Skip to content
alint

GitHub Actions

The official Action wraps the install.sh flow plus alint invocation into one step.

Inline PR annotations (default)

Section titled “Inline PR annotations (default)”
- uses: asamarts/alint@v0.13.0

This runs alint check --format github against . and emits findings as ::error:: / ::warning:: workflow commands, which GitHub renders inline on the PR.

Inputs (all optional)

Section titled “Inputs (all optional)”
- uses: asamarts/alint@v0.13.0
  with:
    version: v0.13.0        # release tag; omit to follow the pinned action ref
    path: .                # directory to lint (default: .)
    format: github         # human | json | sarif | github (default)
    config: |              # extra config path(s), one per line
      .alint.yml
    fail-on-warning: false
    args: ""               # extra CLI args appended verbatim

Upload findings to GitHub Code Scanning

Section titled “Upload findings to GitHub Code Scanning”

Use format: sarif and pipe to the standard upload action:

- uses: asamarts/alint@v0.13.0
  id: alint
  with:
    format: sarif
  continue-on-error: true
- uses: github/codeql-action/upload-sarif@v3
  if: always()
  with:
    sarif_file: ${{ steps.alint.outputs.sarif-file }}

continue-on-error: true is what lets the SARIF upload run even when alint finds issues — without it, a non-zero exit short-circuits the upload and the findings never reach Code Scanning.

Pin to a SHA

Section titled “Pin to a SHA”

For supply-chain hygiene (and to satisfy alint’s own ci/github-actions@v1 bundled ruleset), pin the action to a commit SHA:

- uses: asamarts/alint@<40-char-sha>  # v0.13.0

Look up the SHA on the tag page.

Validate PR commits with git_commit_message

Section titled “Validate PR commits with git_commit_message”

actions/checkout@v4 on a pull_request trigger checks out a synthetic merge commit, not the PR’s tip. The HEAD subject is then auto-generated (Merge <sha> into <sha>) and trips any git_commit_message rule applied to HEAD only. To validate the PR’s own commits instead, use the rule’s since: option together with actions/checkout’s full-history fetch:

.github/workflows/lint.yml
name: lint
on:
  pull_request:
    branches: [main]
jobs:
  alint:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        with:
          # `since:` walks <base>..HEAD. fetch-depth: 0 makes the
          # base ref reachable; the default depth of 1 leaves it
          # out of local objects and the rule will hard-fail with
          # a shallow-clone hint.
          fetch-depth: 0
      - name: alint check
        env:
          ALINT_BASE_SHA: ${{ github.event.pull_request.base.sha }}
        uses: asamarts/alint@v0.13.0

The rule in .alint.yml:

- id: pr-conventional-commits
  kind: git_commit_message
  pattern: '^(feat|fix|chore|docs|refactor|test|build|ci|perf|style|revert)(\(.+\))?!?: '
  subject_max_length: 72
  since: "{{env.ALINT_BASE_SHA | default('origin/main')}}"
  level: error

The {{env.ALINT_BASE_SHA | default('origin/main')}} default makes the same config work locally too: when you run alint check on your feature branch without setting the env var, the rule falls back to origin/main and validates everything since you branched. See the git_commit_message reference and variable interpolation for the full surface. (The older POSIX since: ${ALINT_BASE_SHA:-origin/main} form still works but is deprecated — alint prints a one-line migration hint at load.)