PyPI - multi-forge - Versions diffs - 0.2.0__py3-none-any.whl - Mend

multi-forge 0.2.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (311) hide show

forge/__init__.py +3 -0
forge/_extensions/agents/.gitkeep +0 -0
forge/_extensions/commands/.gitkeep +0 -0
forge/_extensions/skills/analyze/SKILL.md +87 -0
forge/_extensions/skills/challenge/SKILL.md +91 -0
forge/_extensions/skills/consensus/SKILL.md +120 -0
forge/_extensions/skills/consensus/resources/code_consensus_evaluation.md +94 -0
forge/_extensions/skills/consensus/resources/consensus_evaluation.md +70 -0
forge/_extensions/skills/consensus/resources/synthesis.md +101 -0
forge/_extensions/skills/debate/SKILL.md +116 -0
forge/_extensions/skills/debate/resources/code_debate_evaluation.md +101 -0
forge/_extensions/skills/debate/resources/debate_evaluation.md +90 -0
forge/_extensions/skills/panel/SKILL.md +141 -0
forge/_extensions/skills/panel/resources/synthesis.md +103 -0
forge/_extensions/skills/qa/SKILL.md +704 -0
forge/_extensions/skills/qa/resources/checklist/0-enable.md +78 -0
forge/_extensions/skills/qa/resources/checklist/1-preflight.md +24 -0
forge/_extensions/skills/qa/resources/checklist/10-resume.md +143 -0
forge/_extensions/skills/qa/resources/checklist/11-config.md +150 -0
forge/_extensions/skills/qa/resources/checklist/12-search.md +58 -0
forge/_extensions/skills/qa/resources/checklist/13-guard.md +237 -0
forge/_extensions/skills/qa/resources/checklist/14-workflow.md +305 -0
forge/_extensions/skills/qa/resources/checklist/15-skills.md +155 -0
forge/_extensions/skills/qa/resources/checklist/16-handoff.md +224 -0
forge/_extensions/skills/qa/resources/checklist/17-info.md +50 -0
forge/_extensions/skills/qa/resources/checklist/18-disable.md +84 -0
forge/_extensions/skills/qa/resources/checklist/19-uninstall.md +146 -0
forge/_extensions/skills/qa/resources/checklist/2-extensions.md +188 -0
forge/_extensions/skills/qa/resources/checklist/20-cleanup.md +36 -0
forge/_extensions/skills/qa/resources/checklist/3-auth.md +234 -0
forge/_extensions/skills/qa/resources/checklist/4-proxy.md +481 -0
forge/_extensions/skills/qa/resources/checklist/5-session.md +541 -0
forge/_extensions/skills/qa/resources/checklist/6-hooks.md +275 -0
forge/_extensions/skills/qa/resources/checklist/7-costs.md +309 -0
forge/_extensions/skills/qa/resources/checklist/8-status-line.md +174 -0
forge/_extensions/skills/qa/resources/checklist/9-direct-commands.md +146 -0
forge/_extensions/skills/qa/resources/checklist.md +103 -0
forge/_extensions/skills/qa/resources/report-template.md +62 -0
forge/_extensions/skills/qa/scripts/start-container.sh +529 -0
forge/_extensions/skills/qa/scripts/walkthrough-state.py +1137 -0
forge/_extensions/skills/review/SKILL.md +125 -0
forge/_extensions/skills/review/references/claude-4.6.md +474 -0
forge/_extensions/skills/review/references/claude-4.7.md +710 -0
forge/_extensions/skills/review/references/gemini-3.1.md +546 -0
forge/_extensions/skills/review/references/gpt-5.5.md +490 -0
forge/_extensions/skills/review/references/skills-writing-guide.md +1588 -0
forge/_extensions/skills/review/resources/code-anthropic.md +160 -0
forge/_extensions/skills/review/resources/code-gemini.md +184 -0
forge/_extensions/skills/review/resources/code-openai.md +203 -0
forge/_extensions/skills/review/resources/code.md +160 -0
forge/_extensions/skills/review-docs/SKILL.md +121 -0
forge/_extensions/skills/review-docs/resources/docs-anthropic.md +170 -0
forge/_extensions/skills/review-docs/resources/docs-gemini.md +204 -0
forge/_extensions/skills/review-docs/resources/docs-openai.md +231 -0
forge/_extensions/skills/review-docs/resources/docs.md +170 -0
forge/_extensions/skills/smoke-test/SKILL.md +27 -0
forge/_extensions/skills/smoke-test/scripts/smoke-test.sh +118 -0
forge/_extensions/skills/understand/SKILL.md +148 -0
forge/_extensions/skills/understand/resources/code-anthropic.md +163 -0
forge/_extensions/skills/understand/resources/code-gemini.md +194 -0
forge/_extensions/skills/understand/resources/code-openai.md +181 -0
forge/_extensions/skills/understand/resources/code.md +163 -0
forge/_extensions/skills/understand/resources/docs-anthropic.md +177 -0
