# End of Life Checker
[English](README.md) | [δΈζ](README_zh.md)
A command-line tool to check the end-of-life (EOL) status of software dependencies in your projects by comparing them with data from [endoflife.date](https://endoflife.date/).
> **Special Note**: This tool was developed entirely with the assistance of Amazon Q CLI, showcasing the capabilities of AI-assisted development.
## Overview
End of Life Checker helps developers identify outdated dependencies in their projects that may pose security risks or compatibility issues. The tool scans project files to detect dependencies and their versions, then checks them against the EOL data to provide alerts and recommendations.
## Requirements
- Python 3.8 or higher
- Required packages (automatically installed):
- requests>=2.25.0
- toml>=0.10.2
- streamlit>=1.22.0
- numpy<2.0.0
## Features
- Support for multiple programming languages and frameworks:
- Java (Maven, Gradle)
- Complete dependency tree analysis including transitive dependencies
- Parent POM inheritance support
- Dependency management resolution
- Node.js (npm, yarn)
- Python (pip, poetry, pipenv)
- Command-line interface for easy integration into CI/CD pipelines
- Graphical user interface for interactive usage
- Detailed reports showing:
- Dependencies approaching EOL
- Dependencies that have reached EOL
- Recommended upgrade paths with breaking changes warnings (β οΈ)
- Beautiful emoji-based status indicators (π΄ π π’ β)
- Execution time and progress tracking
- Project name and full path information
- Configurable warning thresholds (e.g., alert 90 days before EOL)
- Export reports in multiple formats (JSON, CSV, HTML)
- Offline mode with cached EOL data
## Installation
### From PyPI (Recommended)
```bash
pip install eol-check
```
### From Source
For the latest development version or to contribute to the project:
```bash
# Clone the repository
git clone https://github.com/yourlin/eol-check.git
cd eol-check
# Install in development mode
pip install -e .
```
Installing from source allows you to modify the code and immediately see the effects without reinstalling.
### Publishing to PyPI
For maintainers who want to publish a new version to PyPI:
```bash
# Update version in setup.py first
python -m build
twine check dist/*
twine upload dist/*
```
Alternatively, create a new release on GitHub to trigger the automated publishing workflow.
## Usage
Basic usage:
```bash
eol-check /path/to/project
```
With options:
```bash
eol-check /path/to/project --format json --output report.json --threshold 180
```
Launch the graphical user interface:
```bash
eol-check --ui
```
## Options
- `--format`: Output format (text, json, csv, html). Default: text
- `--output`: Save report to file instead of stdout
- `--threshold`: Days before EOL to start warning. Default: 90
- `--offline`: Use cached EOL data instead of fetching from endoflife.date
- `--update`: Force update of cached EOL data
- `--cache-ttl`: Cache time-to-live duration. Default: 1d. Formats: '1d' (1 day), '12h' (12 hours), '30m' (30 minutes)
- `--verbose`: Show detailed information about the checking process, including API availability messages and debug output
- `--ignore-file`: Path to file containing dependencies to ignore (one dependency name per line)
- `--max-workers`: Maximum number of parallel workers for API requests (default: CPU count * 2)
- `--ui`: Launch the graphical user interface
### Ignore File Format
The ignore file should contain one dependency name per line. Comments can be added using the `#` character.
Example `ignore.txt`:
```
# These dependencies are internal and don't need EOL checking
internal-lib
legacy-component
# This one has a custom support contract
enterprise-framework
```
## Supported Project Types
- Java: pom.xml, build.gradle
- Requires Maven/Gradle installed for complete dependency analysis
- Falls back to basic parsing if build tools are not available
- Node.js: package.json, package-lock.json, yarn.lock
- Requires npm/yarn installed for complete dependency analysis
- Falls back to basic parsing if build tools are not available
- Python: requirements.txt, Pipfile, pyproject.toml
- Requires pip/poetry/pipenv installed for complete dependency analysis
- Falls back to basic parsing if build tools are not available
## Advanced Features
### Breaking Changes Detection
The tool automatically detects when a recommended upgrade involves a major version change (e.g., upgrading from 2.x to 3.x) and marks these with a warning emoji (β οΈ) to indicate potential breaking changes.
