direct":true,"kind":"development","optional":false},{"id":107406290,"package_name":"rubocop","ecosystem":"rubygems","requirements":"= 1.24.0","direct":true,"kind":"development","optional":false},{"id":107406291,"package_name":"simplecov","ecosystem":"rubygems","requirements":"\u003e= 0.17.0","direct":true,"kind":"development","optional":false},{"id":107406292,"package_name":"yard","ecosystem":"rubygems","requirements":"\u003e= 0","direct":true,"kind":"development","optional":false}]},{"ecosystem":"actions","filepath":".github/workflows/main.yml","sha":null,"kind":"manifest","created_at":"2023-10-12T17:23:52.660Z","updated_at":"2023-10-12T17:23:52.660Z","repository_link":"https://github.com/varvet/pundit/blob/main/.github/workflows/main.yml","dependencies":[{"id":14178077064,"package_name":"actions/checkout","ecosystem":"actions","requirements":"v3","direct":true,"kind":"composite","optional":false},{"id":14178077065,"package_name":"ruby/setup-ruby","ecosystem":"actions","requirements":"v1","direct":true,"kind":"composite","optional":false}]},{"ecosystem":"rubygems","filepath":"Gemfile","sha":null,"kind":"manifest","created_at":"2023-10-12T17:23:52.677Z","updated_at":"2023-10-12T17:23:52.677Z","repository_link":"https://github.com/varvet/pundit/blob/main/Gemfile","dependencies":[]}],"score":34.00068071938467,"created_at":"2024-12-15T21:38:08.512Z","updated_at":"2026-04-30T05:01:24.053Z","avatar_url":"https://github.com/varvet.png","language":"Ruby","monthly_downloads":0,"readme":"# Pundit\n\n[![Main](https://github.com/varvet/pundit/actions/workflows/main.yml/badge.svg)](https://github.com/varvet/pundit/actions/workflows/main.yml)\n[![Inline docs](https://inch-ci.org/github/varvet/pundit.svg?branch=main)](https://inch-ci.org/github/varvet/pundit)\n[![Gem Version](https://badge.fury.io/rb/pundit.svg)](https://badge.fury.io/rb/pundit)\n\nPundit provides a set of helpers which guide you in leveraging regular Ruby\nclasses and object oriented design patterns to build a straightforward, robust, and\nscalable authorization system.\n\n## Links:\n\n- [API documentation for the most recent version](https://www.rubydoc.info/gems/pundit)\n- [Source Code](https://github.com/varvet/pundit)\n- [Contributing](https://github.com/varvet/pundit/blob/main/CONTRIBUTING.md)\n- [Code of Conduct](https://github.com/varvet/pundit/blob/main/CODE_OF_CONDUCT.md)\n\n\u003cstrong\u003eSponsored by:\u003c/strong\u003e \u003ca href=\"https://www.varvet.com\"\u003eVarvet\u003cbr\u003e\u003cbr\u003e\u003cimg src=\"https://github.com/varvet/pundit/assets/99166/aa9efa0a-6903-4037-abee-1824edc57f1a\" alt=\"Varvet logo\" height=\"120\"\u003e\u003c/div\u003e\n\n## Installation\n\n\u003e **Please note** that the README on GitHub is accurate with the _latest code on GitHub_. You are most likely using a released version of Pundit, so please refer to the [documentation for the latest released version of Pundit](https://www.rubydoc.info/gems/pundit).\n\n``` sh\nbundle add pundit\n```\n\nInclude `Pundit::Authorization` in your application controller:\n\n``` ruby\nclass ApplicationController \u003c ActionController::Base\n  include Pundit::Authorization\nend\n```\n\nOptionally, you can run the generator, which will set up an application policy\nwith some useful defaults for you:\n\n``` sh\nrails g pundit:install\n```\n\nAfter generating your application policy, restart the Rails server so that Rails\ncan pick up any classes in the new `app/policies/` directory.\n\n## Policies\n\nPundit is focused around the notion of policy classes. We suggest that you put\nthese classes in `app/policies`. This is an example that allows updating a post\nif the user is an admin, or if the post is unpublished:\n\n``` ruby\nclass PostPolicy\n  attr_reader :user, :post\n\n  def initialize(user, post)\n    @user = user\n    @post = post\n  end\n\n  def update?\n    user.admin? || !post.published?\n  end\nend\n```\n\nAs you can see, this is a plain Ruby class. Pundit makes the following\nassumptions about this class:\n\n- The class has the same name as some kind of model class, only suffixed\n  with the word \"Policy\".