Skip to main content

A zero-dependency CI tool replacing multiple CI services.

Project description

ciforge

Sponsor PyPI License: AGPL v3

ciforge is a zero-dependency CLI and GitHub Action that replaces 20 CI services with one robust tool. Run your complete CI pipeline 100% locally or natively within your actions, faster and with zero external dependencies.

Features

  • Code Quality: Intelligent linting and AST-based complexity analysis (cyclomatic complexity, long functions).
  • Test Coverage Analysis: Deep inspection of test coverage gaps.
  • Secret Detection: Catch hardcoded credentials before they reach your repository.
  • Config Validation: Native parsing and validation for JSON, YAML, ENV, TOML, and XML files.
  • PR Metrics & Velocity Tracking: Analyze pull request size, churn, and time span metrics.
  • Multi-Model AI Review: Integrates with OpenAI, Anthropic, or Ollama to find logic flaws and missing edge cases.
  • Localization Sync: Finds missing translation keys by comparing localization files against a base en.json.
  • Git Hooks Installer: Easily install pre-commit hooks to run ciforge before committing.
  • Auto-Generated Badges: Generate dynamic SVG badges reflecting repository health.
  • HTML Reports: Export beautiful standalone HTML reports.
  • Contributor Welcome Module: Automatically greet first-time contributors.
  • Auto-Fixer (--fix): Automatically resolves low-hanging issues like debug statements and bad formatting.
  • Custom Ignore Rules: Whitelist files and dummy secrets via .ciforge-ignore.
  • Auto-Changelog Generator: Generate CHANGELOG.md from git log using conventional commits.
  • Dead Code Detector: Find unreferenced functions and classes.
  • Deployment Health Check: Verify production deployments after CI runs.
  • Config Drift Detection: Detect out-of-sync environment files (e.g. .env.production vs .env.staging).
  • Architecture Diagram Generator: Auto-generate Mermaid dependency diagrams.
  • Auto PR Descriptions: Generate rich markdown PR descriptions from git diffs.
  • Mobile Config Linter: Catch errors in pubspec.yaml, build.gradle, and Podfile.
  • Blast Radius Radar: AST-based analysis of Python imports to identify highly-coupled "God files".
  • MCP Hygiene Scanner: Validates mcp.config.jsonc files for secure Model Context Protocol server configuration.
  • Schema Guardian: Automatically detects breaking schema changes (DROP TABLE, DROP COLUMN) in SQL files.
  • LLM Prompt Radar: Native detection for prompt injections in LLM calls (unsafe f-string concatenation).
  • Semantic Version Bumper: Automatically parses git log and bumps semantic versions based on conventional commits.
  • Discord Webhooks: Post beautiful CI summary payloads directly to your team's Discord channel.
  • Supply Chain Vulnerability Scanner: Zero-dependency offline detection of known CVEs in your requirements.txt and package.json.
  • Infrastructure as Code (IaC) Security: Detects severe security anti-patterns in Dockerfiles, docker-compose.yml, and Terraform files.
  • Code Duplication Detector: AST-based analysis to find structural duplicate code across your codebase.
  • Cloud Cost Estimator: Parses your IaC changes to estimate monthly AWS/GCP bill increases before you deploy.
  • Automated Load Tester: Blasts your URLs with concurrent requests to measure latency regressions.

Installation

pip install ciforge-cli

Usage

Run locally and print to terminal:

ciforge --repo . --base-ref origin/main --format markdown --fail-on high

Generate a beautiful HTML dashboard:

ciforge --repo . --format html --badge

Run the auto-fixer:

ciforge --repo . --fix

Generate a CHANGELOG.md:

ciforge --repo . --changelog

Check for config drift:

ciforge --repo . --drift

Run deployment health check:

ciforge --repo . --deploy-check https://your-production-url.com

Generate architecture diagram:

ciforge --repo . --arch-diagram

Auto-generate PR description:

ciforge --repo . --pr-describe

Find highly-coupled files (Blast Radius):

ciforge --repo . --blast-radius

Scan MCP server configuration:

ciforge --repo . --mcp-scan

Detect breaking DB schema changes:

ciforge --repo . --schema-scan

Scan for LLM prompt injections:

ciforge --repo . --prompt-scan

Auto-bump semantic version based on commits:

ciforge --repo . --bump-version

Send CI summary to Discord webhook:

ciforge --repo . --discord-webhook https://discord.com/api/webhooks/...