forge/_extensions/skills/understand/resources/docs-gemini.md +202 -0
forge/_extensions/skills/understand/resources/docs-openai.md +191 -0
forge/_extensions/skills/understand/resources/docs.md +177 -0
forge/_extensions/skills/walkthrough/SKILL.md +599 -0
forge/_extensions/skills/walkthrough/resources/checklist.md +765 -0
forge/_extensions/skills/walkthrough/scripts/run-in-repo.sh +118 -0
forge/_extensions/skills/walkthrough/scripts/setup-test-repo.sh +198 -0
forge/_extensions/skills/walkthrough/scripts/walkthrough-state.py +1137 -0
forge/backend/__init__.py +174 -0
forge/backend/adapters/__init__.py +38 -0
forge/backend/adapters/litellm.py +158 -0
forge/backend/creation.py +89 -0
forge/backend/registry.py +178 -0
forge/cli/__init__.py +16 -0
forge/cli/auth.py +483 -0
forge/cli/backend.py +298 -0
forge/cli/claude.py +411 -0
forge/cli/config_cmd.py +303 -0
forge/cli/extensions.py +1001 -0
forge/cli/gc.py +165 -0
forge/cli/guard.py +1018 -0
forge/cli/guards.py +106 -0
forge/cli/handoff.py +110 -0
forge/cli/hooks/__init__.py +36 -0
forge/cli/hooks/_group.py +20 -0
forge/cli/hooks/_helpers.py +149 -0
forge/cli/hooks/commands.py +1677 -0
forge/cli/hooks/direct_commands.py +1304 -0
forge/cli/hooks/install.py +232 -0
forge/cli/hooks/policy.py +151 -0
forge/cli/hooks/read_hygiene.py +74 -0
forge/cli/hooks/verification.py +370 -0
forge/cli/logs.py +406 -0
forge/cli/main.py +292 -0
forge/cli/proxy.py +1821 -0
forge/cli/proxy_costs.py +313 -0
forge/cli/search.py +416 -0
forge/cli/session.py +892 -0
forge/cli/session_addendum.py +81 -0
forge/cli/session_fork.py +750 -0
forge/cli/session_handoff.py +141 -0
forge/cli/session_lifecycle.py +2053 -0
forge/cli/session_manage.py +1336 -0
forge/cli/session_memory.py +201 -0
forge/cli/status_line.py +1398 -0
forge/cli/workflow.py +1964 -0
forge/config/__init__.py +110 -0
forge/config/dataclass_utils.py +88 -0
forge/config/defaults/__init__.py +0 -0
forge/config/defaults/backends/__init__.py +0 -0
forge/config/defaults/backends/litellm.yaml +196 -0
forge/config/defaults/templates/__init__.py +0 -0
forge/config/defaults/templates/litellm-anthropic-local.yaml +33 -0
forge/config/defaults/templates/litellm-anthropic.yaml +24 -0
forge/config/defaults/templates/litellm-gemini-flash-local.yaml +37 -0
forge/config/defaults/templates/litellm-gemini-local.yaml +32 -0
forge/config/defaults/templates/litellm-gemini-test.yaml +34 -0
forge/config/defaults/templates/litellm-gemini.yaml +21 -0
forge/config/defaults/templates/litellm-openai-codex-local.yaml +36 -0
forge/config/defaults/templates/litellm-openai-local.yaml +38 -0
forge/config/defaults/templates/litellm-openai.yaml +28 -0
forge/config/defaults/templates/openrouter-anthropic.yaml +23 -0
forge/config/defaults/templates/openrouter-deepseek.yaml +26 -0
forge/config/defaults/templates/openrouter-gemini-flash.yaml +26 -0
forge/config/defaults/templates/openrouter-gemini.yaml +23 -0
forge/config/defaults/templates/openrouter-glm.yaml +23 -0
forge/config/defaults/templates/openrouter-kimi.yaml +30 -0
forge/config/defaults/templates/openrouter-minimax.yaml +26 -0
forge/config/defaults/templates/openrouter-openai-codex.yaml +23 -0
forge/config/defaults/templates/openrouter-openai.yaml +28 -0
forge/config/defaults/templates/openrouter-qwen.yaml +25 -0
forge/config/loader.py +675 -0
forge/config/schema.py +448 -0
forge/core/__init__.py +5 -0
forge/core/auth/__init__.py +67 -0
forge/core/auth/capabilities.py +219 -0
forge/core/auth/credentials_file.py +244 -0
forge/core/auth/protocols.py +18 -0
forge/core/auth/secrets.py +243 -0
forge/core/auth/template_secrets.py +112 -0
forge/core/data/__init__.py +5 -0
forge/core/data/model_catalog.yaml +1522 -0
forge/core/data/pricing.yaml +140 -0
forge/core/data/system_prompt_addendums/__init__.py +0 -0
forge/core/data/system_prompt_addendums/gemini.md +330 -0
forge/core/data/system_prompt_addendums/openai.md +328 -0
forge/core/llm/__init__.py +231 -0
forge/core/llm/clients/__init__.py +14 -0
forge/core/llm/clients/base.py +115 -0
forge/core/llm/clients/litellm.py +619 -0
forge/core/llm/clients/openai_compat.py +244 -0
forge/core/llm/clients/openrouter.py +234 -0
forge/core/llm/credentials.py +439 -0
forge/core/llm/detection.py +86 -0