\n- The first argument is a user. In your controller, Pundit will call the\n  `current_user` method to retrieve what to send into this argument\n- The second argument is some kind of model object, whose authorization\n  you want to check. This does not need to be an ActiveRecord or even\n  an ActiveModel object, it can be anything really.\n- The class implements some kind of query method, in this case `update?`.\n  Usually, this will map to the name of a particular controller action.\n\nThat's it really.\n\nUsually you'll want to inherit from the application policy created by the\ngenerator, or set up your own base class to inherit from:\n\n``` ruby\nclass PostPolicy \u003c ApplicationPolicy\n  def update?\n    user.admin? or not record.published?\n  end\nend\n```\n\nIn the generated `ApplicationPolicy`, the model object is called `record`.\n\nSupposing that you have an instance of class `Post`, Pundit now lets you do\nthis in your controller:\n\n``` ruby\ndef update\n  @post = Post.find(params[:id])\n  authorize @post\n  if @post.update(post_params)\n    redirect_to @post\n  else\n    render :edit\n  end\nend\n```\n\nThe authorize method automatically infers that `Post` will have a matching\n`PostPolicy` class, and instantiates this class, handing in the current user\nand the given record. It then infers from the action name, that it should call\n`update?` on this instance of the policy. In this case, you can imagine that\n`authorize` would have done something like this:\n\n``` ruby\nunless PostPolicy.new(current_user, @post).update?\n  raise Pundit::NotAuthorizedError, \"not allowed to PostPolicy#update? this Post\"\nend\n```\n\nYou can pass a second argument to `authorize` if the name of the permission you\nwant to check doesn't match the action name. For example:\n\n``` ruby\ndef publish\n  @post = Post.find(params[:id])\n  authorize @post, :update?\n  @post.publish!\n  redirect_to @post\nend\n```\n\nYou can pass an argument to override the policy class if necessary. For example:\n\n```ruby\ndef create\n  @publication = find_publication # assume this method returns any model that behaves like a publication\n  # @publication.class =\u003e Post\n  authorize @publication, policy_class: PublicationPolicy\n  @publication.publish!\n  redirect_to @publication\nend\n```\n\nIf you don't have an instance for the first argument to `authorize`, then you can pass\nthe class. For example:\n\nPolicy:\n```ruby\nclass PostPolicy \u003c ApplicationPolicy\n  def admin_list?\n    user.admin?\n  end\nend\n```\n\nController:\n```ruby\ndef admin_list\n  authorize Post # we don't have a particular post to authorize\n  # Rest of controller action\nend\n```\n\n`authorize` returns the instance passed to it, so you can chain it like this:\n\nController:\n```ruby\ndef show\n  @user = authorize User.find(params[:id])\nend\n```\n\nYou can easily get a hold of an instance of the policy through the `policy`\nmethod in both the view and controller. This is especially useful for\nconditionally showing links or buttons in the view:\n\n``` erb\n\u003c% if policy(@post).update? %\u003e\n  \u003c%= link_to \"Edit post\", edit_post_path(@post) %\u003e\n\u003c% end %\u003e\n```\n## Headless policies\n\nGiven there is a policy without a corresponding model / ruby class,\nyou can retrieve it by passing a symbol.\n\n```ruby\n# app/policies/dashboard_policy.rb\nclass DashboardPolicy\n  attr_reader :user\n\n  # `_record` in this example will be :dashboard\n  def initialize(user, _record)\n    @user = user\n  end\n\n  def show?\n    user.admin?\n  end\nend\n```\n\nNote that the headless policy still needs to accept two arguments. The\nsecond argument will be the symbol `:dashboard` in this case, which\nis what is passed as the record to `authorize` below.\n\n```ruby\n# In controllers\ndef show\n  authorize :dashboard, :show?\n  ...\nend\n```\n\n```erb\n# In views\n\u003c% if policy(:dashboard).show? %\u003e\n  \u003c%= link_to 'Dashboard', dashboard_path %\u003e\n\u003c% end %\u003e\n```\n\n## Scopes\n\nOften, you will want to have some kind of view listing records which a\nparticular user has access to. When using Pundit, you are expected to\ndefine a class called a policy scope. It can look something like this:\n\n``` ruby\nclass PostPolicy \u003c ApplicationPolicy\n  class Scope\n    def initialize(user, scope)\n      @user  = user\n      @scope = scope\n    end\n\n    def resolve\n      if user.admin?