🍲 Kettle::Jem

[![License: MIT][📄license-img]][📄license-ref]

if ci_badges.map(&:color).detect { it != "green"} ☝️ let me know, as I may have missed the discord notification.

---

if ci_badges.map(&:color).all? { it == "green"} 👇️ send money so I can do more of this. FLOSS maintenance is now my full-time job.

👣 How will this project approach the September 2025 hostile takeover of RubyGems? 🚑️

I've summarized my thoughts in this blog post.

🌻 Synopsis

Kettle::Jem is an AST-aware gem templating system that keeps hundreds of Ruby gems in sync with a shared template while preserving each project's customizations. Unlike line-based copy/merge tools, Kettle::Jem understands the structure of every file it touches — Ruby via Prism, YAML via Psych, Markdown via Markly, TOML via tree-sitter, and more — so template updates land precisely where they belong, and project-specific additions are never clobbered.

Key Features

• AST-aware merging — 10 format-specific merge engines (prism, psych, markly, toml, json, jsonc, bash, dotenv, rbs, text)
• Token substitution — {KJ|TOKEN} patterns resolved from config, ENV, or auto-derived from gemspec
• Freeze blocks — protect any section from template overwrites with # kettle-jem:freeze / # kettle-jem:unfreeze
• Per-file strategies — merge, accept_template, keep_destination, or raw_copy
• Multi-phase pipeline — 11 ordered phases (service_actor-based) from config sync through duplicate checking
• SHA-pinned GitHub Actions — template uses: always wins, propagating immutable SHAs
• Convergence in one pass — a single rake kettle:jem:install applies all changes; a second run produces zero diff
• Selftest divergence check — CI verifies that project drift stays within a configurable threshold

💡 Info you can shake a stick at

Tokens to Remember
Works with JRuby
Works with Truffle Ruby
Works with MRI Ruby 4
Works with MRI Ruby 3
Support & Community
Source
Documentation
Compliance	[![License: MIT][📄license-img]][📄license-ref]
Style
Maintainer 🎖️
... 💖	🧊 🐙 🛖 🧪

Compatibility

Compatible with MRI Ruby 3.2.0+, and concordant releases of JRuby, and TruffleRuby.

🚚 Amazing test matrix was brought to you by	🔎 appraisal2 🔎 and the color 💚 green 💚
👟 Check it out!	✨ github.com/appraisal-rb/appraisal2 ✨

Federated DVCS

Find this repo on federated forges (Coming soon!)

Federated DVCS Repository	Status	Issues	PRs	Wiki	CI	Discussions
🧪 kettle-rb/kettle-jem on GitLab	The Truth	💚	💚	💚	🐭 Tiny Matrix	➖
🧊 kettle-rb/kettle-jem on CodeBerg	An Ethical Mirror (Donate)	💚	💚	➖	⭕️ No Matrix	➖
🐙 kettle-rb/kettle-jem on GitHub	Another Mirror	💚	💚	💚	💯 Full Matrix	💚
🎮️ Discord Server		Let's	talk	about	this	library!

Enterprise Support

Available as part of the Tidelift Subscription.

Need enterprise-level guarantees?

The maintainers of this and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source packages you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact packages you use.

• 💡Subscribe for support guarantees covering all your FLOSS dependencies
• 💡Tidelift is part of Sonar
• 💡Tidelift pays maintainers to maintain the software you depend on!
  📊@Pointy Haired Boss: An enterprise support subscription is "never gonna let you down", and supports open source maintainers

Alternatively:

• 
• 
• 

✨ Installation

Install the gem and add to the application's Gemfile by executing:

bundle add kettle-jem

If bundler is not being used to manage dependencies, install the gem by executing:

gem install kettle-jem

🔒 Secure Installation

For Medium or High Security Installations

This gem is cryptographically signed and has verifiable SHA-256 and SHA-512 checksums by stone_checksums. Be sure the gem you install hasn’t been tampered with by following the instructions below.

