alint — golang/go

Zero `.github/workflows/`, zero `Makefile`, zero `.golangci.yml` — alint encodes Go's structural contract for the first time, in 31 testable rules.

Why this matters

golang/go is the convention-heavy minimal-tooling extreme of every repo we’ve inventoried. Where kubernetes/kubernetes ships 50 hand-rolled hack/verify-*.sh scripts and tokio-rs/tokio runs a 1,365-line GitHub Actions matrix, golang/go has:

Zero .github/workflows/ — CI runs on Google’s internal LUCI builders driven by src/cmd/dist/test.go’s registerTests() / registerStdTest() discovery loop
Zero Makefile at the top level — src/all.bash / src/make.bash are the canonical bootstraps (mirrored as .bat for Windows and .rc for Plan 9)
Zero .golangci.yml — the Go authors don’t lint themselves with golangci-lint; they wrote the language and use go vet plus the git-codereview Gerrit hook
Zero AUTHORS / CONTRIBUTORS files — both retired during the Gerrit migration; contributor tracking moved to git history
- the CLA database
Zero per-PR linter shellouts — PRs land in GitHub, get imported into Gerrit, then go through git-codereview which enforces gofmt cleanliness as the only structural gate

This is the most tightly-curated minimal-tooling project in the catalogue. Russ Cox & co. enforce the structural contract by code- review etiquette; nothing else does.

Headline catch

The pitch isn’t “alint replaces N hand-rolled scripts” (golang/go has effectively zero) — it’s “alint encodes the unwritten Go conventions enforceable for the first time.”

The 3-line BSD license header, the 4-go.mod canonical layout, the .github/PULL_REQUEST_TEMPLATE “No Markdown” rule, the .gitattributes * -text line that’s load-bearing for Windows builds, the doc/next/6-stdlib/99-minor/<package>/<issue-number>.md filename grammar, the FIPS 140 module registry — none of these are checked by any script, anywhere in golang/go today. They are enforced by Russ Cox & co. in code review. alint makes them machine-checkable in 31 rules across one file.

A few of the most load-bearing:

The 3-line BSD license header on every committed source file. git-codereview doesn’t check for this; only review etiquette does. A regression silently ships a BSD-licensed source without the conventional attribution
The 4-go.mod canonical layout (src/go.mod, src/cmd/go.mod, misc/go.mod, src/runtime/_mkmalloc/go.mod). The repo root is not a Go module — golang/go is the source of the language, not a consumer
The .gitattributes * -text directive that disables git’s line-ending normalization so .bat files can be checked in with CRLF (load-bearing — test/winbatch.go enforces it)
The lib/fips140/fips140.sum header line (# SHA256 checksums of snapshot zip files in this directory.). The CMVP-submitted security policy references this exact header format

Where alint earns its keep here

This is the fourth distinct positioning narrative in the case-study catalogue and the most extreme along the “convention-only” axis:

Narrative	Strongest data point
Replaces N hand-rolled validation scripts	kubernetes (50→17), airflow (109 hooks→40 %), cpython (12 surfaces consolidated)
Catches conventions your pipeline assumes but doesn’t verify	tokio (15 conventions, 0 scripts), uv (67-crate workspace), pnpm, react
Adds a structural floor on top of mature tooling	typescript, ruff, prettier
Encodes conventions enforced only by code-review discipline	golang/go (31 conventions, 0 scripts, 0 workflows)

The pitch lands as: “you have a clear set of unwritten rules that everyone reviewing your code knows; alint writes them down, makes them testable, and lets the next contributor read them in one file instead of inferring them from the corpus.”

The same shape generalises to every tightly-curated, minimal- tooling project: the Linux kernel’s structural conventions, plan9, the suckless tools, every house-style internal codebase where “this is how we do it” is folklore rather than a config file.

golang/go is also a saturating signal for the v0.10+ rule-kind list: every gap surfaced here (import_gate, pair_hash, ordered_block, the registry_paths_resolve GitHub-issue sub- candidate) is already on the existing candidate list — the language- monorepo segment is approaching feature-completeness for v0.10.

Future story angles

The FIPS 140 module registry (lib/fips140/) is the highest- stakes use case for the pair_hash rule kind in the corpus — the CMVP-submitted security policy references the file format verbatim. A regression silently disables FIPS support
golang/go is the first source where registry_paths_resolve resolves to GitHub issue numbers (doc/next/6-stdlib/99-minor/ <pkg>/<issue>.md) rather than on-disk paths — single-source so far; sub-candidate for a v0.11+ HTTP-API-aware variant
The 31-rule config is portable: forks of golang/go (or Go monorepos that take their layout cues from golang/go) get a working baseline immediately