Rules
alint ships 89 rule kinds across 13 families (several are short-name aliases for the same check, so the table below lists the distinct rules). Filter by name, category, or description, sort any column, and open a rule for its full reference. Each rule is one entry in your .alint.yml under rules:; browse a family’s overview from the sidebar.
| # | Rule | Category | Description |
|---|---|---|---|
| 1 | dir_absent | Existence | Directory counterpart of file_absent. |
| 2 | dir_exists | Existence | Directory counterpart of file_exists. |
| 3 | file_absent | Existence | No file matching paths may exist in the walked tree. |
| 4 | file_exists | Existence | Every glob match in paths must correspond to a real file. |
| 5 | file_content_forbidden | Content | File contents must NOT match a regex. |
| 6 | file_content_matches | Content | File contents must contain at least one match for a regex. |
| 7 | file_ends_with | Content | Byte-level prefix / suffix check. |
| 8 | file_footer | Content | Last lines lines of each file in scope must match a regex. |
| 9 | file_hash | Content | Content SHA-256 must equal the expected digest. |
| 10 | file_header | Content | The first N lines must match a regex (line-oriented). |
| 11 | file_is_ascii | Content | Every byte in the file must be < 0x80 (pure ASCII), except codepoints listed in allow:. |
| 12 | file_is_text | Content | Content is detected as text (magic bytes + UTF-8 validity check), fails on binary files matched by paths. |
| 13 | file_max_lines | Content | File must have at most max_lines lines, using the same accounting as file_min_lines. |
| 14 | file_max_size | Content | File must be at most max_bytes in size. |
| 15 | file_min_lines | Content | File must have at least min_lines lines (\n-terminated, with an unterminated trailing segment counting as one more, wc -l semantics). |
| 16 | file_min_size | Content | File must be at least min_bytes in size. |
| 17 | file_shebang | Content | First line of each file in scope must match the shebang regex. |
| 18 | file_starts_with | Content | Byte-level prefix / suffix check. |
| 19 | json_path_equals | Structured query | Query a structured document with a JSONPath expression and assert every match deep-equals the supplied value. |
| 20 | json_path_matches | Structured query | Same shape as the *_equals variants, but the asserted value is a **regex** matched against string values. |
| 21 | json_schema_passes | Structured query | Validate every JSON / YAML / TOML file in paths against a JSON Schema document. |
| 22 | toml_path_equals | Structured query | Query a structured document with a JSONPath expression and assert every match deep-equals the supplied value. |
| 23 | toml_path_matches | Structured query | Same shape as the *_equals variants, but the asserted value is a **regex** matched against string values. |
| 24 | xml_path_equals | Structured query | Query a structured document with a JSONPath expression and assert every match deep-equals the supplied value. |
| 25 | xml_path_matches | Structured query | Same shape as the *_equals variants, but the asserted value is a **regex** matched against string values. |
| 26 | yaml_path_equals | Structured query | Query a structured document with a JSONPath expression and assert every match deep-equals the supplied value. |
| 27 | yaml_path_matches | Structured query | Same shape as the *_equals variants, but the asserted value is a **regex** matched against string values. |
| 28 | filename_case | Naming | Basename (stem only or full) matches a case convention: snake, kebab, pascal, camel, screaming-snake, flat, lower, upper. |
| 29 | filename_regex | Naming | Basename matches a regex. |
| 30 | final_newline | Text hygiene | File must end with a single \n. |
| 31 | indent_style | Text hygiene | Every non-blank line indents with the configured style (tabs or spaces). |
| 32 | line_endings | Text hygiene | Every line ending matches target: lf or crlf. |
| 33 | line_max_width | Text hygiene | Cap line length in characters (not bytes, code points). |
| 34 | max_consecutive_blank_lines | Text hygiene | Cap runs of blank lines to max. |
| 35 | no_trailing_whitespace | Text hygiene | No line may end with space or tab. |
| 36 | no_bidi_controls | Security / Unicode sanity | Flag Trojan-Source bidi override characters (U+202A 202E, U+2066 2069). |
| 37 | no_merge_conflict_markers | Security / Unicode sanity | Flag <<<<<<<, =======, >>>>>>>, ||||||| markers at the start of a line, almost always left over from an unresolved merge. |
| 38 | no_zero_width_chars | Security / Unicode sanity | Flag body-internal zero-width characters (U+200B, U+200C, U+200D, and non-leading U+FEFF). |
| 39 | no_bom | Encoding | Flag a leading UTF-8 / UTF-16 LE/BE / UTF-32 LE/BE byte-order mark. |
| 40 | max_directory_depth | Structure | Tree depth from repo root may not exceed max_depth. |
| 41 | max_files_per_directory | Structure | Per-directory fanout may not exceed max_files. |
| 42 | no_empty_files | Structure | no_empty_files rule in alint''s structure family. |