forge/core/llm/errors.py +44 -0
forge/core/llm/protocols.py +80 -0
forge/core/llm/types.py +176 -0
forge/core/logging.py +146 -0
forge/core/models/__init__.py +91 -0
forge/core/models/catalog.py +467 -0
forge/core/models/pricing.py +165 -0
forge/core/models/types.py +167 -0
forge/core/naming.py +212 -0
forge/core/ops/__init__.py +73 -0
forge/core/ops/context.py +141 -0
forge/core/ops/gc.py +802 -0
forge/core/ops/proxy.py +146 -0
forge/core/ops/resolution.py +135 -0
forge/core/ops/session.py +344 -0
forge/core/ops/session_context.py +548 -0
forge/core/paths.py +38 -0
forge/core/process.py +54 -0
forge/core/reactive/__init__.py +38 -0
forge/core/reactive/cost_tracking.py +300 -0
forge/core/reactive/env.py +180 -0
forge/core/reactive/proxy.py +78 -0
forge/core/reactive/routing.py +622 -0
forge/core/reactive/session_runner.py +185 -0
forge/core/reactive/structured_output.py +62 -0
forge/core/reactive/tagger.py +94 -0
forge/core/reactive/throttle.py +132 -0
forge/core/state/__init__.py +59 -0
forge/core/state/exceptions.py +59 -0
forge/core/state/io.py +140 -0
forge/core/state/lock.py +99 -0
forge/core/state/timestamps.py +60 -0
forge/core/transcript.py +78 -0
forge/core/typing_helpers.py +24 -0
forge/core/workqueue/__init__.py +67 -0
forge/core/workqueue/queue.py +552 -0
forge/core/workqueue/types.py +63 -0
forge/guard/__init__.py +26 -0
forge/guard/deterministic/__init__.py +26 -0
forge/guard/deterministic/base.py +158 -0
forge/guard/deterministic/coding_standards.py +256 -0
forge/guard/deterministic/registry.py +148 -0
forge/guard/deterministic/tdd.py +171 -0
forge/guard/engine.py +216 -0
forge/guard/protocols.py +91 -0
forge/guard/queries.py +96 -0
forge/guard/semantic/__init__.py +34 -0
forge/guard/semantic/promotion.py +18 -0
forge/guard/semantic/supervisor.py +813 -0
forge/guard/semantic/verdict.py +183 -0
forge/guard/store.py +124 -0
forge/guard/team/__init__.py +6 -0
forge/guard/team/config.py +24 -0
forge/guard/team/handlers.py +209 -0
forge/guard/team/prompts.py +41 -0
forge/guard/types.py +125 -0
forge/guard/workflow/__init__.py +17 -0
forge/guard/workflow/branches.py +67 -0
forge/guard/workflow/config.py +63 -0
forge/guard/workflow/divergence.py +113 -0
forge/guard/workflow/policy.py +87 -0
forge/guard/workflow/stages.py +205 -0
forge/install/__init__.py +55 -0
forge/install/cli.py +281 -0
forge/install/exceptions.py +163 -0
forge/install/hooks.py +109 -0
forge/install/installer.py +1037 -0
forge/install/models.py +321 -0
forge/install/preset.py +272 -0
forge/install/settings_merge.py +831 -0
forge/install/tracking.py +238 -0
forge/install/version.py +141 -0
forge/proxy/__init__.py +0 -0
forge/proxy/base_client.py +181 -0
forge/proxy/client_adapter.py +476 -0
forge/proxy/client_factory.py +531 -0
forge/proxy/converters.py +1206 -0
forge/proxy/cost_logger.py +132 -0
forge/proxy/cost_tracker.py +242 -0
forge/proxy/data_models.py +338 -0
forge/proxy/error_hints.py +92 -0
forge/proxy/metrics.py +222 -0
forge/proxy/model_spec.py +158 -0
forge/proxy/proxies.py +333 -0
forge/proxy/proxy_identity.py +134 -0
forge/proxy/proxy_orchestrator.py +1018 -0
forge/proxy/proxy_startup.py +54 -0
forge/proxy/server.py +1561 -0
forge/proxy/utils.py +537 -0
forge/review/__init__.py +6 -0
forge/review/adversarial.py +111 -0
forge/review/consensus.py +236 -0
forge/review/engine.py +356 -0
forge/review/models.py +437 -0
forge/review/resources/__init__.py +5 -0
forge/review/resources/codereview-performance.md +85 -0
forge/review/resources/codereview-quick.md +75 -0
forge/review/resources/codereview-security.md +92 -0
forge/review/resources/codereview.md +85 -0
forge/review/resources/docreview-quick.md +75 -0
forge/review/resources/docreview.md +86 -0
forge/review/resources/thinkdeep.md +89 -0
forge/review/routing.py +368 -0
forge/review/synthesis.py +73 -0
forge/runtime_config.py +438 -0
forge/search/__init__.py +55 -0
forge/search/bm25_store.py +264 -0
forge/search/content_store.py +197 -0
forge/search/engine.py +352 -0
forge/search/exceptions.py +51 -0
forge/search/extractor.py +234 -0
forge/search/index_state.py +295 -0
forge/search/store.py +215 -0
forge/search/tokenizer.py +24 -0
forge/session/__init__.py +130 -0
forge/session/active.py +339 -0
forge/session/artifacts.py +202 -0
forge/session/claude/__init__.py +50 -0
forge/session/claude/cleanup.py +105 -0
forge/session/claude/invoke.py +236 -0
forge/session/claude/paths.py +200 -0
forge/session/cleanup.py +216 -0
forge/session/config.py +34 -0
forge/session/direct_model.py +107 -0
forge/session/effective.py +169 -0
forge/session/exceptions.py +255 -0
forge/session/handoff.py +881 -0
forge/session/handoff_agent.py +544 -0
forge/session/hooks/__init__.py +35 -0
forge/session/hooks/models.py +73 -0
forge/session/hooks/session_start.py +507 -0
forge/session/identity.py +84 -0
forge/session/index.py +553 -0
forge/session/manager.py +1506 -0
forge/session/models.py +572 -0
forge/session/overrides.py +344 -0
forge/session/plan_resolution.py +286 -0
forge/session/prev_sessions.py +128 -0
forge/session/store.py +431 -0
forge/session/validation.py +47 -0
forge/session/worktree/__init__.py +65 -0
forge/session/worktree/cleanup.py +262 -0
forge/session/worktree/config_copy.py +203 -0
forge/session/worktree/create.py +332 -0
forge/sidecar/__init__.py +29 -0
forge/sidecar/container.py +161 -0
forge/sidecar/docker.py +86 -0
forge/sidecar/secrets.py +19 -0
multi_forge-0.2.0.dist-info/METADATA +242 -0
multi_forge-0.2.0.dist-info/RECORD +311 -0
multi_forge-0.2.0.dist-info/WHEEL +4 -0
multi_forge-0.2.0.dist-info/entry_points.txt +2 -0
multi_forge-0.2.0.dist-info/licenses/LICENSE +203 -0
multi_forge-0.2.0.dist-info/licenses/NOTICE +14 -0

forge/review/models.py ADDED Viewed

@@ -0,0 +1,437 @@
+"""Data models for multi-model review.
+Defines model specifications, review results, and the default
+model catalog. Models declare identity and provider refs; concrete
+routing is derived at runtime by ``forge.review.routing``.
+"""
+from __future__ import annotations
+from dataclasses import dataclass, field, replace
+from typing import Literal
+PromptMode = Literal["override", "prefix"]
+@dataclass(frozen=True)
+class ModelSpec:
+    """A model backend for multi-model review.
+    Attributes:
+        name: Human-readable identifier (e.g., "gpt-5.5").
+        model_id: Forge-canonical model ID (e.g., "gpt-5.5").
+        family: Model family (e.g., "openai", "anthropic", "gemini").
+        provider_refs: Ordered provider preference as (namespace, model_ref)
+            pairs. ``("direct", "claude-opus-4-6")`` means direct Anthropic;
+            ``("openrouter", "openai/gpt-5.5")`` means OpenRouter routing.
+        description: What this model is good at.
+        preferred_proxy: Catalog recommendation for proxy routing (soft,
+            overridable). None for direct-only models.
+        prompt: Per-worker prompt override. When set, this worker receives
+            this prompt according to prompt_mode.
+        prompt_mode: "override" means prompt replaces the global prompt.
+            "prefix" means prompt is prepended to the global prompt as a hint.
+        worker_id: Stable key for JSON output. Defaults to ``name`` when None.
+    """
+    name: str
+    model_id: str
+    family: str
+    provider_refs: tuple[tuple[str, str], ...]
+    description: str
+    preferred_proxy: str | None = None
+    prompt: str | None = None
+    prompt_mode: PromptMode = "override"
+    worker_id: str | None = None
+    @property
+    def effective_worker_id(self) -> str:
+        """Stable key for result maps and JSON output."""
+        return self.worker_id if self.worker_id is not None else self.name
+@dataclass
+class ReviewResult:
+    """Result from one model's review."""
+    model_name: str
+    stdout: str
+    stderr: str
+    success: bool
+    duration_seconds: float
+    error: str | None = None
+@dataclass
+class MultiReviewOutput:
+    """Aggregate output from a multi-model review run."""
+    prompt: str
+    results: list[ReviewResult] = field(default_factory=list)
+    @property
+    def successful(self) -> int:
+        return sum(1 for r in self.results if r.success)
+    @property
+    def failed(self) -> int:
+        return sum(1 for r in self.results if not r.success)
+_CLAUDE_47_BOUNDED_REVIEW_PROMPT = """\
+You are the Claude Opus 4.7 bounded-review worker in a Forge quorum.