Add my public key (if you haven’t already; key expires 2045-04-29) as a trusted certificate:

gem cert --add <(curl -Ls https://raw.github.com/galtzo-floss/certs/main/pboling.pem)

You only need to do that once. Then proceed to install with:

gem install kettle-jem -P HighSecurity

The HighSecurity trust profile will verify signed gems, and not allow the installation of unsigned dependencies.

If you want to up your security game full-time:

bundle config set --global trust-policy MediumSecurity

MediumSecurity instead of HighSecurity is necessary if not all the gems you use are signed.

NOTE: Be prepared to track down certs for signed gems and add them the same way you added mine.

⚙️ Configuration

Each gem that uses Kettle::Jem has a .kettle-jem.yml file at its root. This file controls every aspect of how the template is applied.

Minimal Configuration

project_emoji: "🔮"
engines:
  - ruby
licenses:
  - MIT
tokens:
  forge:
    gh_user: "your-username"
  author:
    name: "Your Name"
    email: "you@example.com"

Full Configuration Reference

# REQUIRED — unique emoji used in badges and gemspec summary
project_emoji: "🔮"

# Ruby engines to include in CI matrix (remove to skip)
engines:
  - ruby
  - jruby
  - truffleruby

# SPDX license identifiers
licenses:
  - MIT

# Logo layout in README header: org | project | org_and_project
readme:
  top_logo_mode: org

# Bot accounts to exclude from contributor lists
machine_users:
  - dependabot

# Maximum allowed divergence (%) for selftest CI check
min_divergence_threshold: 5

# Default merge behavior applied to all files
defaults:
  preference: "template"           # template | destination
  add_template_only_nodes: true    # add nodes that only exist in template
  freeze_token: "kettle-jem"       # marker for frozen sections

# Token values for {KJ|TOKEN} substitution
tokens:
  forge:
    gh_user: "github-username"
    gl_user: "gitlab-username"
    cb_user: "codeberg-username"
  author:
    name: "Full Name"
    email: "you@example.com"
    domain: "example.com"
    orcid: "0000-0000-0000-0000"
  funding:
    patreon: "username"
    kofi: "username"
    polar: "username"
    liberapay: "username"
  social:
    mastodon: "username"
    bluesky: "user.bsky.social"
    linktree: "username"
    devto: "username"

# Glob-based overrides (first match wins)
patterns:
  - path: "certs/**"
    strategy: raw_copy

# Per-file overrides
files:
  Rakefile:
    strategy: merge
    preference: destination        # preserve local tasks
  AGENTS.md:
    strategy: accept_template      # always use template version

Strategies

Strategy	Behavior
merge	Resolve tokens, then AST-merge template + destination (default)
accept_template	Resolve tokens, overwrite destination with template result
keep_destination	Skip entirely — no merge, no creation
raw_copy	Copy bytes as-is — no token resolution, no merge (for binary assets)

Token Substitution

Tokens use {KJ|TOKEN} syntax and are resolved in priority order:

1. ENV variables (highest) — e.g., KJ_AUTHOR_NAME
2. .kettle-jem.yml tokens: section — explicit values
3. Auto-derived from gemspec (lowest) — author name, email, domain

Common tokens:

Token	Source
{KJ|GEM_NAME}	Gem name from gemspec
{KJ|NAMESPACE}	Ruby module namespace
{KJ|AUTHOR:NAME}	Author full name
{KJ|AUTHOR:EMAIL}	Author email
{KJ|GH:USER}	GitHub username
{KJ|PROJECT_EMOJI}	Project emoji from config
{KJ|MIN_RUBY}	Minimum Ruby version
{KJ|FREEZE_TOKEN}	Freeze marker name

Freeze Blocks

Protect sections in any file from template overwrites:

# kettle-jem:freeze
gem "my-local-fork", path: "../custom"
# kettle-jem:unfreeze

Content between freeze/unfreeze markers is always preserved from the destination, regardless of what the template contains. Works in all supported formats (Ruby, YAML, Markdown, TOML, JSON, Bash, etc.).