### Transitive Dependency Analysis
For Java projects, the tool analyzes the complete dependency tree including:
- Direct dependencies declared in your project
- Transitive dependencies pulled in by your direct dependencies
- Dependencies managed by parent POMs
- Dependencies from dependency management sections
This ensures you get alerts about EOL status for all libraries your application actually uses, not just the ones you directly declare.
### Graphical User Interface
The tool provides a user-friendly Streamlit-based GUI that can be launched with the `--ui` parameter:
- Project selection and scanning
- Interactive dependency analysis results
- Cache management interface
- About section with project information
The GUI makes it easy for non-technical users to check their project dependencies without needing to use command-line options.
### CI/CD Integration
The tool is designed to be easily integrated into CI/CD pipelines:
- Exit code 0: No issues found
- Exit code 1: Error running the tool
- Exit code 2: Critical issues found (dependencies that have reached EOL)
This allows you to fail builds or trigger alerts when critical dependencies are detected.
Example integration with GitHub Actions:
```yaml
name: Check Dependencies EOL
on:
schedule:
- cron: '0 8 * * 1' # Run every Monday at 8:00 AM
workflow_dispatch: # Allow manual trigger
jobs:
check-dependencies:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.10'
- name: Install eol-check
run: pip install eol-check
- name: Check dependencies
run: eol-check . --format json --output eol-report.json
- name: Upload report as artifact
if: always()
uses: actions/upload-artifact@v3
with:
name: eol-report
path: eol-report.json
```
## Troubleshooting
### Common Issues
1. **API Rate Limiting**
- Symptom: Slow performance or errors about "too many requests"
- Solution: Use the `--max-workers` option to reduce the number of parallel requests, or use `--offline` mode with cached data
2. **Missing Dependencies**
- Symptom: The tool doesn't detect all dependencies you expect
- Solution: Make sure you're using the right build tool (Maven, npm, etc.) and that it's properly installed. The tool falls back to basic parsing if build tools aren't available.
3. **Unknown EOL Status**
- Symptom: Many dependencies show as "UNKNOWN" status
- Solution: The endoflife.date API might not have data for those dependencies. Consider contributing to the endoflife.date project.
### Verbose Mode
Use the `--verbose` flag to get more detailed information about what's happening:
- API request details and responses
- Cache usage information
- Dependency resolution process
- Detailed error messages and stack traces
This is particularly useful when troubleshooting issues or when you want to understand how the tool is processing your project.
## License
MIT
Raw data
{
"_id": null,
"home_page": null,
"name": "eol-check",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.8",
"maintainer_email": null,
"keywords": "dependency, eol, end-of-life, security, maintenance, java, python, nodejs",
"author": null,
"author_email": "Lin Ye <31615967@qq.com>",
"download_url": "https://files.pythonhosted.org/packages/36/3a/293b13adcc22606aa9db1d6b3a9f9eb6b331d1bd0d46725905cdb29d050b/eol_check-0.2.1.tar.gz",
"platform": null,
"description": "# End of Life Checker\n\n[English](README.md) | [\u4e2d\u6587](README_zh.md)\n\nA command-line tool to check the end-of-life (EOL) status of software dependencies in your projects by comparing them with data from [endoflife.date](https://endoflife.date/).\n\n> **Special Note**: This tool was developed entirely with the assistance of Amazon Q CLI, showcasing the capabilities of AI-assisted development.\n\n## Overview\n\nEnd of Life Checker helps developers identify outdated dependencies in their projects that may pose security risks or compatibility issues. The tool scans project files to detect dependencies and their versions, then checks them against the EOL data to provide alerts and recommendations.