+Use the provided target and prompt as the complete task scope. Prefer concrete
+evidence over broad narrative: cite file:line locations for every substantive
+finding, quote only the minimum necessary code, and separate confirmed issues
+from hypotheses. Do not rely on vague prior referents or unstated conversation
+history. If the prompt lacks a needed target, say exactly what is missing.
+"""
+def _build_available_models() -> dict[str, ModelSpec]:
+    """Build available review models from the model catalog.
+    Model names derive from model_catalog.yaml so updating defaults is
+    a single YAML change. Provider-specific model refs come from the
+    corresponding proxy template tier configs.
+    """
+    from forge.core.models.catalog import get_default_model
+    openai_opus = get_default_model("openai", "opus")
+    gemini_opus = get_default_model("gemini", "opus")
+    anthropic_opus = get_default_model("anthropic", "opus")
+    deepseek_opus = get_default_model("deepseek", "opus")
+    minimax_opus = get_default_model("minimax", "opus")
+    qwen_opus = get_default_model("qwen", "opus")
+    glm_opus = get_default_model("glm", "opus")
+    kimi_opus = get_default_model("kimi", "opus")
+    return {
+        openai_opus: ModelSpec(
+            name=openai_opus,
+            model_id=openai_opus,
+            family="openai",
+            provider_refs=(("openrouter", "openai/gpt-5.5"), ("litellm", "openai/gpt-5.5")),
+            preferred_proxy="openrouter-openai",
+            description="Logical problems, systematic code review",
+        ),
+        gemini_opus: ModelSpec(
+            name=gemini_opus,
+            model_id=gemini_opus,
+            family="gemini",
+            provider_refs=(
+                ("openrouter", "google/gemini-3.1-pro-preview"),
+                ("litellm", "google/gemini-3.1-pro-preview"),
+            ),
+            preferred_proxy="openrouter-gemini",
+            description="Balanced analysis, pragmatic suggestions, large context",
+        ),
+        deepseek_opus: ModelSpec(
+            name=deepseek_opus,
+            model_id=deepseek_opus,
+            family="deepseek",
+            provider_refs=(("openrouter", "deepseek/deepseek-v4-pro"),),
+            preferred_proxy="openrouter-deepseek",
+            description="Cost-efficient reasoning, strong code analysis",
+        ),
+        minimax_opus: ModelSpec(
+            name=minimax_opus,
+            model_id=minimax_opus,
+            family="minimax",
+            provider_refs=(("openrouter", "minimax/minimax-m2.7"),),
+            preferred_proxy="openrouter-minimax",
+            description="Cost-efficient agentic analysis, broad coverage",
+        ),
+        qwen_opus: ModelSpec(
+            name=qwen_opus,
+            model_id=qwen_opus,
+            family="qwen",
+            provider_refs=(("openrouter", "qwen/qwen3.6-max-preview"),),
+            preferred_proxy="openrouter-qwen",
+            description="Large context multilingual analysis",
+        ),
+        glm_opus: ModelSpec(
+            name=glm_opus,
+            model_id=glm_opus,
+            family="glm",
+            provider_refs=(("openrouter", "z-ai/glm-5.1"),),
+            preferred_proxy="openrouter-glm",
+            description="Cost-efficient general analysis",
+        ),
+        kimi_opus: ModelSpec(
+            name=kimi_opus,
+            model_id=kimi_opus,
+            family="kimi",
+            provider_refs=(("openrouter", "moonshotai/kimi-k2.6"),),
+            preferred_proxy="openrouter-kimi",
+            description="Agentic code generation and analysis",
+        ),
+        "claude-opus": ModelSpec(
+            name="claude-opus",
+            model_id="claude-opus",
+            family="anthropic",
+            provider_refs=(("direct", anthropic_opus),),
+            description="Deep architectural analysis, complex reasoning",
+        ),
+        "claude-opus-4.6": ModelSpec(
+            name="claude-opus-4.6",
+            model_id="claude-opus-4.6",
+            family="anthropic",
+            provider_refs=(("direct", "claude-opus-4-6"),),
+            description="Stable Claude Opus 4.6 direct worker",
+        ),
+        "claude-opus-4.6-1m": ModelSpec(
+            name="claude-opus-4.6-1m",
+            model_id="claude-opus-4.6-1m",
+            family="anthropic",
+            provider_refs=(("direct", "claude-opus-4-6[1m]"),),
+            description="Stable Claude Opus 4.6 direct worker with 1M context pin",
+        ),
+        "claude-opus-4.7": ModelSpec(
+            name="claude-opus-4.7",
+            model_id="claude-opus-4.7",
+            family="anthropic",
+            provider_refs=(("direct", "claude-opus-4-7"),),
+            description="Bounded single-shot review and quorum dissent",
+            prompt=_CLAUDE_47_BOUNDED_REVIEW_PROMPT,
+            prompt_mode="prefix",
+        ),
+    }
+def _build_default_model_names() -> tuple[str, ...]:
+    """Return the semantically chosen default quorum model names."""
+    from forge.core.models.catalog import get_default_model
+    return (
+        get_default_model("openai", "opus"),
+        get_default_model("gemini", "opus"),
+        "claude-opus",
+    )
+def _build_model_aliases(available: dict[str, ModelSpec]) -> dict[str, str]:
+    """Return convenience aliases mapped to canonical workflow model names."""
