Case studies: 30 OSS repos, working .alint.yml for each.
Real configs from real production repos. For each, the existing structural-validation tooling is inventoried, mapped to alint primitives, and compared. Cards below organised by the five shapes of project where alint earns its keep, plus a polyglot wins section. Click through for the full writeup, the working config, and the gap catalogue.
Replaces N hand-rolled validation scripts
- kubernetes
50 verify scripts → 17 declarative rules
- apache/airflow
109 pre-commit hooks; ~40% map cleanly
- python/cpython
12 validation surfaces consolidated into 1 alint config
- microsoft/vscode
apples-to-apples vs build/hygiene.ts: 75% (6 of 8) declarative; 222 violations on the live tree, zero false positives
Catches conventions your pipeline assumes but doesn't verify
- tokio-rs/tokio
zero hand-rolled scripts; alint catches 15 conventions tokio’s pipeline silently assumes
- astral-sh/uv
67-crate workspace conventions enforced nowhere in CI today
- pnpm/pnpm
replaces the in-tree `meta-updater` plugin
- facebook/react
`codes.json` registry shape + `ReactVersion.js` propagated to 3 per-package fields
- nodejs/node
15-year-old conventions enforced via human review only
Adds a structural floor on top of mature tooling
- microsoft/typescript
eslint + dprint + knip already tight; alint adds the structural floor
- astral-sh/ruff
900+ Python lint rules but zero rules for ruff’s own internal-crate `publish = false` discipline
- prettier/prettier
5 net-new gates on top of eslint + prettier + cspell + knip + tsc
- helm/helm
Trojan-Source defence + GHA hardening on top of golangci-lint
- dotnet/runtime
~2,300 XML manifests with structural invariants no existing tool covers
Replaces the structural subset of your custom orchestration layer
- pytorch/pytorch
~86% of pytorch’s 57 lintrunner.toml adapters are structural; alint sits beneath
- bazelbuild/bazel
replaces the structural subset of bazel’s hand-rolled CI scripts
Encodes conventions enforced only by code-review discipline
- golang/go
zero `.github/workflows/`, zero `Makefile`, zero `.golangci.yml`; 31 rules encode the project’s structural contract for the first time
- rust-lang/rust
`src/tools/tidy/` is a custom Rust binary doing alint’s job; ~13 of ~32 tidy checks become declarative
Polyglot wins: when no per-language linter sees the cross-cutting conventions
- apache/arrow
6 languages in one tree, 21 lint hooks across 14 tool repos, 0 tools that see cross-language conventions
- vercel/next.js
first hybrid pnpm + Cargo dual-workspace win, with drift no per-language linter catches
- NixOS/nixpkgs
39,101 files / 20,678 by-name dirs; full 79-rule pass in 273 ms wall-clock
- tensorflow/tensorflow
1,185 textproto API goldens; cross-language implementation parity
- apache/spark
49 pom.xml files; demand-validates the v0.10 `xml_path_*` candidate
- angular/angular
TypeScript framework with 16 packages; public-API goldens locking 13 of them
- istio/istio
Go monorepo + 9 Helm charts; surfaces v0.10 cross-file value-equality candidate
- protocolbuffers/protobuf
10 in-tree language bindings + 1 spun-out; densest source for v0.11 cross-language-implementation-complete
- flutter/flutter
platform-driven polyglot variant: Dart framework + 6 native-OS embedders. Catches 5 real Trojan-Source / CVE-2021-42574 errors in docs/releases/archive/ via oss-baseline’s no_bidi_controls
Other case studies
- denoland/deno
Rust + JS + TS multi-language; custom validation scripts
- vercel/turbo
Rust monorepo orchestrator; alint adds 22 gates that don’t exist
- clap-rs/clap
Rust workspace; per-member inheritance via for_each_dir over family crates
Each case study includes a working .alint.yml you can
copy as a starting point. The gap catalogues feed the
v0.10 / v0.11 rule-kind backlog.