\n        scope.all\n      else\n        scope.where(published: true)\n      end\n    end\n\n    private\n\n    attr_reader :user, :scope\n  end\n\n  def update?\n    user.admin? or not record.published?\n  end\nend\n```\n\nPundit makes the following assumptions about this class:\n\n- The class has the name `Scope` and is nested under the policy class.\n- The first argument is a user. In your controller, Pundit will call the\n  `current_user` method to retrieve what to send into this argument.\n- The second argument is a scope of some kind on which to perform some kind of\n  query. It will usually be an ActiveRecord class or a\n  `ActiveRecord::Relation`, but it could be something else entirely.\n- Instances of this class respond to the method `resolve`, which should return\n  some kind of result which can be iterated over. For ActiveRecord classes,\n  this would usually be an `ActiveRecord::Relation`.\n\nYou'll probably want to inherit from the application policy scope generated by the\ngenerator, or create your own base class to inherit from:\n\n``` ruby\nclass PostPolicy \u003c ApplicationPolicy\n  class Scope \u003c ApplicationPolicy::Scope\n    def resolve\n      if user.admin?\n        scope.all\n      else\n        scope.where(published: true)\n      end\n    end\n  end\n\n  def update?\n    user.admin? or not record.published?\n  end\nend\n```\n\nYou can now use this class from your controller via the `policy_scope` method:\n\n``` ruby\ndef index\n  @posts = policy_scope(Post)\nend\n\ndef show\n  @post = policy_scope(Post).find(params[:id])\nend\n```\n\nLike with the authorize method, you can also override the policy scope class:\n\n``` ruby\ndef index\n  # publication_class =\u003e Post\n  @publications = policy_scope(publication_class, policy_scope_class: PublicationPolicy::Scope)\nend\n```\n\nIn this case it is a shortcut for doing:\n\n``` ruby\ndef index\n  @publications = PublicationPolicy::Scope.new(current_user, Post).resolve\nend\n```\n\nYou can, and are encouraged to, use this method in views:\n\n``` erb\n\u003c% policy_scope(@user.posts).each do |post| %\u003e\n  \u003cp\u003e\u003c%= link_to post.title, post_path(post) %\u003e\u003c/p\u003e\n\u003c% end %\u003e\n```\n\n## Ensuring policies and scopes are used\n\nWhen you are developing an application with Pundit it can be easy to forget to\nauthorize some action. People are forgetful after all. Since Pundit encourages\nyou to add the `authorize` call manually to each controller action, it's really\neasy to miss one.\n\nThankfully, Pundit has a handy feature which reminds you in case you forget.\nPundit tracks whether you have called `authorize` anywhere in your controller\naction. Pundit also adds a method to your controllers called\n`verify_authorized`. This method will raise an exception if `authorize` has not\nyet been called. You should run this method in an `after_action` hook to ensure\nthat you haven't forgotten to authorize the action. For example:\n\n``` ruby\nclass ApplicationController \u003c ActionController::Base\n  include Pundit::Authorization\n  after_action :verify_authorized\nend\n```\n\nLikewise, Pundit also adds `verify_policy_scoped` to your controller. This\nwill raise an exception similar to `verify_authorized`. However, it tracks\nif `policy_scope` is used instead of `authorize`. This is mostly useful for\ncontroller actions like `index` which find collections with a scope and don't\nauthorize individual instances.\n\n``` ruby\nclass ApplicationController \u003c ActionController::Base\n  include Pundit::Authorization\n  after_action :verify_pundit_authorization\n\n  def verify_pundit_authorization\n    if action_name == \"index\"\n      verify_policy_scoped\n    else\n      verify_authorized\n    end\n  end\nend\n```\n\n**This verification mechanism only exists to aid you while developing your\napplication, so you don't forget to call `authorize`. It is not some kind of\nfailsafe mechanism or authorization mechanism. You should be able to remove\nthese filters without affecting how your app works in any way.