Merge Engine Selection

Kettle::Jem selects the merge engine by file type:

File Pattern	Merge Engine	Key Behaviors
*.rb, Gemfile, *.gemspec, Rakefile, Appraisals	Prism::Merge	Three-phase matching, gemspec var renaming
*.yml, *.yaml	Psych::Merge	SHA-pinned uses:, per-key preferences
*.md, *.markdown	Markly::Merge	Heading/list matching, inner list merge
*.toml	Toml::Merge	Sort keys, table matching
*.json	Json::Merge	Key-based matching
*.jsonc	Json::Merge	With comment preservation
*.sh, *.bash, .envrc	Bash::Merge	Block matching
.env*	Dotenv::Merge	KEY=value matching
*.rbs	RBS::Merge	Type signature matching
.tool-versions, .gitignore	Text::Merge	Intentional line-based merge

No silent fallback: If a tree-sitter grammar is unavailable for a file type that requires AST merging, kettle-jem will fail (default) or skip the file — never silently degrade to text-based merging. See PARSE_ERROR_MODE below.

🔧 Basic Usage

Initial Setup

gem install kettle-jem
cd my-gem
kettle-jem

The setup CLI runs a two-phase bootstrap:

1. Bootstrap — creates .kettle-jem.yml, installs modular gemfiles, ensures dev dependencies
2. Bundled — loads the full runtime and runs rake kettle:jem:install

Applying Template Updates

After initial setup, re-run the template process to pull in updates:

bundle exec rake kettle:jem:install

This applies all 11 phases:

Phase	Description	Files Affected
0	Config sync	.kettle-jem.yml
1	Dev container	.devcontainer/
2	GitHub workflows	.github/workflows/, FUNDING.yml
3	Quality config	.qlty/qlty.toml
4	Modular gemfiles	gemfiles/modular/
5	Spec helper	spec/spec_helper.rb
6	Environment templates	.env.local.example
7	Remaining files	gemspec, README, LICENSE, Rakefile, …
8	Git hooks	.git-hooks/
9	License files	LICENSE*
10	Duplicate check	(validation only)

Each phase is implemented as a composable service_actor actor, enabling per-phase statistics (📄 templates, 🆕 created, 📋 pre-existing, 🟰 identical, ✏️ changed) and future slice-based workflows.

Checking Divergence

CI can verify that a project hasn't drifted too far from the template:

bundle exec rake kettle:jem:selftest

This re-applies the template in a temporary checkout and measures the diff. Output is condensed to two summary lines after the template run:

[selftest] 📄  Report - tmp/template_test/report/summary.md
[selftest] ✅  Score: 100.0% · Divergence: 0.0% · Threshold: fail when divergence reaches 5.0%

If divergence exceeds min_divergence_threshold (default 5%), the check fails.

Workflow-Specific Options

For GitHub Actions workflows, the template always wins for uses: lines (SHA-pinned action references) while destination wins for job configuration:

# Template updates this SHA automatically:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683

# Your matrix customizations are preserved:
matrix:
  ruby: ["3.2", "3.3", "3.4"]

Per-File Overrides

Override merge behavior for specific files in .kettle-jem.yml:

files:
  Rakefile:
    strategy: merge
    preference: destination     # keep your custom tasks
  certs/my.pem:
    strategy: raw_copy          # binary file, no merging
  generated/report.md:
    strategy: keep_destination  # never touch this file

Environment Variables & CLI Options

Kettle::Jem behavior is controlled via environment variables (which double as Rake task arguments) and CLI flags passed to kettle-jem setup.

Merge & Error Handling

Variable	CLI Flag	Default	Description
FAILURE_MODE	--failure-mode=VAL	error	How general merge failures are handled. error raises and halts; rescue logs a warning and uses unmerged content.
PARSE_ERROR_MODE	—	fail	How AST parser unavailability is handled. fail raises immediately (recommended); skip warns and preserves the destination file unchanged. There is no text-merge fallback — AST merge or nothing.

