feat(forge): add TOML configuration files for validation system

echobt · echobt · commit 5982eb7fd5f4 · 2026-02-02T19:35:08.000Z
diff --git a/.cortex/forge/agents/aggregator/rules.toml b/.cortex/forge/agents/aggregator/rules.toml
@@ -0,0 +1,26 @@
+# Aggregator Agent Rules Configuration
+
+[agent]
+id = "aggregator"
+name = "Result Aggregator"
+description = "Collects and summarizes all validation results"
+enabled = true
+# Always runs last
+priority = -1
+
+[thresholds]
+# Maximum allowed errors before blocking
+max_errors = 0
+# Maximum allowed warnings
+max_warnings = 10
+# Require all agents to pass
+require_all_pass = true
+
+[actions]
+# What to do when validation passes
+on_pass = "proceed"
+# What to do when validation fails
+on_fail = "block"
+# Generate summary report
+generate_report = true
+report_format = "markdown"
diff --git a/.cortex/forge/agents/quality/rules.toml b/.cortex/forge/agents/quality/rules.toml
@@ -0,0 +1,38 @@
+# Quality Agent Rules Configuration
+
+[agent]
+id = "quality"
+name = "Code Quality Validator"
+description = "Enforces code quality standards and best practices"
+enabled = true
+
+[rules.todo_comments]
+enabled = true
+severity = "warning"
+description = "Find TODO/FIXME/HACK comments"
+patterns = ["TODO", "FIXME", "XXX", "HACK"]
+max_allowed = 0
+
+[rules.unimplemented_code]
+enabled = true
+severity = "error"
+description = "Detect unimplemented!() and todo!() macros"
+
+[rules.error_handling]
+enabled = true
+severity = "warning"
+description = "Check for unwrap() without context"
+allow_in_tests = true
+
+[rules.dead_code]
+enabled = false  # Often handled by compiler
+severity = "info"
+description = "Detect potentially unused code"
+
+[rules.documentation]
+enabled = true
+severity = "info"
+description = "Check for missing documentation on public items"
+require_module_docs = true
+require_function_docs = true
+min_doc_length = 10
diff --git a/.cortex/forge/agents/security/rules.toml b/.cortex/forge/agents/security/rules.toml
@@ -0,0 +1,37 @@
+# Security Agent Rules Configuration
+
+[agent]
+id = "security"
+name = "Security Validator"
+description = "Checks for security vulnerabilities and best practices"
+enabled = true
+
+[rules.secrets_exposed]
+enabled = true
+severity = "error"
+description = "Detect hardcoded secrets and API keys"
+patterns = [
+    "(?i)(api[_-]?key|apikey)\\s*[=:]\\s*['\"][^'\"]{8,}['\"]",
+    "(?i)(secret|password|passwd|pwd)\\s*[=:]\\s*['\"][^'\"]+['\"]",
+    "(?i)(token|bearer)\\s*[=:]\\s*['\"][^'\"]{16,}['\"]",
+]
+exclude_patterns = ["*.test.rs", "*_test.go", "*.spec.ts"]
+
+[rules.dependencies_audit]
+enabled = true
+severity = "warning"
+description = "Check for known vulnerable dependencies"
+check_cargo_lock = true
+check_package_lock = true
+
+[rules.unsafe_code]
+enabled = true
+severity = "warning"
+description = "Detect unsafe blocks without safety comments"
+require_safety_comment = true
+allowed_files = ["src/ffi/*.rs", "src/sys/*.rs"]
+
+[rules.input_validation]
+enabled = true
+severity = "info"
+description = "Check for proper input validation patterns"
diff --git a/.cortex/forge/forge.toml b/.cortex/forge/forge.toml
@@ -0,0 +1,22 @@
+# Forge Orchestration Configuration
+
+[global]
+# Maximum parallel agent executions
+max_parallel = 4
+# Timeout for each agent in seconds
+timeout_seconds = 300
+# Stop on first failure
+fail_fast = false
+# Output format: "json", "pretty", "minimal"
+output_format = "pretty"
+
+[agents]
+# Enable/disable specific agents
+security = true
+quality = true
+aggregator = true
+
+# Agent execution order and dependencies
+[dependencies]
+# aggregator runs after security and quality complete
+aggregator = ["security", "quality"]
