npm - @theglitchking/gimme-the-lint - Versions diffs - 2.1.0 → 2.2.0 - Mend

@theglitchking/gimme-the-lint 2.1.0 → 2.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/.claude-plugin/marketplace.json +4 -3
package/.claude-plugin/plugin.json +4 -3
package/CHANGELOG.md +19 -0
package/README.md +37 -19
package/lib/adapters/ansible.js +99 -0
package/lib/adapters/index.js +2 -0
package/lib/linter-configs.js +1 -0
package/lib/project-model.js +2 -0
package/package.json +5 -3
package/templates/.ansible-lint.template.yml +20 -0

package/.claude-plugin/marketplace.json CHANGED Viewed

@@ -6,13 +6,13 @@
   },
   "metadata": {
     "description": "Official marketplace for gimme-the-lint - polyglot progressive linting with per-app baselines and drift detection",
-    "version": "2.1.0"
+    "version": "2.2.0"
   },
   "plugins": [
     {
       "name": "gimme-the-lint",
-      "description": "Polyglot progressive linting for monorepos — adapter-driven baselines, per-app drift detection, and idempotent skips across JavaScript/TypeScript, Python, Go, Rust, and Terraform.",
-      "version": "2.1.0",
+      "description": "Polyglot progressive linting for monorepos — adapter-driven baselines, per-app drift detection, and idempotent skips across JavaScript/TypeScript, Python, Go, Rust, Terraform, and Ansible.",
+      "version": "2.2.0",
       "author": {
         "name": "TheGlitchKing"
       },
@@ -32,6 +32,7 @@
         "clippy",
         "tflint",
         "terraform",
+        "ansible-lint",
         "claude-code"
       ],
       "category": "productivity",

package/.claude-plugin/plugin.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "gimme-the-lint",
-  "description": "Polyglot progressive linting for monorepos — adapter-driven baselines, per-app drift detection, and idempotent skips across JavaScript/TypeScript, Python, Go, Rust, and Terraform.",
-  "version": "2.1.0",
+  "description": "Polyglot progressive linting for monorepos — adapter-driven baselines, per-app drift detection, and idempotent skips across JavaScript/TypeScript, Python, Go, Rust, Terraform, and Ansible.",
+  "version": "2.2.0",
   "author": {
     "name": "TheGlitchKing",
     "email": "theglitchking@users.noreply.github.com"
@@ -21,6 +21,7 @@
     "golangci-lint",
     "clippy",
     "tflint",
-    "terraform"
+    "terraform",
+    "ansible-lint"
   ]
 }

package/CHANGELOG.md CHANGED Viewed

@@ -5,6 +5,25 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+## [2.2.0] - 2026-05-17
+### Added
+- **Ansible support** via a new `ansible-lint` adapter. ansible-lint plugs into
+  the progressive-lint engine like every other linter: it runs
+  `ansible-lint -f codeclimate`, parses the CodeClimate JSON report, and only
+  new violations block. Supports `--fix`.
+- **Manifest-based discovery** for Ansible: a directory containing `ansible.cfg`
+  or `galaxy.yml` is auto-discovered and bound to `ansible-lint`. Ansible
+  playbooks are plain YAML with no manifest, so detection keys off those
+  unambiguous markers rather than a file extension (a YAML scan would match
+  nearly every repo). An Ansible repo with neither marker needs an explicit
+  `apps` entry in `gimme-the-lint.config.js`.
+- **Ansible best-practice config** — `install` seeds `.ansible-lint` with the
+  `moderate` profile (the strictness lever; raise to `safety` / `production`).
+- README now documents every supported codebase with a default-rules summary
+  and the strictness lever for each; `.documentation/lint-rules-guide.md` adds
+  a full Ansible section.
 ## [2.1.0] - 2026-05-17
 ### Added

