npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@pugi/plugin-quad-review

v0.1.0-alpha.2

Published

Pugi quad-review plugin - extends triple-review with a Historical Lens fourth reviewer that scans past closed PRs for confirmed regression patterns.

Downloads

295

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

pugi.devpugi.dev

Keywords

pugiconsensushistorical-lensquad-review

Readme

@pugi/plugin-quad-review

Pugi quad-review plugin - 4-model consensus gate with a Historical Lens reviewer that surfaces "this pattern caused a real production bug in PR#X before, the current diff brings it back" findings.

Part of the Pugi 1.0 soft fork sprint (see ADR-0081).

Status

Production-ready. 55 specs, deterministic rubric, isolated from @pugi/plugin-triple-review per ADR-0081 plugin-isolation rule.

When to use

Strictly stronger gate than triple-review. Reserve for production-critical pushes; for inner-loop reviews use @pugi/plugin-triple-review.

| Scenario | Recommended gate | | --------------------------------------- | ------------------------ | | DB migrations / schema changes | /quad-review | | Auth boundary touches | /quad-review | | Payments / billing | /quad-review | | Secrets handling | /quad-review | | RLS / authorisation rule changes | /quad-review | | Inner-loop refactor | /triple-review | | Docs-only PR | /triple-review | | Architectural change with security | /quad-review |

Reviewers (all 4 by default)

  1. Pugi ensemble (open-weight Qwen3-Coder + Kimi + DeepSeek via Anvil)
  2. Gemini Pro (Google direct)
  3. Claude Sonnet (Anthropic direct, fresh eyes)
  4. Historical Lens - new fourth reviewer. Scans past closed PRs touching the same files, surfaces lines from past PR review comments that match the regression-keyword filter, runs a risky-pattern grep on added diff lines, then asks the subagent to flag [REGRESSED] patterns that cite a real PR#<digits> from the corpus.

Extended rubric

In precedence order (highest first):

  1. Historical Lens ANY [REGRESSED] (with real PR#<digits> citation) -> BLOCK (overrides everything)
  2. Any reviewer [P0] -> BLOCK

  3. = 2 of 4 reviewers [P1] -> BLOCK

  4. exactly 1 reviewer [P1] -> WARN
  5. otherwise -> PASS

See ~/.claude/skills/quad-review/SKILL.md for the operator-facing spec.

Override semantics (two-tier)

Plain BLOCK (P0 / P1) is bypassed by EITHER:

  • --break-glass flag on the slash command, OR
  • Sentinel file .pugi/quad-review-override exists (any contents)

[REGRESSED] BLOCK is strictly stronger - it requires both signals:

  • --break-glass --confirm-regressed-override, OR
  • Sentinel file .pugi/quad-review-override whose body is exactly CONFIRM-REGRESSED-OVERRIDE

Every override event is journaled to .pugi/quad-review-overrides.jsonl so audit can replay it.

Hook surface

  • command.execute.before - intercepts /quad-review, fans out to the 4 reviewers, gathers historical corpus, runs the deterministic rubric, persists the verdict, surfaces a TUI block back to the user.

Install

pnpm add @pugi/plugin-quad-review

Usage

// pugi.config.ts
export default {
  plugin: ['@pugi/plugin-quad-review'],
};

Options

Every knob is optional; defaults match the /quad-review skill spec.

import quadReview from '@pugi/plugin-quad-review';

quadReview(input, {
  command: 'quad-review',
  diffBaseRef: 'origin/main',
  maxDiffBytes: 200_000,
  historicalPrLimit: 5,
  changedFileLimit: 10,
  historicalKeywordRegex: /regress|broke|fix later|TODO|HACK|XXX|known issue|reverted|rollback/i,
  riskyPatternRegex: /mutex|race|deadlock|leak|eval\(|exec\(|drop table|truncate|unsafe|nosec|skip[- ]auth/i,
  historicalSubagentType: 'code-reviewer',
  logDir: '.pugi/quad-review-log',
  overrideSentinel: '.pugi/quad-review-override',
  overrideLogFile: '.pugi/quad-review-overrides.jsonl',
});

Plugin isolation (ADR-0081)

@pugi/plugin-quad-review does NOT import from @pugi/plugin-triple-review or any other @pugi/plugin-*. The shared diff-capture, prompt, parser, and filter logic is duplicated by design so each plugin can be upgraded independently. The duplication is documented at the top of every duplicated file.

License

MIT. See LICENSE.