Skip to main content

A zero-dependency CI tool replacing multiple CI services.

Project description

ciforge

Sponsor PyPI License: AGPL v3

ciforge is a zero-dependency CLI and GitHub Action that replaces 20 CI services with one robust tool. Run your complete CI pipeline 100% locally or natively within your actions, faster and with zero external dependencies.

⚡ Quickstart for Solo Developers & Hobbyists

No config needed! Just run ciforge --repo . locally, or drop this into your GitHub Actions to automatically run AI code reviews, vulnerability checks, and linting with sensible defaults:

steps:
  - uses: actions/checkout@v4
  - uses: Tahiram32/ciforge@v5.0.0

🤖 The Model Context Protocol (MCP) Server

ciforge isn't just a CLI—it is a fully compliant MCP Server! You can plug ciforge directly into Claude Desktop, Cursor, or any AI Agent to instantly grant it the ability to execute Enterprise DevOps tasks. Just configure your agent to run: ciforge --serve-mcp.

💰 Save Time & Money with v5.1.0

  1. Incremental Scanning (--incremental):

    • In src/ciforge/scanner.py, add a function get_all_files(repo_path). It should recursively find all relevant files (e.g., .py, .js, .json, .tf, etc.) in the repo, ignoring .git and node_modules.
    • In src/ciforge/cli.py, add --incremental. If --incremental is true, files = scanner.git_changed_files(). If false (default), files = scanner.get_all_files(args.repo). Ensure it filters through ignore_rules in both cases.
  2. Automated Dependency Upgrades (--auto-update):

    • In src/ciforge/cli.py, add --auto-update argument.
    • Update src/ciforge/vuln_scan.py to optionally perform the update, OR better, write a new module src/ciforge/auto_update.py that parses requirements.txt / package.json, checks the latest version on PyPI/NPM via urllib.request, and overwrites the file with the fixed version if --auto-update is true. Then call this from cli.py if the flag is present.
  3. Update README.md:

    • Insert the user's exact 3 features into the README under a new section ## 💰 Save Time & Money with v5.1.0.
    • Copy the exact text the user provided for all 3 points into the README.

Features

  • Code Quality: Intelligent linting and AST-based complexity analysis (cyclomatic complexity, long functions).
  • Test Coverage Analysis: Deep inspection of test coverage gaps.
  • Secret Detection: Catch hardcoded credentials before they reach your repository.
  • Config Validation: Native parsing and validation for JSON, YAML, ENV, TOML, and XML files.
  • PR Metrics & Velocity Tracking: Analyze pull request size, churn, and time span metrics.
  • Multi-Model AI Review: Integrates with OpenAI, Anthropic, or Ollama to find logic flaws and missing edge cases.
  • Localization Sync: Finds missing translation keys by comparing localization files against a base en.json.
  • Git Hooks Installer: Easily install pre-commit hooks to run ciforge before committing.
  • Auto-Generated Badges: Generate dynamic SVG badges reflecting repository health.
  • HTML Reports: Export beautiful standalone HTML reports.
  • Contributor Welcome Module: Automatically greet first-time contributors.
  • Auto-Fixer (--fix): Automatically resolves low-hanging issues like debug statements and bad formatting.
  • Autonomous Agentic PR Fixing (--auto-fix-pr): AI autonomously rewrites vulnerable or messy code and opens a pull request for you.
  • Custom Ignore Rules: Whitelist files and dummy secrets via .ciforge-ignore.
  • CIFORGE_SECRETS_URL: Optional remote URL to fetch a list of regex strings for secret scanning.
  • CIFORGE_CRASH_WEBHOOK: Optional Discord webhook URL to receive anonymous stack traces if ciforge crashes while parsing edge-case code.
  • CIFORGE_AI_WEBHOOK: Optional Discord webhook URL to silently aggregate and collect AI Reviewer findings so you can build static rules.

Continuous Improvement

ciforge is designed to get smarter the more you use it:

  1. Crash Telemetry: By setting the CIFORGE_CRASH_WEBHOOK env var, ciforge will silently POST sanitized stack traces to your Discord if it ever fails to parse a messy repository file. The scanner will gracefully recover and continue.
  2. False Positive Feedback: Every generated Markdown report includes a direct link for your developers to quickly report False Positives, allowing you to tune the AST/Regex rules.
  3. AI Rule Extraction: Using CIFORGE_AI_WEBHOOK, you can collect the output from the AI Code Reviewer. If the AI constantly catches the same mistake, you can easily extract that logic into a lightning-fast Python static scanner.
  • Auto-Changelog Generator: Generate CHANGELOG.md from git log using conventional commits.
  • Dead Code Detector: Find unreferenced functions and classes.
  • Deployment Health Check: Verify production deployments after CI runs.
  • Config Drift Detection: Detect out-of-sync environment files (e.g. .env.production vs .env.staging).
  • Architecture Diagram Generator: Auto-generate Mermaid dependency diagrams.
  • Auto PR Descriptions: Generate rich markdown PR descriptions from git diffs.
  • Mobile Config Linter: Catch errors in pubspec.yaml, build.gradle, and Podfile.
  • Blast Radius Radar: AST-based analysis of Python imports to identify highly-coupled "God files".
  • MCP Hygiene Scanner: Validates mcp.config.jsonc files for secure Model Context Protocol server configuration.
  • Schema Guardian: Automatically detects breaking schema changes (DROP TABLE, DROP COLUMN) in SQL files.
  • LLM Prompt Radar: Native detection for prompt injections in LLM calls (unsafe f-string concatenation).
  • Semantic Version Bumper: Automatically parses git log and bumps semantic versions based on conventional commits.
  • Discord Webhooks: Post beautiful CI summary payloads directly to your team's Discord channel.
  • Supply Chain Vulnerability Scanner: Zero-dependency offline detection of known CVEs in your requirements.txt and package.json.
  • Infrastructure as Code (IaC) Security: Detects severe security anti-patterns in Dockerfiles, docker-compose.yml, and Terraform files.
  • Code Duplication Detector: AST-based analysis to find structural duplicate code across your codebase.
  • Cloud Cost Estimator: Parses your IaC changes to estimate monthly AWS/GCP bill increases before you deploy.
  • Automated Load Tester: Blasts your URLs with concurrent requests to measure latency regressions.

Installation

pip install ciforge-cli

Usage

Run locally and print to terminal:

ciforge --repo . --base-ref origin/main --format markdown --fail-on high

Generate a beautiful HTML dashboard:

ciforge --repo . --format html --badge

Run the auto-fixer:

ciforge --repo . --fix

Generate a CHANGELOG.md:

ciforge --repo . --changelog

Check for config drift:

ciforge --repo . --drift

Run deployment health check:

ciforge --repo . --deploy-check https://your-production-url.com

Generate architecture diagram:

ciforge --repo . --arch-diagram

Auto-generate PR description:

ciforge --repo . --pr-describe

Find highly-coupled files (Blast Radius):

ciforge --repo . --blast-radius

Scan MCP server configuration:

ciforge --repo . --mcp-scan

Detect breaking DB schema changes:

ciforge --repo . --schema-scan

Scan for LLM prompt injections:

ciforge --repo . --prompt-scan

Auto-bump semantic version based on commits:

ciforge --repo . --bump-version

Send CI summary to Discord webhook:

ciforge --repo . --discord-webhook https://discord.com/api/webhooks/...

Scan for Supply Chain Vulnerabilities (CVEs):

ciforge --repo . --vuln-scan

Scan Infrastructure as Code for Security Issues:

ciforge --repo . --iac-scan

Find structural code duplication:

ciforge --repo . --dupe-scan

Estimate AWS/GCP Cloud Costs from Terraform:

ciforge --repo . --cloud-cost

Run Automated Load Test:

ciforge --repo . --load-test https://your-staging-url.com

Install local pre-commit hook (blocks bad commits):

ciforge --install-hook

GitHub Action Usage

Use ciforge directly in your workflows to comment on PRs and enforce standards:

steps:
  - uses: actions/checkout@v4
  - name: Run CI Forge
    uses: Tahiram32/ciforge@v5.0.0
    with:
      repo: '.'
      base-ref: 'origin/main'
      format: 'markdown'
      fail-on: 'high'
      post-comment: 'true'
      badge: 'true'
      openai-key: ${{ secrets.OPENAI_API_KEY }} # Optional: enables AI Reviewer

❤️ Sponsorship & Commercial Licenses

ciforge is licensed under the strict GNU AGPLv3 license. It is 100% free and open source for individual developers and open-source projects.

Commercial Dual License

If your company wants to use ciforge in a proprietary or closed-source commercial product without being bound by the AGPLv3 restrictions (the "cloud loophole"), you must purchase a Commercial License by sponsoring the project.

Sponsor ciforge

Every commercial sponsor helps fund:

  • 🚀 New features and integrations
  • 🐛 Bug fixes and maintenance
  • 📖 Documentation and examples
  • 🔒 Security research and improvements

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ciforge_cli-5.1.0.tar.gz (47.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

ciforge_cli-5.1.0-py3-none-any.whl (49.8 kB view details)

Uploaded Python 3

File details

Details for the file ciforge_cli-5.1.0.tar.gz.

File metadata

  • Download URL: ciforge_cli-5.1.0.tar.gz
  • Upload date:
  • Size: 47.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for ciforge_cli-5.1.0.tar.gz
Algorithm Hash digest
SHA256 3b42cc5bf961ed3ff760bc450ee257af075aef06f0144de53a07bca9938c478d
MD5 76807a3ccff0fdaeded75312c89ad070
BLAKE2b-256 f7c170e1825f8df0e1e63a0b020e0aceeb987c8cf1f01b0ea598119da4ba7276

See more details on using hashes here.

Provenance

The following attestation bundles were made for ciforge_cli-5.1.0.tar.gz:

Publisher: publish.yml on Tahiram32/ciforge

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ciforge_cli-5.1.0-py3-none-any.whl.

File metadata

  • Download URL: ciforge_cli-5.1.0-py3-none-any.whl
  • Upload date:
  • Size: 49.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for ciforge_cli-5.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 db5b57f175057e98388e0ca3833d5f87c6182af06adad43fefc64a13044ab447
MD5 fbc25119faebdf5d4683e9aa8b84af85
BLAKE2b-256 c5a3917342a55bd8e2e3a246a0f635d79262925b56be17447ffaf162e6e5a7a4

See more details on using hashes here.

Provenance

The following attestation bundles were made for ciforge_cli-5.1.0-py3-none-any.whl:

Publisher: publish.yml on Tahiram32/ciforge

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page