\n\n## Requirements\n\n- Python 3.8 or higher\n- Required packages (automatically installed):\n - requests>=2.25.0\n - toml>=0.10.2\n - streamlit>=1.22.0\n - numpy<2.0.0\n\n## Features\n\n- Support for multiple programming languages and frameworks:\n - Java (Maven, Gradle)\n - Complete dependency tree analysis including transitive dependencies\n - Parent POM inheritance support\n - Dependency management resolution\n - Node.js (npm, yarn)\n - Python (pip, poetry, pipenv)\n- Command-line interface for easy integration into CI/CD pipelines\n- Graphical user interface for interactive usage\n- Detailed reports showing:\n - Dependencies approaching EOL\n - Dependencies that have reached EOL\n - Recommended upgrade paths with breaking changes warnings (\u26a0\ufe0f)\n - Beautiful emoji-based status indicators (\ud83d\udd34 \ud83d\udfe0 \ud83d\udfe2 \u2753)\n - Execution time and progress tracking\n - Project name and full path information\n- Configurable warning thresholds (e.g., alert 90 days before EOL)\n- Export reports in multiple formats (JSON, CSV, HTML)\n- Offline mode with cached EOL data\n\n## Installation\n\n### From PyPI (Recommended)\n\n```bash\npip install eol-check\n```\n\n### From Source\n\nFor the latest development version or to contribute to the project:\n\n```bash\n# Clone the repository\ngit clone https://github.com/yourlin/eol-check.git\ncd eol-check\n\n# Install in development mode\npip install -e .\n```\n\nInstalling from source allows you to modify the code and immediately see the effects without reinstalling.\n\n### Publishing to PyPI\n\nFor maintainers who want to publish a new version to PyPI:\n\n```bash\n# Update version in setup.py first\npython -m build\ntwine check dist/*\ntwine upload dist/*\n```\n\nAlternatively, create a new release on GitHub to trigger the automated publishing workflow.\n\n## Usage\n\nBasic usage:\n\n```bash\neol-check /path/to/project\n```\n\nWith options:\n\n```bash\neol-check /path/to/project --format json --output report.json --threshold 180\n```\n\nLaunch the graphical user interface:\n\n```bash\neol-check --ui\n```\n\n## Options\n\n- `--format`: Output format (text, json, csv, html). Default: text\n- `--output`: Save report to file instead of stdout\n- `--threshold`: Days before EOL to start warning. Default: 90\n- `--offline`: Use cached EOL data instead of fetching from endoflife.date\n- `--update`: Force update of cached EOL data\n- `--cache-ttl`: Cache time-to-live duration. Default: 1d. Formats: '1d' (1 day), '12h' (12 hours), '30m' (30 minutes)\n- `--verbose`: Show detailed information about the checking process, including API availability messages and debug output\n- `--ignore-file`: Path to file containing dependencies to ignore (one dependency name per line)\n- `--max-workers`: Maximum number of parallel workers for API requests (default: CPU count * 2)\n- `--ui`: Launch the graphical user interface\n\n### Ignore File Format\n\nThe ignore file should contain one dependency name per line. Comments can be added using the `#` character.\n\nExample `ignore.txt`:\n```\n# These dependencies are internal and don't need EOL checking\ninternal-lib\nlegacy-component\n# This one has a custom support contract\nenterprise-framework\n```\n\n## Supported Project Types\n\n- Java: pom.xml, build.gradle\n - Requires Maven/Gradle installed for complete dependency analysis\n - Falls back to basic parsing if build tools are not available\n- Node.js: package.json, package-lock.json, yarn.lock\n - Requires npm/yarn installed for complete dependency analysis\n - Falls back to basic parsing if build tools are not available\n- Python: requirements.txt, Pipfile, pyproject.toml\n - Requires pip/poetry/pipenv installed for complete dependency analysis\n - Falls back to basic parsing if build tools are not available\n\n## Advanced Features\n\n### Breaking Changes Detection\n\nThe tool automatically detects when a recommended upgrade involves a major version change (e.g., upgrading from 2.x to 3.x) and marks these with a warning emoji (\u26a0\ufe0f) to indicate potential breaking changes.\n\n### Transitive Dependency Analysis\n\nFor Java projects, the tool analyzes the complete dependency tree including:\n- Direct dependencies declared in your project\n- Transitive dependencies pulled in by your direct dependencies\n- Dependencies managed by parent POMs\n- Dependencies from dependency management sections\n\nThis ensures you get alerts about EOL status for all libraries your application actually uses, not just the ones you directly declare.\n\n### Graphical User Interface\n\nThe tool provides a user-friendly Streamlit-based GUI that can be launched with the `--ui` parameter:\n- Project selection and scanning\n- Interactive dependency analysis results\n- Cache management interface\n- About section with project information\n\nThe GUI makes it easy for non-technical users to check their project dependencies without needing to use command-line options.