Skip to content

Add Unused Dependency Check for Ruby Gems #63

New issue
New issue
Open
Open
Add Unused Dependency Check for Ruby Gems#63
Labels
enhancementNew feature or request
@mridang

Description

@mridang
mridang
opened on Jul 23, 2025

feat: Add Unused Dependency Check for Ruby Gems

Description:
To maintain a clean and efficient codebase, we need to add an automated process to the zitadel/client-ruby CI pipeline. The goal of this process is to detect and report any gems listed in the Gemfile that are no longer used in the project. The initial tool considered for this task was degem.

Problem:
The proposed tool, degem, does not appear to be functional in our current environment. Further investigation suggests the tool may be unmaintained, with its last commit several years ago. This makes it an unreliable choice for our CI pipeline, as it may have compatibility issues with modern Ruby versions and bundler.

Impact:

  • Without an automated check, the project is at risk of accumulating unused dependencies over time.
  • Unused gems lead to project bloat, slower bundle install times, and an increased potential security surface.
  • The dependency tree is less clear, making maintenance more difficult for developers.

Tasks:

  1. Attempt a final investigation to determine if degem can be made to work reliably.
  2. If degem is not viable, research and evaluate alternative tools for detecting unused Ruby gems (e.g., bundle-checker, gem-unused).
  3. Select a reliable tool and integrate it into the CI pipeline as a new check.
  4. Run the tool on the codebase and generate an initial report of unused dependencies.
  5. Configure the tool to ignore any known false positives (e.g., gems used by frameworks or other tools but not directly required in the code).
  6. Create a follow-up pull request to remove the confirmed unused gems from the Gemfile.

Expected Outcomes:

  • The CI pipeline includes a job that automatically fails if it detects unused gems in the Gemfile.
  • The project's dependencies are kept clean and minimal, improving maintainability and reducing bloat.
  • Developers are immediately notified of unused dependencies when contributing code.

Additional Notes:

  • The primary goal is to establish a reliable dependency check, not necessarily to use degem. The chosen solution should be stable and actively maintained.
  • This task will likely require updating the main CI workflow file to add a new step for the dependency analysis.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions