ferrous-forge 1.9.4

System-wide Rust development standards enforcer
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259

//! Enhanced Safety Pipeline for Ferrous Forge
//!
//! This module implements a comprehensive safety pipeline that prevents broken code
//! from reaching GitHub or crates.io by running mandatory checks before git operations
//! and cargo publish commands.

use crate::{Error, Result};
use serde::{Deserialize, Serialize};
use std::time::Duration;

/// Bypass mechanisms for skipping safety checks.
pub mod bypass;
/// Individual safety check implementations.
pub mod checks;
/// Safety pipeline configuration and thresholds.
pub mod config;
/// Pipeline execution engine and check orchestration.
pub mod execution;
// pub mod installer;  // TODO: Implement installer
/// Core safety pipeline logic and stage management.
pub mod pipeline;
/// Check result reporting and aggregation.
pub mod report;

pub use config::SafetyConfig;
pub use pipeline::SafetyPipeline;
pub use report::{CheckResult, SafetyReport};

/// Pipeline stage for safety checks
#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
pub enum PipelineStage {
    /// Pre-commit checks (fast, essential)
    PreCommit,
    /// Pre-push checks (comprehensive)
    PrePush,
    /// Publish checks (exhaustive)
    Publish,
}

impl PipelineStage {
    /// Get the stage name as a string
    pub fn name(&self) -> &'static str {
        match self {
            Self::PreCommit => "pre-commit",
            Self::PrePush => "pre-push",
            Self::Publish => "publish",
        }
    }

    /// Get the display name for the stage
    pub fn display_name(&self) -> &'static str {
        match self {
            Self::PreCommit => "Pre-Commit",
            Self::PrePush => "Pre-Push",
            Self::Publish => "Publish",
        }
    }

    /// Get the timeout for this stage
    pub fn default_timeout(&self) -> Duration {
        match self {
            Self::PreCommit => Duration::from_secs(300), // 5 minutes
            Self::PrePush => Duration::from_secs(600),   // 10 minutes
            Self::Publish => Duration::from_secs(900),   // 15 minutes
        }
    }
}

impl std::str::FromStr for PipelineStage {
    type Err = Error;

    fn from_str(s: &str) -> Result<Self> {
        match s.to_lowercase().as_str() {
            "pre-commit" | "precommit" | "commit" => Ok(Self::PreCommit),
            "pre-push" | "prepush" | "push" => Ok(Self::PrePush),
            "publish" | "pub" => Ok(Self::Publish),
            _ => Err(Error::parse(format!("Unknown pipeline stage: {}", s))),
        }
    }
}

impl std::fmt::Display for PipelineStage {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        write!(f, "{}", self.name())
    }
}

/// Safety check type
#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
pub enum CheckType {
    /// Format checking (cargo fmt --check)
    Format,
    /// Clippy linting (cargo clippy -- -D warnings)
    Clippy,
    /// Build checking (cargo build --release)
    Build,
    /// Test execution (cargo test --all-features)
    Test,
    /// Security audit (cargo audit)
    Audit,
    /// Documentation build (cargo doc)
    Doc,
    /// Publish dry run (cargo publish --dry-run)
    PublishDryRun,
    /// Ferrous Forge standards validation
    Standards,
    /// Documentation coverage check
    DocCoverage,
    /// License validation
    License,
    /// Semver compatibility check
    Semver,
}

impl CheckType {
    /// Get the check name as a string
    pub fn name(&self) -> &'static str {
        match self {
            Self::Format => "format",
            Self::Clippy => "clippy",
            Self::Build => "build",
            Self::Test => "test",
            Self::Audit => "audit",
            Self::Doc => "doc",
            Self::PublishDryRun => "publish-dry-run",
            Self::Standards => "standards",
            Self::DocCoverage => "doc-coverage",
            Self::License => "license",
            Self::Semver => "semver",
        }
    }

    /// Get the display name for the check
    pub fn display_name(&self) -> &'static str {
        match self {
            Self::Format => "Format Check",
            Self::Clippy => "Clippy Check",
            Self::Build => "Build Check",
            Self::Test => "Test Check",
            Self::Audit => "Security Audit",
            Self::Doc => "Documentation Build",
            Self::PublishDryRun => "Publish Dry Run",
            Self::Standards => "Standards Check",
            Self::DocCoverage => "Documentation Coverage",
            Self::License => "License Check",
            Self::Semver => "Semver Check",
        }
    }

    /// Get the checks for a specific pipeline stage
    pub fn for_stage(stage: PipelineStage) -> Vec<Self> {
        match stage {
            PipelineStage::PreCommit => Self::pre_commit_checks(),
            PipelineStage::PrePush => Self::pre_push_checks(),
            PipelineStage::Publish => Self::publish_checks(),
        }
    }

    /// Get pre-commit checks (fast, essential)
    fn pre_commit_checks() -> Vec<Self> {
        vec![Self::Format, Self::Clippy, Self::Build, Self::Standards]
    }

    /// Get pre-push checks (comprehensive)
    fn pre_push_checks() -> Vec<Self> {
        vec![
            Self::Format,
            Self::Clippy,
            Self::Build,
            Self::Standards,
            Self::Test,
            Self::Audit,
            Self::Doc,
        ]
    }

    /// Get publish checks (exhaustive)
    fn publish_checks() -> Vec<Self> {
        vec![
            Self::Format,
            Self::Clippy,
            Self::Build,
            Self::Standards,
            Self::Test,
            Self::Audit,
            Self::Doc,
            Self::PublishDryRun,
            Self::DocCoverage,
            Self::License,
            Self::Semver,
        ]
    }
}

/// Safety enforcement result
#[derive(Debug, Clone)]
pub enum SafetyResult {
    /// All checks passed - operation allowed
    Passed,
    /// Checks failed - operation blocked
    Blocked {
        /// Failed checks
        failures: Vec<String>,
        /// Suggestions for fixes
        suggestions: Vec<String>,
    },
    /// Checks bypassed - operation allowed with warning
    Bypassed {
        /// Reason for bypass
        reason: String,
        /// Who bypassed
        user: String,
    },
}

impl SafetyResult {
    /// Check if the operation should be allowed
    pub fn is_allowed(&self) -> bool {
        matches!(self, Self::Passed | Self::Bypassed { .. })
    }

    /// Get a user-friendly message
    pub fn message(&self) -> String {
        match self {
            Self::Passed => "🎉 All safety checks passed! Operation allowed.".to_string(),
            Self::Blocked {
                failures,
                suggestions,
            } => {
                let mut msg = "🚨 Safety checks FAILED - operation blocked!\n\n".to_string();

                if !failures.is_empty() {
                    msg.push_str("Failures:\n");
                    for failure in failures {
                        msg.push_str(&format!("{}\n", failure));
                    }
                }

                if !suggestions.is_empty() {
                    msg.push_str("\nSuggestions:\n");
                    for suggestion in suggestions {
                        msg.push_str(&format!("{}\n", suggestion));
                    }
                }

                msg
            }
            Self::Bypassed { reason, user } => {
                format!(
                    "⚠️  Safety checks bypassed by {} - reason: {}",
                    user, reason
                )
            }
        }
    }
}

#[cfg(test)]
mod tests;