Scan for Supply Chain Vulnerabilities (CVEs):

ciforge --repo . --vuln-scan

Scan Infrastructure as Code for Security Issues:

ciforge --repo . --iac-scan

Find structural code duplication:

ciforge --repo . --dupe-scan

Estimate AWS/GCP Cloud Costs from Terraform:

ciforge --repo . --cloud-cost

Run Automated Load Test:

ciforge --repo . --load-test https://your-staging-url.com

Install local pre-commit hook (blocks bad commits):

ciforge --install-hook

GitHub Action Usage

Use ciforge directly in your workflows to comment on PRs and enforce standards:

steps:
  - uses: actions/checkout@v4
  - name: Run CI Forge
    uses: Tahiram32/ciforge@v4.0.0
    with:
      repo: '.'
      base-ref: 'origin/main'
      format: 'markdown'
      fail-on: 'high'
      post-comment: 'true'
      badge: 'true'
      openai-key: ${{ secrets.OPENAI_API_KEY }} # Optional: enables AI Reviewer

❤️ Sponsorship & Commercial Licenses

ciforge is licensed under the strict GNU AGPLv3 license. It is 100% free and open source for individual developers and open-source projects.

Commercial Dual License

If your company wants to use ciforge in a proprietary or closed-source commercial product without being bound by the AGPLv3 restrictions (the "cloud loophole"), you must purchase a Commercial License by sponsoring the project.

Sponsor ciforge

Every commercial sponsor helps fund:

  • 🚀 New features and integrations
  • 🐛 Bug fixes and maintenance
  • 📖 Documentation and examples
  • 🔒 Security research and improvements

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ciforge_cli-4.0.0.tar.gz (39.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

ciforge_cli-4.0.0-py3-none-any.whl (42.3 kB view details)

Uploaded Python 3

File details

Details for the file ciforge_cli-4.0.0.tar.gz.

File metadata

  • Download URL: ciforge_cli-4.0.0.tar.gz
  • Upload date:
  • Size: 39.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for ciforge_cli-4.0.0.tar.gz
Algorithm Hash digest
SHA256 beca5c13767ab7ebf6cf48c0c8ed51b5e31f7155d48de4ed91696dc05426c031
MD5 fc3b1c59626dafe2aeed8e5bfc68a7c7
BLAKE2b-256 8dd2dbdf218d125175a187eabaebd5afc288085c1cffcb327eaba77308f8ead7

See more details on using hashes here.

Provenance

The following attestation bundles were made for ciforge_cli-4.0.0.tar.gz:

Publisher: publish.yml on Tahiram32/ciforge

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ciforge_cli-4.0.0-py3-none-any.whl.

File metadata

  • Download URL: ciforge_cli-4.0.0-py3-none-any.whl
  • Upload date:
  • Size: 42.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for ciforge_cli-4.0.0-py3-none-any.whl
Algorithm Hash digest
SHA256 aef51ab2d0e4e02024ce2c3b72f3090dc9964b601b91b3d163f235a447eec244
MD5 35d46c0f6d1ab9a6cd10fbbc30c81b96
BLAKE2b-256 e1220abedea25bd39cd32680f82080d0eefb420fe0c8a4d5bb308c15a5c0aa47

See more details on using hashes here.

Provenance

The following attestation bundles were made for ciforge_cli-4.0.0-py3-none-any.whl:

Publisher: publish.yml on Tahiram32/ciforge

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page