| 43 | no_case_conflicts | Portable metadata | Flag paths that differ only by case (e.g. |
| 44 | no_illegal_windows_names | Portable metadata | Reject path components Windows can''t represent:. |
| 45 | executable_bit | Unix metadata | Assert every file in scope either has the +x bit set (require: true) or does not (require: false). |
| 46 | executable_has_shebang | Unix metadata | Every file with +x set must begin with #! |
| 47 | no_symlinks | Unix metadata | Flag tracked paths that are symbolic links. |
| 48 | shebang_has_executable | Unix metadata | Every file starting with #! must have +x set. |
| 49 | changeset_requires_path | Git hygiene | The <since>...HEAD diff must **add** (git status A) at least one path matching add_glob:, the "did you add a changelog entry?" gate. |
| 50 | commented_out_code | Git hygiene | Heuristic detector for blocks of commented-out source code (as opposed to prose comments, license headers, doc comments, or ASCII banners). |
| 51 | git_blame_age | Git hygiene | Fire on lines matching a regex whose git blame author-time is older than max_age_days. |
| 52 | git_commit_author_allowlist | Git hygiene | Assert every commit author in scope matches an allowed email and/or name pattern. |
| 53 | git_commit_gpg_signed | Git hygiene | Assert every commit in scope has a verifying signature (git verify-commit exits 0). |
| 54 | git_commit_message | Git hygiene | Validate commit-message shape via regex, max-subject-length, or required-body. |
| 55 | git_commit_no_fixup | Git hygiene | Fail on residual fixup! / squash! / amend! commits left in scope, the ones git commit --fixup / --squash produce, meant to be collapsed by. |
| 56 | git_commit_signed_off | Git hygiene | Assert every commit in scope carries a DCO (Developer Certificate of Origin) Signed-off-by: trailer, required by every CNCF / Linux. |
| 57 | git_commit_subject_matches | Git hygiene | Each commit''s subject line (the first line of its message) must match the matches: regex, the subject-grammar member of the commit family. |
| 58 | git_no_denied_paths | Git hygiene | Fire when any tracked file matches a configured glob denylist. |
| 59 | markdown_paths_resolve | Git hygiene | Validate that backticked workspace paths in markdown files resolve to real files or directories in the repo. |
| 60 | no_submodules | Git hygiene | Flag the presence of .gitmodules at the repo root, always, regardless of paths. |
| 61 | pair_changed_together | Git hygiene | If the <since>...HEAD diff changes any path matching if_changed:, at least one path matching then_changed: must change in the same range,. |
| 62 | command_idempotent | Cross-file | Run a user-declared formatter/checker in its **--check (idempotence) mode** once: exit 0 ⇒ the tree is formatter-clean (silent); non-zero ⇒. |
| 63 | cross_file | Cross-file | A source must hold a relation to one or more targets (or, for resolves, the filesystem). |
| 64 | dir_contains | Cross-file | Every directory matching select: must contain files matching every glob in require:. |
| 65 | dir_only_contains | Cross-file | Every direct-child file of a directory matching select: must match at least one glob in allow:. |
| 66 | every_matching_has | Cross-file | For every file or directory matching select:, every nested rule under require: must be satisfied. |
| 67 | file_graph | Cross-file | Assemble the repo''s *file → file* reference graph and assert a global structural property the 1-level cross-file kinds can''t express. |
| 68 | for_each_dir | Cross-file | For every matching directory / file, evaluate a nested require: block with the entry as context. |
| 69 | for_each_file | Cross-file | For every matching directory / file, evaluate a nested require: block with the entry as context. |
| 70 | for_each_match | Cross-file | For each line matching select (a regex), the line must satisfy the nested require: predicates. |
| 71 | generated_file_fresh | Cross-file | A committed artefact must equal what a declared command generator produces, in one of two modes (exactly one of file / outputs). |
| 72 | import_gate | Cross-file | Forbid imports whose **extracted target** matches a forbid regex, within the paths scope, an architectural import firewall (staging-layer. |
| 73 | ordered_block | Cross-file | The lines between a start / end marker pair must stay sorted (and, with unique: true, free of duplicates) under comparator (lexical /. |
| 74 | pair | Cross-file | For every file matching primary, a file matching the partner template must exist. |
| 75 | pair_hash | Cross-file | The algorithm digest (sha256 default / sha512) of every file matching source must appear in the single target file, either as an embedded. |
| 76 | registry_paths_resolve | Cross-file | A manifest file enumerates path entries; each must resolve to an on-disk artefact. |
| 77 | unique_by | Cross-file | No two files matching select may share the value of key (a path template; tokens {path}/{dir}/{basename}/{stem}/{ext}/{parent_name}). |
| 78 | command | Plugin (tier 1) | Shell out to an external CLI per matched file. |
No rules match that filter.