https://endoflife.date/ provides a bunch of EOL dates, maintained by the general community and it has an api!
In theory, we could use this with osv-detector: since it knows the packages being used, we could try and see if any of them are in the array returned by https://endoflife.date/api/all.json.
In theory again, we could also attempt to pick up versions for other tools from known files, e.g. we could look for .<tool>-version files and assume they're .ruby-version, .node-version, etc.
(also for Ruby, we could use the ruby version that gets recorded in the Gemfile.lock too)
https://endoflife.date/ provides a bunch of EOL dates, maintained by the general community and it has an api!
In theory, we could use this with
osv-detector: since it knows the packages being used, we could try and see if any of them are in the array returned byhttps://endoflife.date/api/all.json.In theory again, we could also attempt to pick up versions for other tools from known files, e.g. we could look for
.<tool>-versionfiles and assume they're.ruby-version,.node-version, etc.(also for Ruby, we could use the ruby version that gets recorded in the
Gemfile.locktoo)