+    from forge.core.models.catalog import get_compact_name, get_default_model
+    aliases: dict[str, str] = {}
+    for family in ("openai", "gemini", "deepseek", "minimax", "qwen", "glm", "kimi"):
+        canonical = get_default_model(family, "opus")
+        compact = get_compact_name(canonical)
+        if compact != canonical and compact not in available:
+            aliases[compact] = canonical
+    return aliases
+# Proxy_ids match Forge template names (forge proxy create <template>).
+AVAILABLE_MODELS: dict[str, ModelSpec] = _build_available_models()
+MODEL_ALIASES: dict[str, str] = _build_model_aliases(AVAILABLE_MODELS)
+_DEFAULT_MODEL_NAMES: tuple[str, ...] = _build_default_model_names()
+DEFAULT_MODELS: dict[str, ModelSpec] = {name: AVAILABLE_MODELS[name] for name in _DEFAULT_MODEL_NAMES}
+def resolve_model_specs(names_str: str | None) -> list[ModelSpec]:
+    """Parse comma-separated model names into ModelSpec list.
+    Returns all DEFAULT_MODELS when names_str is None.
+    Raises ValueError for unknown model names.
+    """
+    if not names_str:
+        return list(DEFAULT_MODELS.values())
+    names = [m.strip() for m in names_str.split(",")]
+    invalid = [m for m in names if m not in AVAILABLE_MODELS and m not in MODEL_ALIASES]
+    if invalid:
+        available = list(AVAILABLE_MODELS.keys()) + sorted(MODEL_ALIASES.keys())
+        raise ValueError(f"Unknown models: {invalid}. Available: {available}")
+    specs: list[ModelSpec] = []
+    for name in names:
+        if name in AVAILABLE_MODELS:
+            specs.append(AVAILABLE_MODELS[name])
+            continue
+        canonical = MODEL_ALIASES[name]
+        specs.append(replace(AVAILABLE_MODELS[canonical], worker_id=name))
+    return specs
+def available_model_specs() -> list[ModelSpec]:
+    """Return every selectable workflow model spec."""
+    return list(AVAILABLE_MODELS.values())
+@dataclass(frozen=True)
+class ModelAvailability:
+    """Availability status for a model backend."""
+    spec: ModelSpec
+    status: str  # "ready" | "unavailable" | "error"
+    reason: str  # empty when ready
+def check_model_availability(
+    specs: list[ModelSpec] | None = None,
+    timeout_s: float = 1.0,
+) -> list[ModelAvailability]:
+    """Check route availability for each model via the routing chain.
+    Delegates to ``resolve_subprocess_routing()`` per spec. Does not
+    fail on unavailable models -- returns status for each.
+    """
+    from forge.core.reactive.routing import resolve_subprocess_routing
+    from forge.review.routing import derive_model_routes
+    if specs is None:
+        specs = list(DEFAULT_MODELS.values())
+    results: list[ModelAvailability] = []
+    for spec in specs:
+        try:
+            routes = derive_model_routes(spec)
+            direct_only = bool(routes) and all(r.provider == "direct" for r in routes)
+            if direct_only:
+                from forge.core.auth.template_secrets import resolve_env_or_credential
+                if resolve_env_or_credential("ANTHROPIC_API_KEY"):
+                    results.append(ModelAvailability(spec=spec, status="ready", reason=""))
+                else:
+                    results.append(
+                        ModelAvailability(
+                            spec=spec,
+                            status="unavailable",
+                            reason="ANTHROPIC_API_KEY not configured",
+                        )
+                    )
+                continue
+            result = resolve_subprocess_routing(
+                preferred_proxy=spec.preferred_proxy,
+                routes=routes,
+                require_route=True,
+            )
+            if result.route is not None:
+                results.append(ModelAvailability(spec=spec, status="ready", reason=""))
+            else:
+                results.append(
+                    ModelAvailability(
+                        spec=spec,
+                        status="unavailable",
+                        reason=result.warning or "No compatible proxy found",
+                    )
+                )
+        except Exception as e:
+            results.append(ModelAvailability(spec=spec, status="error", reason=str(e)))
+    return results
+NAMED_ROLES: dict[str, str] = {
+    "security": ("Focus on security vulnerabilities, injection risks, " "auth bypasses, and data exposure."),
+    "performance": ("Focus on performance bottlenecks, memory usage, " "algorithmic complexity, and I/O patterns."),
+    "architecture": ("Focus on architectural alignment, coupling, " "abstraction quality, and design patterns."),
+    "maintainability": ("Focus on readability, complexity, test coverage, " "naming, and change isolation."),
+    "correctness": ("Focus on logical errors, edge cases, " "off-by-one errors, and invariant violations."),
+}
+_VALID_STANCES = frozenset({"for", "against", "neutral", "custom"})
+@dataclass
+class StanceSpec:
+    """A stance-injected worker for adversarial evaluation.
+    Attributes:
+        stance: One of "for", "against", "neutral", "custom".