**\n\nSome people have found this feature confusing, while many others\nfind it extremely helpful. If you fall into the category of people who find it\nconfusing then you do not need to use it. Pundit will work fine without\nusing `verify_authorized` and `verify_policy_scoped`.\n\n### Conditional verification\n\nIf you're using `verify_authorized` in your controllers but need to\nconditionally bypass verification, you can use `skip_authorization`. For\nbypassing `verify_policy_scoped`, use `skip_policy_scope`. These are useful\nin circumstances where you don't want to disable verification for the\nentire action, but have some cases where you intend to not authorize.\n\n```ruby\ndef show\n  record = Record.find_by(attribute: \"value\")\n  if record.present?\n    authorize record\n  else\n    skip_authorization\n  end\nend\n```\n\n## Manually specifying policy classes\n\nSometimes you might want to explicitly declare which policy to use for a given\nclass, instead of letting Pundit infer it. This can be done like so:\n\n``` ruby\nclass Post\n  def self.policy_class\n    PostablePolicy\n  end\nend\n```\n\nAlternatively, you can declare an instance method:\n\n``` ruby\nclass Post\n  def policy_class\n    PostablePolicy\n  end\nend\n```\n\n## Plain old Ruby\n\nPundit is a very small library on purpose, and it doesn't do anything you can't do yourself. There's no secret sauce here. It does as little as possible, and then gets out of your way.\n\nWith the few but powerful helpers available in Pundit, you have the power to build a well structured, fully working authorization system without using any special DSLs or funky syntax.\n\nRemember that all of the policy and scope classes are plain Ruby classes, which means you can use the same mechanisms you always use to DRY things up. Encapsulate a set of permissions into a module and include them in multiple policies. Use `alias_method` to make some permissions behave the same as others. Inherit from a base set of permissions. Use metaprogramming if you really have to.\n\n## Generator\n\nUse the supplied generator to generate policies:\n\n``` sh\nrails g pundit:policy post\n```\n\n## Closed systems\n\nIn many applications, only logged in users are really able to do anything. If\nyou're building such a system, it can be kind of cumbersome to check that the\nuser in a policy isn't `nil` for every single permission. Aside from policies,\nyou can add this check to the base class for scopes.\n\nWe suggest that you define a filter that redirects unauthenticated users to the\nlogin page. As a secondary defence, if you've defined an ApplicationPolicy, it\nmight be a good idea to raise an exception if somehow an unauthenticated user\ngot through. This way you can fail more gracefully.\n\n``` ruby\nclass ApplicationPolicy\n  def initialize(user, record)\n    raise Pundit::NotAuthorizedError, \"must be logged in\" unless user\n    @user   = user\n    @record = record\n  end\n\n  class Scope\n    attr_reader :user, :scope\n\n    def initialize(user, scope)\n      raise Pundit::NotAuthorizedError, \"must be logged in\" unless user\n      @user = user\n      @scope = scope\n    end\n  end\nend\n```\n\n## NilClassPolicy\n\nTo support a [null object pattern](https://en.wikipedia.org/wiki/Null_Object_pattern)\nyou may find that you want to implement a `NilClassPolicy`. This might be useful\nwhere you want to extend your ApplicationPolicy to allow some tolerance of, for\nexample, associations which might be `nil`.\n\n```ruby\nclass NilClassPolicy \u003c ApplicationPolicy\n  class Scope \u003c ApplicationPolicy::Scope\n    def resolve\n      raise Pundit::NotDefinedError, \"Cannot scope NilClass\"\n    end\n  end\n\n  def show?\n    false # Nobody can see nothing\n  end\nend\n```\n\n## Rescuing a denied Authorization in Rails\n\nPundit raises a `Pundit::NotAuthorizedError` you can\n[rescue_from](https://guides.rubyonrails.org/action_controller_overview.html#rescue-from)\nin your `ApplicationController`. You can customize the `user_not_authorized`\nmethod in every controller.\n\n```ruby\nclass ApplicationController \u003c ActionController::Base\n  include Pundit::Authorization\n\n  rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized\n\n  private\n\n  def user_not_authorized\n    flash[:alert] = \"You are not authorized to perform this action.