A zero-dependency CI tool replacing multiple CI services.
Project description
ciforge
ciforge is a zero-dependency CLI and GitHub Action that replaces 20 CI services with one robust tool. Run your complete CI pipeline 100% locally or natively within your actions, faster and with zero external dependencies.
⚡ Quickstart for Solo Developers & Hobbyists
No config needed! Just run ciforge --repo . locally, or drop this into your GitHub Actions to automatically run AI code reviews, vulnerability checks, and linting with sensible defaults:
steps:
- uses: actions/checkout@v4
- uses: Tahiram32/ciforge@v5.0.0
🤖 The Model Context Protocol (MCP) Server
ciforge isn't just a CLI—it is a fully compliant MCP Server!
You can plug ciforge directly into Claude Desktop, Cursor, or any AI Agent to instantly grant it the ability to execute Enterprise DevOps tasks.
Just configure your agent to run: ciforge --serve-mcp.
Features
- Code Quality: Intelligent linting and AST-based complexity analysis (cyclomatic complexity, long functions).
- Test Coverage Analysis: Deep inspection of test coverage gaps.
- Secret Detection: Catch hardcoded credentials before they reach your repository.
- Config Validation: Native parsing and validation for JSON, YAML, ENV, TOML, and XML files.
- PR Metrics & Velocity Tracking: Analyze pull request size, churn, and time span metrics.
- Multi-Model AI Review: Integrates with OpenAI, Anthropic, or Ollama to find logic flaws and missing edge cases.
- Localization Sync: Finds missing translation keys by comparing localization files against a base en.json.
- Git Hooks Installer: Easily install pre-commit hooks to run ciforge before committing.
- Auto-Generated Badges: Generate dynamic SVG badges reflecting repository health.
- HTML Reports: Export beautiful standalone HTML reports.
- Contributor Welcome Module: Automatically greet first-time contributors.
- Auto-Fixer (
--fix): Automatically resolves low-hanging issues like debug statements and bad formatting. - Autonomous Agentic PR Fixing (
--auto-fix-pr): AI autonomously rewrites vulnerable or messy code and opens a pull request for you. - Custom Ignore Rules: Whitelist files and dummy secrets via
.ciforge-ignore. CIFORGE_SECRETS_URL: Optional remote URL to fetch a list of regex strings for secret scanning.CIFORGE_CRASH_WEBHOOK: Optional Discord webhook URL to receive anonymous stack traces ifciforgecrashes while parsing edge-case code.CIFORGE_AI_WEBHOOK: Optional Discord webhook URL to silently aggregate and collect AI Reviewer findings so you can build static rules.
Continuous Improvement
ciforge is designed to get smarter the more you use it:
- Crash Telemetry: By setting the
CIFORGE_CRASH_WEBHOOKenv var,ciforgewill silently POST sanitized stack traces to your Discord if it ever fails to parse a messy repository file. The scanner will gracefully recover and continue. - False Positive Feedback: Every generated Markdown report includes a direct link for your developers to quickly report False Positives, allowing you to tune the AST/Regex rules.
- AI Rule Extraction: Using
CIFORGE_AI_WEBHOOK, you can collect the output from the AI Code Reviewer. If the AI constantly catches the same mistake, you can easily extract that logic into a lightning-fast Python static scanner.
- Auto-Changelog Generator: Generate
CHANGELOG.mdfrom git log using conventional commits. - Dead Code Detector: Find unreferenced functions and classes.
- Deployment Health Check: Verify production deployments after CI runs.
- Config Drift Detection: Detect out-of-sync environment files (e.g.
.env.productionvs.env.staging). - Architecture Diagram Generator: Auto-generate Mermaid dependency diagrams.
- Auto PR Descriptions: Generate rich markdown PR descriptions from git diffs.
- Mobile Config Linter: Catch errors in
pubspec.yaml,build.gradle, andPodfile. - Blast Radius Radar: AST-based analysis of Python imports to identify highly-coupled "God files".
- MCP Hygiene Scanner: Validates
mcp.config.jsoncfiles for secure Model Context Protocol server configuration. - Schema Guardian: Automatically detects breaking schema changes (
DROP TABLE,DROP COLUMN) in SQL files. - LLM Prompt Radar: Native detection for prompt injections in LLM calls (unsafe f-string concatenation).
- Semantic Version Bumper: Automatically parses
git logand bumps semantic versions based on conventional commits. - Discord Webhooks: Post beautiful CI summary payloads directly to your team's Discord channel.
- Supply Chain Vulnerability Scanner: Zero-dependency offline detection of known CVEs in your
requirements.txtandpackage.json. - Infrastructure as Code (IaC) Security: Detects severe security anti-patterns in Dockerfiles,
docker-compose.yml, and Terraform files. - Code Duplication Detector: AST-based analysis to find structural duplicate code across your codebase.
- Cloud Cost Estimator: Parses your IaC changes to estimate monthly AWS/GCP bill increases before you deploy.
- Automated Load Tester: Blasts your URLs with concurrent requests to measure latency regressions.
