tally-cli 0.9.4 → 0.9.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +32 -15
  2. package/package.json +8 -8
package/README.md CHANGED
@@ -2,9 +2,10 @@
2
2
 
3
3
  [![codecov](https://codecov.io/gh/wharflab/tally/graph/badge.svg?token=J3vK0hyLkf)](https://codecov.io/gh/wharflab/tally)
4
4
 
5
- tally keeps Dockerfiles and Containerfiles clean, modern, and consistent using BuildKit's own parser and checks (the same foundation behind
6
- `docker buildx`) plus safe auto-fixes. It runs fast, doesn't require Docker Desktop or a daemon, and fits neatly into CI. If that sounds like your
7
- workflow, try `tally lint .`.
5
+ tally is a production-grade **Dockerfile/Containerfile linter + formatter** that keeps build files clean, modern, and consistent.
6
+
7
+ It uses **BuildKit's official parser and checks** (the same foundation behind `docker buildx`) plus a **safe auto-fix** engine. It runs fast,
8
+ doesn't require Docker Desktop or a daemon, and fits neatly into CI.
8
9
 
9
10
  ```bash
10
11
  # Lint everything in the repo (recursive)
@@ -14,7 +15,20 @@ tally lint .
14
15
  tally lint --fix Dockerfile
15
16
  ```
16
17
 
17
- ## Why tally?
18
+ ## Why tally
19
+
20
+ Modern Dockerfiles deserve modern tooling. tally is opinionated in the right places:
21
+
22
+ - **BuildKit-native**: understands modern syntax like heredocs, `RUN --mount=...`, `COPY --link`, and `ADD --checksum=...`.
23
+ - **Fixes, not just findings**: `--fix` applies safe, mechanical rewrites; `--fix-unsafe` unlocks opt-in risky fixes (including AI).
24
+ - **Modernizes on purpose**: converts eligible `RUN`/`COPY` instructions to heredocs, prefers `ADD --extract`, and more.
25
+ - **Broad rule coverage**: combines Docker's official BuildKit checks, Hadolint-compatible rules, and tally-specific rules.
26
+ - **Registry-aware without Docker**: uses a Podman-compatible registry client for image metadata checks (no daemon required).
27
+ - **Editor + CI friendly**: VS Code extension (`wharflab.tally`, powered by `tally lsp`) and outputs for JSON, SARIF, and GitHub Actions annotations.
28
+ - **Easy to install anywhere**: Homebrew, Go, npm, pip, and RubyGems.
29
+ - **Written in Go**: single fast binary, built on production-grade libraries.
30
+
31
+ Quality bar: **92% code coverage on Codecov** and **2,900+ Go tests executed in CI**.
18
32
 
19
33
  Dockerfile linting usually means picking a compromise:
20
34
 
@@ -23,16 +37,19 @@ Dockerfile linting usually means picking a compromise:
23
37
  - **`docker buildx --check`** runs Docker's official BuildKit checks, but it requires the Docker/buildx toolchain and can be heavier than a pure
24
38
  static linter (and not always available if you're using Podman/Finch/other runtimes).
25
39
 
26
- tally exists to bring modern linter ergonomics to container builds:
40
+ Roadmap: more auto-fixes, more Hadolint parity, richer registry-aware checks, and higher-level rules (cache & tmpfs mount recommendations,
41
+ tooling-aware checks for uv/bun, line-length and layer optimizations).
42
+
43
+ ## Optional: AI AutoFix via ACP
44
+
45
+ tally supports **opt-in AI AutoFix** for the kinds of improvements that are hard to express as a deterministic rewrite.
46
+
47
+ Instead of asking you for an API key, tally integrates with **ACP (Agent Client Protocol)** so you can use the agent you already trust (Gemini CLI,
48
+ OpenCode, GitHub Copilot CLI, and more), while tally keeps linting fast and validates proposed changes before applying them.
27
49
 