\n\n### CI/CD Integration\n\nThe tool is designed to be easily integrated into CI/CD pipelines:\n- Exit code 0: No issues found\n- Exit code 1: Error running the tool\n- Exit code 2: Critical issues found (dependencies that have reached EOL)\n\nThis allows you to fail builds or trigger alerts when critical dependencies are detected.\n\nExample integration with GitHub Actions:\n```yaml\nname: Check Dependencies EOL\n\non:\n schedule:\n - cron: '0 8 * * 1' # Run every Monday at 8:00 AM\n workflow_dispatch: # Allow manual trigger\n\njobs:\n check-dependencies:\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v3\n \n - name: Set up Python\n uses: actions/setup-python@v4\n with:\n python-version: '3.10'\n \n - name: Install eol-check\n run: pip install eol-check\n \n - name: Check dependencies\n run: eol-check . --format json --output eol-report.json\n \n - name: Upload report as artifact\n if: always()\n uses: actions/upload-artifact@v3\n with:\n name: eol-report\n path: eol-report.json\n```\n\n## Troubleshooting\n\n### Common Issues\n\n1. **API Rate Limiting**\n - Symptom: Slow performance or errors about \"too many requests\"\n - Solution: Use the `--max-workers` option to reduce the number of parallel requests, or use `--offline` mode with cached data\n\n2. **Missing Dependencies**\n - Symptom: The tool doesn't detect all dependencies you expect\n - Solution: Make sure you're using the right build tool (Maven, npm, etc.) and that it's properly installed. The tool falls back to basic parsing if build tools aren't available.\n\n3. **Unknown EOL Status**\n - Symptom: Many dependencies show as \"UNKNOWN\" status\n - Solution: The endoflife.date API might not have data for those dependencies. Consider contributing to the endoflife.date project.\n\n### Verbose Mode\n\nUse the `--verbose` flag to get more detailed information about what's happening:\n- API request details and responses\n- Cache usage information\n- Dependency resolution process\n- Detailed error messages and stack traces\n\nThis is particularly useful when troubleshooting issues or when you want to understand how the tool is processing your project.\n\n## License\n\nMIT\n",
"bugtrack_url": null,
"license": null,
"summary": "A tool to check the end-of-life status of software dependencies",
"version": "0.2.1",
"project_urls": {
"Bug Tracker": "https://github.com/yourlin/eol-check/issues",
"Documentation": "https://github.com/yourlin/eol-check",
"Source Code": "https://github.com/yourlin/eol-check"
},
"split_keywords": [
"dependency",
" eol",
" end-of-life",
" security",
" maintenance",
" java",
" python",
" nodejs"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "dfa002595b61f774d3ab55599708938b189372940c6bb03820276eb0f1b01e3c",
"md5": "bb33b040cb38715fcb994692e56e1fbb",
"sha256": "695f67641f6f5b03446ce0296e87f172a3b1ecd25b03b19dfd90d2e5c381f1dd"
},
"downloads": -1,
"filename": "eol_check-0.2.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "bb33b040cb38715fcb994692e56e1fbb",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.8",
"size": 44110,
"upload_time": "2025-11-03T03:40:41",
"upload_time_iso_8601": "2025-11-03T03:40:41.314498Z",
"url": "https://files.pythonhosted.org/packages/df/a0/02595b61f774d3ab55599708938b189372940c6bb03820276eb0f1b01e3c/eol_check-0.2.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "363a293b13adcc22606aa9db1d6b3a9f9eb6b331d1bd0d46725905cdb29d050b",
"md5": "570102b65dccb38d18d1da7eb4b19643",
"sha256": "e28ce7ad31779e32a0bb035b699833c5163ef602c37f484e4f520150e5a8b085"
},
"downloads": -1,
"filename": "eol_check-0.2.1.tar.gz",
"has_sig": false,
"md5_digest": "570102b65dccb38d18d1da7eb4b19643",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.8",
"size": 38765,
"upload_time": "2025-11-03T03:40:42",
"upload_time_iso_8601": "2025-11-03T03:40:42.873864Z",
"url": "https://files.pythonhosted.org/packages/36/3a/293b13adcc22606aa9db1d6b3a9f9eb6b331d1bd0d46725905cdb29d050b/eol_check-0.2.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-11-03 03:40:42",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "yourlin",
"github_project": "eol-check",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [
{
"name": "requests",
"specs": [
[
">=",
"2.25.0"
]
]
},
{
"name": "toml",
"specs": [
[
">=",
"0.10.2"
]
]
},
{
"name": "streamlit",
"specs": [
[
">=",
"1.22.0"
]
]
},
{
"name": "numpy",
"specs": [
[
"<",
"2.0.0"
]
]
}
],
"lcname": "eol-check"
}
JSON