\"\n    redirect_back_or_to(root_path)\n  end\nend\n```\n\nAlternatively, you can globally handle Pundit::NotAuthorizedError's by having rails handle them as a 403 error and serving a 403 error page. Add the following to application.rb:\n\n```config.action_dispatch.rescue_responses[\"Pundit::NotAuthorizedError\"] = :forbidden```\n\n## Creating custom error messages\n\n`NotAuthorizedError`s provide information on what query (e.g. `:create?`), what\nrecord (e.g. an instance of `Post`), and what policy (e.g. an instance of\n`PostPolicy`) caused the error to be raised.\n\nOne way to use these `query`, `record`, and `policy` properties is to connect\nthem with `I18n` to generate error messages. Here's how you might go about doing\nthat.\n\n```ruby\nclass ApplicationController \u003c ActionController::Base\n rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized\n\n private\n\n def user_not_authorized(exception)\n   policy_name = exception.policy.class.to_s.underscore\n\n   flash[:error] = t \"#{policy_name}.#{exception.query}\", scope: \"pundit\", default: :default\n   redirect_back_or_to(root_path)\n end\nend\n```\n\n```yaml\nen:\n pundit:\n   default: 'You cannot perform this action.'\n   post_policy:\n     update?: 'You cannot edit this post!'\n     create?: 'You cannot create posts!'\n```\n\nThis is an example. Pundit is agnostic as to how you implement your error messaging.\n\n## Manually retrieving policies and scopes\n\nSometimes you want to retrieve a policy for a record outside the controller or\nview. For example when you delegate permissions from one policy to another.\n\nYou can easily retrieve policies and scopes like this:\n\n``` ruby\nPundit.policy!(user, post)\nPundit.policy(user, post)\n\nPundit.policy_scope!(user, Post)\nPundit.policy_scope(user, Post)\n```\n\nThe bang methods will raise an exception if the policy does not exist, whereas\nthose without the bang will return nil.\n\n## Customize Pundit user\n\nOn occasion, your controller may be unable to access `current_user`, or the method that should be invoked by Pundit may not be `current_user`. To address this, you can define a method in your controller named `pundit_user`.\n\n```ruby\ndef pundit_user\n  User.find_by_other_means\nend\n```\n\nFor instance, Rails 8 includes a built-in [authentication generator](https://github.com/rails/rails/tree/8-0-stable/railties/lib/rails/generators/rails/authentication). If you choose to use it, the currently logged-in user is accessed via `Current.user` instead of `current_user`.\n\nTo ensure compatibility with Pundit, define a `pundit_user` method in `application_controller.rb` (or another suitable location) as follows:\n\n```ruby\ndef pundit_user\n  Current.user\nend\n```\n\n### Handling User Switching in Pundit\n\nWhen switching users in your application, it's important to reset the Pundit user context to ensure that authorization policies are applied correctly for the new user. Pundit caches the user context, so failing to reset it could result in incorrect permissions being applied.\n\nTo handle user switching, you can use the following pattern in your controller:\n\n```ruby\nclass ApplicationController\n  include Pundit::Authorization\n\n  def switch_user_to(user)\n    terminate_session if authenticated?\n    start_new_session_for user\n    pundit_reset!\n  end\nend\n```\n\nMake sure to invoke `pundit_reset!` whenever changing the user. This ensures the cached authorization context is reset, preventing any incorrect permissions from being applied.\n\n## Policy Namespacing\n\nIn some cases it might be helpful to have multiple policies that serve different contexts for a resource. A prime example of this is the case where User policies differ from Admin policies. To authorize with a namespaced policy, pass the namespace into the `authorize` helper in an array:\n\n```ruby\nauthorize(post)                   # =\u003e will look for a PostPolicy\nauthorize([:admin, post])         # =\u003e will look for an Admin::PostPolicy\nauthorize([:foo, :bar, post])     # =\u003e will look for a Foo::Bar::PostPolicy\n\npolicy_scope(Post)                # =\u003e will look for a PostPolicy::Scope\npolicy_scope([:admin, Post])      # =\u003e will look for an Admin::PostPolicy::Scope\npolicy_scope([:foo, :bar, Post])  # =\u003e will look for a Foo::Bar::PostPolicy::Scope\n```\n\nIf you are using namespaced policies for something like Admin areas, we recommend defining a `pundit_namespace` hook in your `ApplicationController` and overriding it in namespaced controllers:\n\n```ruby\nclass ApplicationController \u003c ActionController::Base\n  include Pundit::Authorization\n\n  private\n\n  def pundit_namespace(record) = record\n\n  def authorize(record, ...) = super(pundit_namespace(record), ...)\n  def policy_scope(scope, ...) = super(pundit_namespace(scope), ...)\nend\n\nclass AdminController \u003c ApplicationController\n  private\n\n  # Override the pundit namespace in Admin.\n  def pundit_namespace(record) = [:admin, record]\nend\n\nclass Admin::PostController \u003c AdminController\n  def index\n    policy_scope(Post)\n  end\n\n  def show\n    post = authorize Post.find(params[:id])\n  end\nend\n```\n\n## Additional context\n\nPundit strongly encourages you to model your application in such a way that the\nonly context you need for authorization is a user object and a domain model that\nyou want to check authorization for. If you find yourself needing more context than\nthat, consider whether you are authorizing the right domain model, maybe another\ndomain model (or a wrapper around multiple domain models) can provide the context\nyou need.\n\nPundit does not allow you to pass additional arguments to policies for precisely\nthis reason.\n\nHowever, in very rare cases, you might need to authorize based on more context than just\nthe currently authenticated user. Suppose for example that authorization is dependent\non IP address in addition to the authenticated user. In that case, one option is to\ncreate a special class which wraps up both user and IP and passes it to the policy.\n\n``` ruby\nclass UserContext \u003c Data.define(:user, :ip)\nend\n\nclass ApplicationController\n  include Pundit::Authorization\n\n  def pundit_user = UserContext.new(current_user, request.ip)\nend\n```\n\n## Strong parameters\n\nIn Rails, [mass-assignment protection is handled in the controller](https://guides.rubyonrails.org/action_controller_overview.html#strong-parameters). With Pundit you can control which attributes a user has access to update via your policies. You can set up an `expected_attributes_for_action(action_name)` method in your policy like this:\n\n```ruby\n# app/policies/post_policy.rb\nclass PostPolicy \u003c ApplicationPolicy\n  def expected_attributes_for_action(_action_name)\n    if user.admin? || user.owner_of?(post)\n      [:title, :body, :tag_list]\n    else\n      [:tag_list]\n    end\n  end\nend\n```\n\nYou can now retrieve these attributes from the policy:\n\n```ruby\n# app/controllers/posts_controller.rb\nclass PostsController \u003c ApplicationController\n  def update\n    @post = Post.find(params[:id])\n    if @post.update(post_params)\n      redirect_to @post\n    else\n      render :edit\n    end\n  end\n\n  private\n\n  def post_params\n    params.expect(policy(@post).expected_attributes_for_action(action_name))\n  end\nend\n```\n\nHowever, this is a bit cumbersome, so Pundit provides a convenient helper method with `#expected_attributes`:\n\n```ruby\n# app/controllers/posts_controller.rb\nclass PostsController \u003c ApplicationController\n  def update\n    @post = Post.find(params[:id])\n    if @post.update(expected_attributes(@post))\n      redirect_to @post\n    else\n      render :edit\n    end\n  end\nend\n```\n\n### Permitted Parameters\n\nPundit still support the old `params.require.permit()` style of permitting attributes, although `params.expect()` is preferred.\n\nIf you need to fetch parameters based on namespaces different from the suggested one, override the below method, in your controller, and return an instance of `ActionController::Parameters`.