package/README.md CHANGED Viewed

@@ -19,7 +19,7 @@ stuff at its own pace; meanwhile no new mess gets in.
 **v2.0** generalizes that idea to any linter and any language. It is no longer
 "ESLint + Ruff for webapps" — it is a progressive-lint **engine** with a
 pluggable **linter adapter** for each tool, across **JavaScript/TypeScript, Python,
-Go, Rust, and Terraform**, in **any monorepo shape**.
+Go, Rust, Terraform, and Ansible**, in **any monorepo shape**.
 ---
@@ -38,10 +38,10 @@ is ever flagged. (In v1 this job was outsourced to the third-party
 Each app is bound to the linters its package manifest implies — `package.json`
 → ESLint, `pyproject.toml` → Ruff, `go.mod` → golangci-lint, `Cargo.toml` →
-Clippy, `biome.json` → Biome. Terraform has no manifest, so a directory of
-`*.tf` / `*.tofu` files binds to tflint by extension. Drift detection runs per
-app, so a config or linter-version change in one app never churns the baselines
-of another.
+Clippy, `biome.json` → Biome, `ansible.cfg` / `galaxy.yml` → ansible-lint.
+Terraform has no manifest, so a directory of `*.tf` / `*.tofu` files binds to
+tflint by extension. Drift detection runs per app, so a config or linter-version
+change in one app never churns the baselines of another.
 ---
@@ -50,7 +50,7 @@ of another.
 - **Progressive linting** — only new violations block; existing ones are baselined
 - **In-house diff engine** — line/column-independent fingerprints survive code shifts
 - **Pluggable linter adapters** — the choice of linter is config, not a hardcode
-- **Polyglot** — JavaScript/TypeScript, Python, Go, Rust, Terraform out of the box
+- **Polyglot** — JavaScript/TypeScript, Python, Go, Rust, Terraform, Ansible out of the box
 - **Per-app model** — auto-discovers every package in a monorepo; no `frontend/`
   + `backend/` assumption
 - **Per-app drift detection** — app add/remove, config change, linter version, age
@@ -75,21 +75,37 @@ of another.
 | Go | `golangci-lint` | `go.mod` |
 | Rust | `clippy` (`cargo clippy`) | `Cargo.toml` |
 | Terraform / OpenTofu | `tflint` | `*.tf` / `*.tofu` files (no manifest) |
+| Ansible | `ansible-lint` | `ansible.cfg`, `galaxy.yml` |
 ## Shipped lint configs
 `install` seeds every discovered app with a best-practice ("recommended" tier)
-config for its linter — `eslint.config.js` + `.prettierrc.json`, `biome.json`,
-`pyproject.toml` `[tool.ruff]`, `.golangci.yml`, `clippy.toml` + `Cargo.toml`
-`[lints.clippy]`, `.tflint.hcl` — plus a repo-root `.gitleaks.toml`. Configs are
-**created only if absent**; your own config is never overwritten.
-Every shipped config carries a **security layer**: gitleaks scans all files for
-secrets (passwords, SSL/private keys, tokens) and always blocks, while each
-linter adds language-specific security rules (`gosec`, Ruff `S` / flake8-bandit,
-`eslint-plugin-security`, Biome's `security` group). See
-[`.documentation/lint-rules-guide.md`](.documentation/lint-rules-guide.md) for
-the baseline rules per codebase and how to adjust them.
+config for its linter — **created only if absent**, so your own config is never
+overwritten. Each ships a sensible default rule set and a single **lever** to
+dial strictness up or down:
+| Codebase | Linter | Default rules (recommended tier) | Strictness lever |
+|----------|--------|----------------------------------|------------------|
+| JS/TS | ESLint | `@eslint/js` + React recommended, import-architecture guards, security plugins, Prettier-compatible | rules block in `eslint.config.js` |
+| JS/TS | Biome | recommended set + full `security` group + console/complexity rules | rule levels in `biome.json` |
+| Python | Ruff | pyflakes / pycodestyle / isort / bugbear / pyupgrade + `S` security + comprehensions / simplify | `select` / `ignore` in `pyproject.toml` |
+| Go | golangci-lint | `standard` set + correctness & quality linters + `gosec` | `linters.enable` in `.golangci.yml` |
+| Rust | Clippy | `pedantic` + `cargo` at `warn`, noisy lints allowed back | `[lints.clippy]` levels in `Cargo.toml` |
+| Terraform | tflint | bundled `terraform` ruleset, `recommended` preset | `preset` in `.tflint.hcl` (`recommended` → `all`) |
+| Ansible | ansible-lint | `moderate` profile | `profile` in `.ansible-lint` (`min` → `production`) |
+| Secrets (all) | gitleaks | default ruleset + key / password rules — **always blocks** | `[allowlist]` in `.gitleaks.toml` |
+Every shipped config carries a **security layer**. gitleaks scans every file in
+every codebase for secrets (passwords, SSL/private keys, tokens) and always
+blocks — secrets are never baselined. Each linter adds language-specific
+security rules on top (`gosec`, Ruff `S` / flake8-bandit, `eslint-plugin-security`,
+Biome's `security` group), which follow normal progressive baselining.
+To go stricter, pull the lever in the table above — because violations are
+progressively baselined, raising strictness never blocks existing code, only new
+code is held to the higher bar. Full per-codebase detail — every default rule
+and how to adjust it — is in
+[`.documentation/lint-rules-guide.md`](.documentation/lint-rules-guide.md).
 ---
@@ -284,7 +300,8 @@ lib/
 ├── diff-engine.js      pure diff: new vs baselined vs fixed
 ├── baseline-store.js   one baseline.json format for every linter
 ├── adapters/           one adapter per linter (eslint, biome, ruff,
-│                       golangci-lint, clippy, tflint) + the base contract
+│                       golangci-lint, clippy, tflint, ansible-lint)
+│                       + the base contract
 ├── project-model.js    discovers apps + binds them to linters
 ├── units.js            resolves apps → {dir, linters, baseline path}
 ├── check.js            runCheck: lint → diff → report
@@ -304,7 +321,8 @@ git hooks, GitHub Action and Claude Code plugin are thin front doors over it.
 - **Node.js** >= 20
 - **Git** (for hooks and staged-file detection)
 - A linter for each language you use (`eslint`/`biome`, `ruff`, `golangci-lint`,
-  `clippy`, `tflint`) — any language whose linter is absent is simply skipped
+  `clippy`, `tflint`, `ansible-lint`) — any language whose linter is absent is
+  simply skipped
 ## License

package/lib/adapters/ansible.js ADDED Viewed

@@ -0,0 +1,99 @@
+'use strict';
+const { LinterAdapter } = require('./adapter');
+const { createViolation, SEVERITY } = require('../violation');
+// ansible-lint adapter. ansible-lint is the de-facto linter for Ansible
+// playbooks, roles and collections; `-f codeclimate` emits a machine-readable
+// JSON report. Ansible has no manifest file and playbooks are plain YAML, so
+// detection keys off the unambiguous Ansible markers `ansible.cfg` and
+// `galaxy.yml` — a YAML extension scan would match virtually every repo.
+// ansible-lint auto-discovers playbooks/roles from the directory it runs in.
+const ANSIBLE_CONFIG_FILES = ['.ansible-lint', '.config/ansible-lint.yml'];
+/** Map an ansible-lint (CodeClimate) severity onto a NormalizedViolation severity. */
+function mapSeverity(severity) {
+  switch (String(severity).toLowerCase()) {
+    case 'info':
+      return SEVERITY.INFO;
+    case 'minor':
+      return SEVERITY.WARNING;
+    case 'major':
+    case 'critical':
+    case 'blocker':
+      return SEVERITY.ERROR;
+    default:
+      return SEVERITY.WARNING;
+  }
+}
+class AnsibleLintAdapter extends LinterAdapter {
+  get id() {
+    return 'ansible-lint';
+  }
+  get languages() {
+    return ['ansible'];
+  }
+  get supportsFix() {
+    return true;
+  }
+  get manifestFiles() {
+    return ['ansible.cfg', 'galaxy.yml'];
+  }
+  // Ansible source is plain YAML — far too broad to scan by extension, so
+  // detection is manifest-only (see manifestFiles).
+  get sourceExtensions() {
+    return [];
+  }
+  configFiles() {
+    return ANSIBLE_CONFIG_FILES;
+  }
+  buildCommand(targets, opts = {}) {
+    const args = ['-f', 'codeclimate'];
+    if (opts.fix && this.supportsFix) args.push('--fix');
+    const paths = targets && targets.length ? targets.slice() : ['.'];
+    args.push(...paths);
+    return { cmd: this.binary, args, cwd: opts.cwd || this.projectRoot };
+  }
+  parse(stdout) {
+    const text = (stdout || '').trim();
+    if (!text) return [];
+    let report;
+    try {
+      report = JSON.parse(text);
+    } catch {
+      return [];
+    }
+    if (!Array.isArray(report)) return [];
+    return report.map((issue) => {
+      const loc = issue.location || {};
+      const lines = loc.lines || {};
+      const begin = (loc.positions && loc.positions.begin) || {};
+      // CodeClimate locations come as either { lines: { begin } } or
+      // { positions: { begin: { line, column } } }.
+      let line = lines.begin != null ? lines.begin : begin.line;
+      if (line && typeof line === 'object') line = line.line;
+      return createViolation({
+        file: this._relativize(loc.path || ''),
+        line: Number(line) || 0,
+        col: Number(begin.column) || 0,
+        ruleId: issue.check_name || 'ansible-lint',
+        severity: mapSeverity(issue.severity),
+        message: issue.description || '',
+        source: 'ansible-lint',
+      });
+    });
+  }
+}
+module.exports = AnsibleLintAdapter;