28
- - **BuildKit-native parsing**: understands modern syntax like heredocs, `RUN --mount=...`, and `ADD --checksum=...`.
29
- - **Fixes, not just findings**: applies safe, mechanical fixes automatically (`--fix`), with per-rule control when you need it.
30
- - **Easy to install anywhere**: available via Homebrew, Go, npm, pip, and RubyGems — so it can flow through your existing artifact mirrors.
31
- - **Container ecosystem friendly**: supports Dockerfile/Containerfile conventions and `.dockerignore`/`.containerignore`.
32
- - **A growing ruleset**: combines official BuildKit checks, Hadolint-compatible rules, and tally-specific rules.
50
+ AI fixes are **rule-driven** (one narrow transformation at a time) and **verified** (re-parse + re-lint) before anything is applied.
33
51
 
34
- Roadmap: editor integrations (VS Code, Zed), more auto-fixes, and higher-level rules (cache & tmpfs mount recommendations, tooling-aware checks for
35
- uv/bun, line-length and layer optimizations).
52
+ - Guide: [`docs/guide/ai-autofix-acp.md`](docs/guide/ai-autofix-acp.md)
36
53
 
37
54
  ## Supported Rules
38
55
 
@@ -41,9 +58,9 @@ tally integrates rules from multiple sources:
41
58
  <!-- BEGIN RULES_TABLE -->
42
59
  | Source | Rules | Description |
43
60
  |--------|-------|-------------|
44
- | **[BuildKit](https://docs.docker.com/reference/build-checks/)** | 22/22 rules | Docker's official Dockerfile checks (captured + reimplemented) |
45
- | **tally** | 9 rules | Custom rules including secret detection with [gitleaks](https://github.com/gitleaks/gitleaks) |
46
- | **[Hadolint](https://github.com/hadolint/hadolint)** | 37 rules | Hadolint-compatible Dockerfile rules (expanding) |
61
+ | **[BuildKit](https://docs.docker.com/reference/build-checks/)** | 22/22 rules | Docker's official Dockerfile checks, with auto-fix for many |
62
+ | **tally** | 9 rules | Custom modernization rules + secret detection via [gitleaks](https://github.com/gitleaks/gitleaks) |
63
+ | **[Hadolint](https://github.com/hadolint/hadolint)** | 37 rules | Hadolint-compatible Dockerfile rules, with auto-fix for many (intentionally excludes dependency pinning rules) |
47
64
  <!-- END RULES_TABLE -->
48
65
 
49
66
  **See [RULES.md](RULES.md) for the complete rules reference.**
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "tally-cli",
3
- "version": "0.9.4",
3
+ "version": "0.9.5",
4
4
  "description": "A fast, configurable linter for Dockerfiles and Containerfiles",
5
5
  "repository": {
6
6
  "type": "git",
@@ -31,13 +31,13 @@
31
31
  "node": ">=18.0.0"
32
32
  },
33
33
  "optionalDependencies": {
34
- "@wharflab/tally-darwin-arm64": "0.9.4",
35
- "@wharflab/tally-darwin-x64": "0.9.4",
36
- "@wharflab/tally-linux-arm64": "0.9.4",
37
- "@wharflab/tally-linux-x64": "0.9.4",
38
- "@wharflab/tally-windows-arm64": "0.9.4",
39
- "@wharflab/tally-windows-x64": "0.9.4",
40
- "@wharflab/tally-freebsd-x64": "0.9.4"
34
+ "@wharflab/tally-darwin-arm64": "0.9.5",
35
+ "@wharflab/tally-darwin-x64": "0.9.5",
36
+ "@wharflab/tally-linux-arm64": "0.9.5",
37
+ "@wharflab/tally-linux-x64": "0.9.5",
38
+ "@wharflab/tally-windows-arm64": "0.9.5",
39
+ "@wharflab/tally-windows-x64": "0.9.5",
40
+ "@wharflab/tally-freebsd-x64": "0.9.5"
41
41
  },
42
42
  "publishConfig": {
43
43
  "access": "public"