Task Control

Variable	CLI Flag	Default	Description
allowed	--allowed=VAL	true	Set to false/0/no to require manual review of env file changes before continuing.
force	--force	true	Skip interactive prompts; automatically accept changes. This is the default. Legacy flag kept for backward compatibility.
—	--interactive	(off)	Enable interactive prompts (opt-in). Overrides the default non-interactive / force behavior.
KETTLE_JEM_QUIET	--quiet	true	Suppress non-essential CLI output. Phase summary lines (emoji-prefixed) are always shown; per-file messages, skipping notices, and the post-install walkthrough are suppressed. Verbose detail is still written to the per-run report file. This is the default. Legacy flag kept for backward compatibility.
KETTLE_JEM_VERBOSE	--verbose	false	Show detailed output including per-file messages and setup progress. Overrides the default quiet behavior.
only	--only=VAL	(all)	Comma-separated glob patterns — only template files matching at least one pattern are processed.
include	--include=VAL	(all)	Comma-separated glob patterns — additional files to include beyond the default set.
hook_templates	--hook_templates=VAL	(prompt)	Git hook install location: l/local, g/global, or n/none. Also via KETTLE_DEV_HOOK_TEMPLATES.

Config & Identity (KJ_ prefix)

These seed .kettle-jem.yml values when the config is freshly created or when a key is missing. They are also used as runtime overrides.

Variable	Description
KJ_PROJECT_EMOJI	Project identifying emoji (e.g. 🪙). Required in config.
KJ_AUTHOR_NAME	Gem author full name
KJ_AUTHOR_EMAIL	Gem author email
KJ_AUTHOR_DOMAIN	Author website domain (derived from email if unset)
KJ_AUTHOR_GIVEN_NAMES	First/given names
KJ_AUTHOR_FAMILY_NAMES	Last/family names
KJ_AUTHOR_ORCID	ORCID identifier
KJ_GH_USER	GitHub username
KJ_GL_USER	GitLab username
KJ_CB_USER	Codeberg username
KJ_SH_USER	SourceHut username

Workspace & Funding

Variable	Description
KETTLE_RB_DEV	Workspace root for local sibling gems. true = ~/src/kettle-rb; a path = that path; unset/false = released gems.
KETTLE_DEV_DEBUG	Set to true for verbose debug output.
FUNDING_ORG	OpenCollective organization handle for FUNDING.yml. Auto-derived from git remote if unset.
OPENCOLLECTIVE_HANDLE	Alternative to FUNDING_ORG for personal OpenCollective pages.
KJ_FUNDING_PATREON	Patreon handle for FUNDING.yml
KJ_FUNDING_KOFI	Ko-fi handle for FUNDING.yml
KJ_FUNDING_PAYPAL	PayPal handle for FUNDING.yml

Rake Task Examples

# Standard template update (quiet, non-interactive — the default)
bundle exec rake kettle:jem:install

# Verbose output
KETTLE_JEM_VERBOSE=true bundle exec rake kettle:jem:install

# Interactive mode (prompts before each change)
bundle exec rake kettle:jem:install force=false

# Only workflow files, skip unparseable
PARSE_ERROR_MODE=skip bundle exec rake kettle:jem:install only=".github/**"

# Rescue on merge failure (don't halt)
bundle exec rake kettle:jem:install FAILURE_MODE=rescue

🦷 FLOSS Funding

While kettle-rb tools are free software and will always be, the project would benefit immensely from some funding. Raising a monthly budget of... "dollars" would make the project more sustainable.

We welcome both individual and corporate sponsors! We also offer a wide array of funding channels to account for your preferences (although currently Open Collective is our preferred funding platform).

If you're working in a company that's making significant use of kettle-rb tools we'd appreciate it if you suggest to your company to become a kettle-rb sponsor.

You can support the development of kettle-rb tools via GitHub Sponsors, Liberapay, PayPal, Open Collective and Tidelift.

📍 NOTE
If doing a sponsorship in the form of donation is problematic for your company from an accounting standpoint, we'd recommend the use of Tidelift, where you can get a support-like subscription instead.