package/lib/adapters/index.js CHANGED Viewed

@@ -7,6 +7,7 @@ const RuffAdapter = require('./ruff');
 const GolangciLintAdapter = require('./golangci-lint');
 const ClippyAdapter = require('./clippy');
 const TflintAdapter = require('./tflint');
+const AnsibleLintAdapter = require('./ansible');
 // The adapter registry. `tool` strings in gimme-the-lint.config.js resolve to
 // concrete adapters here. Adding a language to gimme-the-lint means adding one
@@ -19,6 +20,7 @@ const REGISTRY = {
   'golangci-lint': GolangciLintAdapter,
   clippy: ClippyAdapter,
   tflint: TflintAdapter,
+  'ansible-lint': AnsibleLintAdapter,
 };
 /** Construct an adapter instance by id. Throws on an unknown id. */

package/lib/linter-configs.js CHANGED Viewed

@@ -23,6 +23,7 @@ const LINTER_CONFIGS = {
   'golangci-lint': { template: '.golangci.template.yml', dest: '.golangci.yml' },
   tflint: { template: '.tflint.template.hcl', dest: '.tflint.hcl' },
   clippy: { template: 'clippy.template.toml', dest: 'clippy.toml' },
+  'ansible-lint': { template: '.ansible-lint.template.yml', dest: '.ansible-lint' },
 };
 /** Copy one template into an app dir, create-if-absent. */

package/lib/project-model.js CHANGED Viewed

@@ -21,6 +21,8 @@ const MANIFEST_LINTERS = {
   'requirements.txt': 'ruff',
   'go.mod': 'golangci-lint',
   'Cargo.toml': 'clippy',
+  'ansible.cfg': 'ansible-lint',
+  'galaxy.yml': 'ansible-lint',
 };
 // Terraform / OpenTofu have no manifest file — a directory of *.tf (or *.tofu)

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@theglitchking/gimme-the-lint",
-  "version": "2.1.0",
-  "description": "Polyglot progressive linting for monorepos — adapter-driven baselines, per-app drift detection, and idempotent skips across JavaScript/TypeScript, Python, Go, Rust, and Terraform.",
+  "version": "2.2.0",
+  "description": "Polyglot progressive linting for monorepos — adapter-driven baselines, per-app drift detection, and idempotent skips across JavaScript/TypeScript, Python, Go, Rust, Terraform, and Ansible.",
   "keywords": [
     "linting",
     "progressive-linting",
@@ -23,7 +23,9 @@
     "rust",
     "tflint",
     "terraform",
-    "opentofu"
+    "opentofu",
+    "ansible-lint",
+    "ansible"
   ],
   "author": {
     "name": "TheGlitchKing",

package/templates/.ansible-lint.template.yml ADDED Viewed

@@ -0,0 +1,20 @@
+# Generated by gimme-the-lint — ansible-lint (recommended tier)
+#
+# `profile` is ansible-lint's strictness lever, from least to most strict:
+#   min -> basic -> moderate -> safety -> shared -> production
+# "moderate" is the recommended baseline. Raise to "safety" or "production"
+# for stricter enforcement.
+profile: moderate
+exclude_paths:
+  - .cache/
+  - .git/
+  - molecule/
+# Downgrade specific rules to non-blocking warnings:
+# warn_list:
+#   - experimental
+#
+# Skip specific rules entirely:
+# skip_list:
+#   - yaml[line-length]