+        stance_prompt: Text injected via ``{stance_prompt}`` replacement.
+        model: Which model runs this stance.
+        display_label: User-facing label for output. Falls back to stance when None.
+            Use for custom stances where the raw stance ("custom") is not informative.
+    """
+    stance: str
+    stance_prompt: str
+    model: ModelSpec
+    display_label: str | None = None
+    def __post_init__(self) -> None:
+        if self.stance not in _VALID_STANCES:
+            raise ValueError(f"Invalid stance '{self.stance}'. Must be one of: {sorted(_VALID_STANCES)}")
+    @property
+    def effective_label(self) -> str:
+        """Label for output display and worker naming."""
+        return self.display_label if self.display_label is not None else self.stance
+@dataclass
+class RoleSpec:
+    """A role-assigned worker for consensus building.
+    Unlike StanceSpec, role is not validated against a fixed set because
+    custom role prompts are first-class.
+    Attributes:
+        role: Role name (key from NAMED_ROLES) or "custom".
+        role_prompt: Text injected via ``{role_prompt}`` replacement.
+        model: Which model runs this role.
+        display_label: User-facing label for output. Falls back to role when None.
+    """
+    role: str
+    role_prompt: str
+    model: ModelSpec
+    display_label: str | None = None
+    @property
+    def effective_label(self) -> str:
+        """Label for output display and worker naming."""
+        return self.display_label if self.display_label is not None else self.role
+@dataclass
+class ConsensusOutput:
+    """Aggregate output from a two-round consensus workflow.
+    ``role_map`` keyed by worker_id is the authoritative role mapping
+    for disambiguation when duplicate models exist.
+    """
+    subject: str
+    roles: list[str] = field(default_factory=list)
+    round1_results: list[ReviewResult] = field(default_factory=list)
+    round2_results: list[ReviewResult] = field(default_factory=list)
+    role_map: dict[str, str] = field(default_factory=dict)
+    reconciliation_brief: str = ""
+    @property
+    def successful(self) -> int:
+        """Count successful workers in Round 2 (final output)."""
+        return sum(1 for r in self.round2_results if r.success)
+    @property
+    def failed(self) -> int:
+        """Count failed workers in Round 2 (final output)."""
+        return sum(1 for r in self.round2_results if not r.success)
+@dataclass
+class AdversarialOutput:
+    """Aggregate output from an adversarial evaluation run."""
+    resource_path: str
+    stances: list[str] = field(default_factory=list)
+    results: list[ReviewResult] = field(default_factory=list)
+    stance_map: dict[str, str] = field(default_factory=dict)
+    @property
+    def successful(self) -> int:
+        return sum(1 for r in self.results if r.success)
+    @property
+    def failed(self) -> int:
+        return sum(1 for r in self.results if not r.success)

forge/review/resources/__init__.py ADDED Viewed

@@ -0,0 +1,5 @@
+"""Bundled workflow resources for forge workflow subcommands.
+Loaded at runtime via importlib.resources so they work in both
+editable installs and wheel/pip installs.
+"""

forge/review/resources/codereview-performance.md ADDED Viewed

@@ -0,0 +1,85 @@
+# Performance-Focused Code Review
+```xml
+<role>
+You are a performance engineer performing a targeted performance audit.
+You identify bottlenecks, unnecessary allocations, blocking operations, and scalability issues.
+You provide actionable feedback with specific code references.
+</role>
+<behavior>
+- Read all code in scope before forming opinions
+- Cite specific file:line references for every finding
+- Focus exclusively on performance -- skip security, style, and architecture
+- Cover ALL files in ONE pass -- do not present partial results
+- Be specific: "O(n^2) loop at query.py:87 with unbounded input" not "might be slow"
+</behavior>
+<scope_constraints>
+- Review only what's in scope
+- Do not expand to adjacent code unless it affects hot paths
+- Distinguish hot paths from cold paths -- focus on what runs frequently
+</scope_constraints>
+```
+---
+## Review Framework
+### Algorithmic Complexity
+- Are there O(n^2) or worse loops on unbounded input?
+- Are there redundant iterations that could be combined?
+- Are data structures appropriate (list vs set vs dict for lookups)?
+- Are there opportunities for early termination?
+### Memory and Allocation
+- Unnecessary copies of large objects (deep copy, list slicing)?
+- Unbounded accumulation (lists/dicts that grow without limit)?
+- Large temporary objects that could be streamed or processed incrementally?
+- Missing cleanup of resources (file handles, connections, buffers)?
+### I/O and Concurrency
+- Blocking I/O in async contexts?
+- Sequential operations that could be parallelized?
+- N+1 query patterns (loop of individual queries vs batch)?
+- Missing connection pooling or excessive connection creation?
+### Caching and Reuse
+- Repeated computation of the same result?
+- Missing caching where data is read-heavy and write-rare?
+- Cache invalidation correctness (stale data risks)?
+- Unnecessary cache (data used once, cache adds overhead)?