\n\n```ruby\ndef pundit_params_for(record)\n  params.require(pundit_param_key(record))\nend\n```\n\nFor example:\n\n```ruby\n# If you don't want to use require\ndef pundit_params_for(record)\n  params.fetch(pundit_param_key(record), {})\nend\n\n# If you are using something like the JSON API spec\ndef pundit_params_for(_record)\n  params.fetch(:data, {}).fetch(:attributes, {})\nend\n```\n\n## RSpec\n\n### Policy Specs\n\n\u003e [!TIP]\n\u003e An alternative approach to Pundit policy specs is scoping them to a user context as outlined in this\n[excellent post](https://thunderboltlabs.com/blog/2013/03/27/testing-pundit-policies-with-rspec/) and implemented in the third party [pundit-matchers](https://github.com/punditcommunity/pundit-matchers) gem.\n\nPundit includes a mini-DSL for writing expressive tests for your policies in RSpec.\nRequire `pundit/rspec` in your `spec_helper.rb`:\n\n``` ruby\nrequire \"pundit/rspec\"\n```\n\nThen put your policy specs in `spec/policies`, and make them look somewhat like this:\n\n``` ruby\ndescribe PostPolicy do\n  subject { described_class }\n\n  permissions :update?, :edit? do\n    it \"denies access if post is published\" do\n      expect(subject).not_to permit(User.new(admin: false), Post.new(published: true))\n    end\n\n    it \"grants access if post is published and user is an admin\" do\n      expect(subject).to permit(User.new(admin: true), Post.new(published: true))\n    end\n\n    it \"grants access if post is unpublished\" do\n      expect(subject).to permit(User.new(admin: false), Post.new(published: false))\n    end\n  end\nend\n```\n\n### Custom matcher description\n\nBy default rspec includes an inspected `user` and `record` in the matcher description, which might become overly verbose:\n\n```\nPostPolicy\n  update? and show?\n    is expected to permit #\u003cUser:0x0000000104aefd80\u003e and #\u003cPost:0x0000000104aef8d0 @user=#\u003cUser:0x0000000104aefd80\u003e\u003e\n```\n\nYou can override the default description with a static string, or a block:\n\n```ruby\n# static alternative: Pundit::RSpec::Matchers.description = \"permit the user\"\nPundit::RSpec::Matchers.description = -\u003e(user, record) do\n  \"permit user with role #{user.role} to access record with ID #{record.id}\"\nend\n```\n\nWhich would make for a less chatty output:\n\n```\nPostPolicy\n  update? and show?\n    is expected to permit user with role admin to access record with ID 130\n```\n\n### Focus Support\n\nIf your RSpec config has `filter_run_when_matching :focus`, you may tag the `permissions` helper like so:\n\n```\npermissions :show?, :focus do\n```\n\n### Scope Specs\n\nPundit does not provide a DSL for testing scopes. Test them like you would a regular Ruby class!\n\n### Linting with RuboCop RSpec\n\nWhen you lint your RSpec spec files with `rubocop-rspec`, it will fail to properly detect RSpec constructs that Pundit defines, `permissions`.\nMake sure to use `rubocop-rspec` 2.0 or newer and add the following to your `.rubocop.yml`:\n\n```yaml\ninherit_gem:\n  pundit: config/rubocop-rspec.yml\n```\n\n# External Resources\n\n- [RailsApps Example Application: Pundit and Devise](https://github.com/RailsApps/rails-devise-pundit)\n- [Migrating to Pundit from CanCan](https://blog.carbonfive.com/2013/10/21/migrating-to-pundit-from-cancan/)\n- [Testing Pundit Policies with RSpec](https://thunderboltlabs.com/blog/2013/03/27/testing-pundit-policies-with-rspec/)\n- [Testing Pundit with Minitest](https://github.com/varvet/pundit/issues/204#issuecomment-60166450)\n- [Using Pundit outside of a Rails controller](https://github.com/varvet/pundit/pull/136)\n- [Straightforward Rails Authorization with Pundit](https://www.sitepoint.com/straightforward-rails-authorization-with-pundit/)\n\n## Other implementations\n\n- [Flask-Pundit](https://github.com/anurag90x/flask-pundit) (Python) is a [Flask](https://flask.pocoo.org/) extension \"heavily inspired by\" Pundit\n\n# License\n\nLicensed under the MIT license, see the separate LICENSE.txt file.\n","funding_links":[],"readme_doi_urls":[],"works":{},"citation_counts":{},"total_citations":0,"keywords_from_contributors":["activerecord","activejob","mvc","rspec","rubygems","rack","rubocop","ruby-gem","code-formatter","static-code-analysis"],"project_url":"https://ruby.ecosyste.ms/api/v1/projects/614","html_url":"https://ruby.ecosyste.ms/projects/614"}