"We drink our own champagne."
Ferrous Forge MUST use itself for validation. This is non-negotiable.
If we don't use Ferrous Forge to validate Ferrous Forge, why should anyone else trust it? Dogfooding ensures:
- We feel the pain — If Forge is too strict, we fix it
- Real-world testing — We test features on ourselves before releasing
- Credibility — Users see we trust our own tool
- Continuous improvement — Daily usage reveals edge cases
Every commit to main must pass Ferrous Forge validation.
Our CI pipeline runs ferrous-forge validate on itself:
# .github/workflows/ci.yml
- name: Dogfood - Validate with Ferrous Forge
run: |
cargo install --path . --force
ferrous-forge validate . --locked-onlyAll maintainers must have Forge safety hooks installed:
# Every maintainer runs this
cargo install --path .
ferrous-forge init --project
ferrous-forge safety installReleases are blocked if Forge doesn't validate itself:
# In release workflow
./target/release/ferrous-forge validate . || exit 1Before every commit, ask yourself:
- Does
ferrous-forge validate .pass? - Are there any locked violations?
- Would this commit be blocked by the safety pipeline?
- Have I tested new features on this codebase?
Sometimes Forge is too strict on itself. This is a feature, not a bug.
If validation fails:
- Don't bypass — Fix the code or adjust the rule
- Document exceptions — If truly needed, document why
- Improve Forge — Maybe the rule needs tuning
There are NO permanent exceptions. Temporary bypasses are allowed for:
- Emergency hotfixes (with full audit trail)
- CI infrastructure issues
- Experimental features (in feature branches only)
We track our own dogfooding:
- Bypass Rate: Should be < 1% of commits
- Violation Trend: Should decrease over time
- Time to Fix: Average time from violation introduction to fix
Last self-validation: ✅ PASSING
Last bypass: 2026-03-21 (testing bypass system)
Bypass rate (30 days): 0.3%
If Ferrous Forge can't validate Ferrous Forge, it has no business validating your code.