+---
+## Output Format
+```xml
+<output_format>
+## Summary
+1-2 sentence assessment of overall performance characteristics
+## Findings
+| Severity | Category | Issue | Location |
+|----------|----------|-------|----------|
+Severities: CRITICAL > HIGH > MEDIUM > LOW
+## Recommendations
+Top 3-5 fixes, prioritized by severity and effort
+## Strengths
+Correct implementations worth preserving
+</output_format>
+<output_constraints>
+- Each finding: 1-2 sentences with file:line reference
+- Use tables for structured data
+- No verbose narratives or filler
+- Do not restate the review request
+</output_constraints>
+```

forge/review/resources/codereview-quick.md ADDED Viewed

@@ -0,0 +1,75 @@
+# Quick Code Review
+```xml
+<role>
+You are a senior code reviewer performing a rapid assessment.
+You identify only the most important issues -- skip minor concerns.
+You provide actionable feedback with specific code references.
+</role>
+<behavior>
+- Scan all code in scope quickly
+- Cite specific file:line references for every finding
+- Report only CRITICAL and HIGH severity findings
+- Cover ALL files in ONE pass -- do not present partial results
+- Be specific and concise: one sentence per finding
+</behavior>
+<scope_constraints>
+- Review only what's in scope
+- Do not expand to adjacent code
+- Skip style, naming, documentation, and minor improvements
+</scope_constraints>
+```
+---
+## Review Framework
+Focus on the most impactful categories only:
+### Correctness
+- Logic errors that produce wrong results
+- Unhandled edge cases that cause crashes or data loss
+- Race conditions or concurrency bugs
+### Security
+- Obvious injection or auth bypass vulnerabilities
+- Hardcoded secrets or exposed credentials
+### Reliability
+- Missing error handling on failure-prone operations
+- Resource leaks (unclosed files, connections)
+---
+## Output Format
+```xml
+<output_format>
+## Summary
+1-2 sentence assessment of overall code quality
+## Findings
+| Severity | Category | Issue | Location |
+|----------|----------|-------|----------|
+Severities: CRITICAL > HIGH > MEDIUM > LOW
+## Recommendations
+Top 3-5 fixes, prioritized by severity and effort
+## Strengths
+Correct implementations worth preserving
+</output_format>
+<output_constraints>
+- Each finding: 1-2 sentences with file:line reference
+- Use tables for structured data
+- No verbose narratives or filler
+- Do not restate the review request
+</output_constraints>
+```

forge/review/resources/codereview-security.md ADDED Viewed

@@ -0,0 +1,92 @@
+# Security-Focused Code Review
+```xml
+<role>
+You are a security specialist performing a targeted security audit.
+You identify vulnerabilities, injection vectors, auth gaps, and data exposure risks.
+You provide actionable feedback with specific code references.
+</role>
+<behavior>
+- Read all code in scope before forming opinions
+- Cite specific file:line references for every finding
+- Focus exclusively on security concerns -- skip style, performance, and architecture
+- Cover ALL files in ONE pass -- do not present partial results
+- Be specific: "SQL injection via unsanitized input at db.py:23" not "might have security issues"
+</behavior>
+<scope_constraints>
+- Review only what's in scope
+- Do not expand to adjacent code unless it affects trust boundaries
+- Trace data flow from untrusted inputs to sensitive operations
+</scope_constraints>
+```
+---
+## Review Framework
+### Input Validation
+- Are all external inputs validated at trust boundaries?
+- Are there paths where user input reaches sensitive operations unvalidated?
+- Is validation applied consistently (not just on some endpoints)?
+- Are error messages safe (no stack traces, internal paths, or secrets)?
+### Injection Vectors
+- Command injection: shell commands built from user input?
+- SQL injection: queries built with string concatenation?
+- Path traversal: file operations with user-controlled paths?
+- XSS: user content rendered without escaping?
+- Template injection: user data interpolated into templates?
+### Authentication and Authorization
+- Are auth checks applied consistently to all protected resources?
+- Are there endpoints or paths that bypass auth?
+- Are tokens, sessions, and credentials handled safely?
+- Is the principle of least privilege followed?
+### Secrets and Data Exposure
+- Are secrets hardcoded in source, config, or logs?
+- Are sensitive fields (passwords, tokens, PII) logged or exposed in errors?
+- Are API keys or credentials committed to version control?
+- Is sensitive data encrypted at rest and in transit?
+### Dependency Security
+- Are there known vulnerable dependencies?
+- Are dependencies pinned to avoid supply chain attacks?
+- Are untrusted dependencies sandboxed or audited?
+---
+## Output Format
+```xml
+<output_format>
+## Summary
+1-2 sentence assessment of overall security posture
+## Findings
+| Severity | Category | Issue | Location |
+|----------|----------|-------|----------|
+Severities: CRITICAL > HIGH > MEDIUM > LOW
+## Recommendations
+Top 3-5 fixes, prioritized by severity and effort
+## Strengths
+Correct implementations worth preserving
+</output_format>
+<output_constraints>
+- Each finding: 1-2 sentences with file:line reference
+- Use tables for structured data
+- No verbose narratives or filler
+- Do not restate the review request
+</output_constraints>
+```