Skip to content
View andrew's full-sized avatar
🚙
I may be slow to respond.
🚙
I may be slow to respond.
3.4k followers · 3.5k following

Sponsors

@balupton
@doanson0831783
@hasky00

Sponsoring

@fazibear
@fnando
@floehopper
@geemus
@weppos
@flavorjones
@knu
@sferik
@halostatue
@postmodern
@koic
@andrehjr
@ai
+23

Achievements

Achievement: Pair Extraordinairex2Achievement: QuickdrawAchievement: Public SponsorAchievement: Galaxy BrainAchievement: YOLOAchievement: Starstruckx4Achievement: Arctic Code Vault ContributorAchievement: Pull Sharkx4

Achievements

Achievement: Pair Extraordinairex2Achievement: QuickdrawAchievement: Public SponsorAchievement: Galaxy BrainAchievement: YOLOAchievement: Starstruckx4Achievement: Arctic Code Vault ContributorAchievement: Pull Sharkx4

Highlights

Organizations

@24pullrequests @bathruby @splitrb @opencollective @octobox @themanifest @base62 @foragepm @protontypes @ecosyste-ms

Block or report andrew

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
andrew/README.md

Hey 👋

I'm a software engineer based in the UK, mostly working with Ruby. I’ve spent over a decade working in the world of package management and software dependencies — building tools to make open source more understandable, discoverable, and sustainable.

These days I’m focused on Ecosyste.ms, a project that maps dependency networks across open-source ecosystems to identify the projects that really matter — the ones everything else relies on. It builds on ideas from Libraries.io, which I started and later sold to Tidelift, and takes the concept further with broader data coverage and deeper analysis.

I also created Octobox, which helps developers manage GitHub notifications, and 24 Pull Requests, an initiative to encourage open-source contributions during December.

Latest Blog Posts

Latest Repos

  • semgrep-codeql - Converted security rules fromcodeql to semgrep format.
  • jekyll-stats - Jekyll plugin that generates site statistics
  • typosquatting - Detect potential typosquatting packages across package ecosystems
  • sbom - Parse, generate, and validate Software Bill of Materials (SBOM)
  • oss-community-benchmarks - A benchmark framework where maintainers define what good AI-generated code looks like for their ecosystem.
  • swhid - Generate and parse SoftWare Hash IDentifiers (SWHIDs)
  • hanami-sprockets - An alternative to hanami-assets that doesn't rely on npm
  • sidekiq-mcp - A Sidekiq plugin that provides an MCP (Model Context Protocol) server for LLMs to interact with Sidekiq queues, stats, and failed jobs
  • json-schema-diff - Semantic diff for JSON files using JSON Schema metadata
  • vers - A Ruby gem for parsing, comparing and sorting versions according to the VERS spec.

Pinned Loading

  1. ecosyste-ms/packages ecosyste-ms/packages Public

    An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.

    Ruby 56 14

  2. octobox/octobox octobox/octobox Public

    📮 Untangle your GitHub Notifications

    Ruby 4.4k 347

  3. ultimate-awesome ultimate-awesome Public

    Every awesome list on every topic, including awesome lists of awesome lists, updated daily.

    118 9

  4. splitrb/split splitrb/split Public

    📈 The Rack Based A/B testing framework

    Ruby 2.7k 368

  5. first-pr first-pr Public

    What was the first pull request you sent on GitHub?

    JavaScript 239 48

  6. purl purl Public

    A Ruby library for parsing, validating, and generating Package URLs (PURLs) as defined by the PURL specification

    Ruby 10