Open Collective for Individuals

Support us with a monthly donation and help us continue our activities. [Become a backer]

NOTE: kettle-readme-backers updates this list every day, automatically.

No backers yet. Be the first!

Open Collective for Organizations

Become a sponsor and get your logo on our README on GitHub with a link to your site. [Become a sponsor]

NOTE: kettle-readme-backers updates this list every day, automatically.

No sponsors yet. Be the first!

Another way to support open-source

I’m driven by a passion to foster a thriving open-source community – a space where people can tackle complex problems, no matter how small. Revitalizing libraries that have fallen into disrepair, and building new libraries focused on solving real-world challenges, are my passions. I was recently affected by layoffs, and the tech jobs market is unwelcoming. I’m reaching out here because your support would significantly aid my efforts to provide for my family, and my farm (11 🐔 chickens, 2 🐶 dogs, 3 🐰 rabbits, 8 🐈‍ cats).

If you work at a company that uses my work, please encourage them to support me as a corporate sponsor. My work on gems you use might show up in bundle fund.

I’m developing a new library, floss_funding, designed to empower open-source developers like myself to get paid for the work we do, in a sustainable way. Please give it a look.

Floss-Funding.dev: 👉️ No network calls. 👉️ No tracking. 👉️ No oversight. 👉️ Minimal crypto hashing. 💡 Easily disabled nags

🔐 Security

See SECURITY.md.

🤝 Contributing

If you need some ideas of where to help, you could work on adding more code coverage, or if it is already 💯 (see below) check reek, issues, or PRs, or use the gem and think about how it could be better.

We so if you make changes, remember to update it.

See CONTRIBUTING.md for more detailed instructions.

🚀 Release Instructions

See CONTRIBUTING.md.

Code Coverage

🪇 Code of Conduct

Everyone interacting with this project's codebases, issue trackers, chat rooms and mailing lists agrees to follow the .

🌈 Contributors

Made with contributors-img.

Also see GitLab Contributors: https://gitlab.com/kettle-rb/kettle-jem/-/graphs/main

⭐️ Star History

📌 Versioning

This Library adheres to . Violations of this scheme should be reported as bugs. Specifically, if a minor or patch version is released that breaks backward compatibility, a new version should be immediately released that restores compatibility. Breaking changes to the public API will only be introduced with new major versions.

dropping support for a platform is both obviously and objectively a breaking change
—Jordan Harband (@ljharb, maintainer of SemVer) in SemVer issue 716

I understand that policy doesn't work universally ("exceptions to every rule!"), but it is the policy here. As such, in many cases it is good to specify a dependency on this library using the Pessimistic Version Constraint with two digits of precision.

For example:

spec.add_dependency("kettle-jem", "~> 1.0")

📌 Is "Platform Support" part of the public API? More details inside.

SemVer should, IMO, but doesn't explicitly, say that dropping support for specific Platforms is a breaking change to an API, and for that reason the bike shedding is endless.

To get a better understanding of how SemVer is intended to work over a project's lifetime, read this article from the creator of SemVer:

• "Major Version Numbers are Not Sacred"

See CHANGELOG.md for a list of releases.

📄 License

The gem is available under the following license: AGPL-3.0-only. See LICENSE.md for details.

If none of the available licenses suit your use case, please contact us to discuss a custom commercial license.

© Copyright

See LICENSE.md for the official copyright notice.

🤑 A request for help

Maintainers have teeth and need to pay their dentists. After getting laid off in an RIF in March, and encountering difficulty finding a new one, I began spending most of my time building open source tools. I'm hoping to be able to pay for my kids' health insurance this month, so if you value the work I am doing, I need your support. Please consider sponsoring me or the project.

To join the community or get help 👇️ Join the Discord.

To say "thanks!" ☝️ Join the Discord or 👇️ send money.

💌 💌 💌

Please give the project a star ⭐ ♥.

Thanks for RTFM. ☺️