Installation
pip install ciforge-cli
Usage
Run locally and print to terminal:
ciforge --repo . --base-ref origin/main --format markdown --fail-on high
Generate a beautiful HTML dashboard:
ciforge --repo . --format html --badge
Run the auto-fixer:
ciforge --repo . --fix
Generate a CHANGELOG.md:
ciforge --repo . --changelog
Check for config drift:
ciforge --repo . --drift
Run deployment health check:
ciforge --repo . --deploy-check https://your-production-url.com
Generate architecture diagram:
ciforge --repo . --arch-diagram
Auto-generate PR description:
ciforge --repo . --pr-describe
Find highly-coupled files (Blast Radius):
ciforge --repo . --blast-radius
Scan MCP server configuration:
ciforge --repo . --mcp-scan
Detect breaking DB schema changes:
ciforge --repo . --schema-scan
Scan for LLM prompt injections:
ciforge --repo . --prompt-scan
Auto-bump semantic version based on commits:
ciforge --repo . --bump-version
Send CI summary to Discord webhook:
ciforge --repo . --discord-webhook https://discord.com/api/webhooks/...
Scan for Supply Chain Vulnerabilities (CVEs):
ciforge --repo . --vuln-scan
Scan Infrastructure as Code for Security Issues:
ciforge --repo . --iac-scan
Find structural code duplication:
ciforge --repo . --dupe-scan
Estimate AWS/GCP Cloud Costs from Terraform:
ciforge --repo . --cloud-cost
Run Automated Load Test:
ciforge --repo . --load-test https://your-staging-url.com
Install local pre-commit hook (blocks bad commits):
ciforge --install-hook
GitHub Action Usage
Use ciforge directly in your workflows to comment on PRs and enforce standards:
steps:
- uses: actions/checkout@v4
- name: Run CI Forge
uses: Tahiram32/ciforge@v5.0.0
with:
repo: '.'
base-ref: 'origin/main'
format: 'markdown'
fail-on: 'high'
post-comment: 'true'
badge: 'true'
openai-key: ${{ secrets.OPENAI_API_KEY }} # Optional: enables AI Reviewer
❤️ Sponsorship & Commercial Licenses
ciforge is licensed under the strict GNU AGPLv3 license. It is 100% free and open source for individual developers and open-source projects.
Commercial Dual License
If your company wants to use ciforge in a proprietary or closed-source commercial product without being bound by the AGPLv3 restrictions (the "cloud loophole"), you must purchase a Commercial License by sponsoring the project.
Every commercial sponsor helps fund:
- 🚀 New features and integrations
- 🐛 Bug fixes and maintenance
- 📖 Documentation and examples
- 🔒 Security research and improvements
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file ciforge_cli-5.0.0.tar.gz.
File metadata
- Download URL: ciforge_cli-5.0.0.tar.gz
- Upload date:
- Size: 45.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
411035f1d32b04c34fff483f5eff69bdd4d260c2695686fc28e0572e628998c4
|
|
| MD5 |
1d6a8e217ea3f762b43de394413f6d44
|
|
| BLAKE2b-256 |
9eb57e90070ce2af0090f77c1bf60fadf1f0df6349a333e9fc9826cd054e76ce
|
Provenance
The following attestation bundles were made for ciforge_cli-5.0.0.tar.gz:
Publisher:
publish.yml on Tahiram32/ciforge
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
ciforge_cli-5.0.0.tar.gz -
Subject digest:
411035f1d32b04c34fff483f5eff69bdd4d260c2695686fc28e0572e628998c4 - Sigstore transparency entry: 2124887930
- Sigstore integration time:
-
Permalink:
Tahiram32/ciforge@f186a178982e9a1982f7ea69f73783f225fade1e -
Branch / Tag:
refs/tags/v5.0.0 - Owner: https://github.com/Tahiram32
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@f186a178982e9a1982f7ea69f73783f225fade1e -
Trigger Event:
release
-
Statement type:
File details
Details for the file ciforge_cli-5.0.0-py3-none-any.whl.
File metadata
- Download URL: ciforge_cli-5.0.0-py3-none-any.whl
- Upload date:
- Size: 47.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
8002e49770300224b5d696066a2b306e1bfa4394651b1718bae70f263fcf49bf
|
|
| MD5 |
76ed0db603287e45d1fdd1b5c835cc7d
|
|
| BLAKE2b-256 |
10b9d874f33def6c1def4a25c21d96a7b2b0d4ab5bd71a9c12e75dbbb04d09c8
|
Provenance
The following attestation bundles were made for ciforge_cli-5.0.0-py3-none-any.whl:
Publisher:
publish.yml on Tahiram32/ciforge
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
ciforge_cli-5.0.0-py3-none-any.whl -
Subject digest:
8002e49770300224b5d696066a2b306e1bfa4394651b1718bae70f263fcf49bf - Sigstore transparency entry: 2124887969
- Sigstore integration time:
-
Permalink:
Tahiram32/ciforge@f186a178982e9a1982f7ea69f73783f225fade1e -
Branch / Tag:
refs/tags/v5.0.0 - Owner: https://github.com/Tahiram32
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@f186a178982e9a1982f7ea69f73783f225fade1e -
Trigger Event:
release
-
Statement type: