11 developer CLI tools that catch problems before production. Open source, MIT licensed.
| Tool | What It Does |
|---|---|
| API Contract Guardian | Catch breaking OpenAPI changes in CI |
| json2sql | Convert JSON to SQL INSERT statements |
| DeployDiff | Preview infrastructure costs before deploy |
| ConfigDrift | Detect config drift across environments |
| APIGhost | Mock API server from OpenAPI specs |
| Envault | Sync and rotate .env files |
| SchemaForge | Bidirectional ORM schema conversion (11 formats) |
| click-to-mcp | Wrap any Click/Typer CLI as MCP server |
| DeadCode | Find and remove dead code in React/Next.js |
| DataMorph | Convert between CSV, JSON, YAML, Parquet, Avro, Protobuf |
| DevForge | Unified CLI — install all tools at once |
pip install devforgeThis repository provides reusable GitHub Actions workflows for use across the DevForge organization.
Standard reusable CI for Python repositories. Runs linting (ruff), tests (pytest via hatch) across a configurable Python version matrix, and validates the build.
name: Python CI
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
test:
uses: Coding-Dev-Tools/.github/.github/workflows/python-ci.yml@mainSupported inputs:
| Input | Default | Description |
|---|---|---|
python-versions |
["3.10","3.11","3.12","3.13"] |
JSON array of Python versions |
runner-os |
["ubuntu-latest"] |
JSON array of runner OS targets |
run-lint |
true |
Run ruff linting |
lint-path |
src |
Path(s) to lint (space-separated) |
run-build |
true |
Run hatch build check |
test-command |
(auto) | Custom test command override |
extra-deps |
(empty) | Extra pip install deps |
Scans PR dependency changes for known vulnerabilities before merging.
name: Dependency Review
on:
pull_request:
branches: [main]
jobs:
dependency-review:
uses: Coding-Dev-Tools/.github/.github/workflows/dependency-review.yml@main
permissions:
contents: read
pull-requests: writeSupported inputs:
| Input | Default | Description |
|---|---|---|
fail-on-severity |
high |
Severity threshold: low, medium, high, critical |
allow-licenses |
(empty) | Comma-separated allowed licenses |
deny-licenses |
(empty) | Comma-separated denied licenses |
fail-on-scopes |
runtime,unknown |
Scopes to fail on: runtime, development, unknown |
Automated code review for pull requests — runs lint, format, secret detection, TODO markers, and large-file checks, then posts a summary PR comment with a pass/warn/fail verdict.
name: Auto Code Review
on:
pull_request:
branches: [main]
types: [opened, synchronize, reopened]
jobs:
code-review:
uses: Coding-Dev-Tools/.github/.github/workflows/auto-code-review.yml@main
permissions:
contents: read
pull-requests: write
security-events: writeSupported inputs:
| Input | Default | Description |
|---|---|---|
python-version |
'3.12' |
Python version for lint tools |
ruff-targets |
'.' |
Paths ruff should scan (space-separated) |
detect-secrets |
true |
Run detect-secrets credential scan |
check-todos |
false |
Warn on leftover TODO/FIXME/HACK markers |
max-file-size |
500 |
Max allowed file size in KB (0 = skip) |
post-comment |
true |
Post review summary as a PR comment |
Checks performed:
| Check | Tool | Severity |
|---|---|---|
| Lint | Ruff | Warning |
| Format | Ruff | Warning |
| Secret detection | detect-secrets | Fail |
| TODO/FIXME/HACK | grep | Warning |
| Large files | find | Warning |
Setup note: The workflow file lives in
templates/workflows/auto-code-review.ymlin this repo. To activate it, copy or symlink it to.github/workflows/auto-code-review.yml. This is required because GitHub only recognizes workflow files under.github/workflows/.
Lightweight code review using the actions/code-review composite action — runs ruff lint, bandit security scan, mypy type-check, and pytest. Posts a pass/fail PR comment.
name: Code Review
on:
pull_request:
types: [opened, synchronize, reopened]
jobs:
review:
uses: Coding-Dev-Tools/.github/.github/workflows/code-review.yml@main
with:
python-version: '3.12'
run-ruff: true
run-bandit: true
run-type-check: false
run-pytest: true
source-dir: src
fail-on-security: true
permissions:
contents: read
pull-requests: write
checks: writeSupported inputs:
| Input | Default | Description |
|---|---|---|
python-version |
'3.12' |
Python version for review tools |
run-ruff |
true |
Run ruff lint check |
run-bandit |
true |
Run bandit security scan |
run-type-check |
false |
Run mypy type checking |
run-pytest |
true |
Run pytest suite |
source-dir |
src |
Source directory to lint/scan |
fail-on-security |
true |
Fail on high-severity security issues |
post-comment |
true |
Post review summary as a PR comment |
Checks performed:
| Check | Tool | Severity |
|---|---|---|
| Lint | Ruff | Warning |
| Security | Bandit | Fail |
| Types | Mypy | Warning |
| Tests | Pytest | Fail |
Setup note: The workflow file lives in
templates/workflows/code-review.ymlin this repo. To activate it, copy or symlink it to.github/workflows/code-review.yml. This is required because GitHub only recognizes workflow files under.github/workflows/.