syncable-cli 0.34.1

A Rust-based CLI that analyzes code repositories and generates Infrastructure as Code configurations
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200

# Third Party Notices

This file contains attributions and license information for third-party software
incorporated into Syncable-CLI.

---

## Hadolint

The Dockerfile linting functionality in `src/analyzer/hadolint/` is a Rust
translation of the original Hadolint project.

**Original Project:** [Hadolint](https://github.com/hadolint/hadolint)

**Original Authors:**
- Lukas Martinelli (lukasmartinelli)
- Lorenzo Bolla (lbolla)
- And all contributors to the Hadolint project

**Original License:** GNU General Public License v3.0 (GPL-3.0)

**Original Copyright:**
```
Copyright (c) 2016-2024 Lukas Martinelli and contributors
```

**What was translated:**
- Dockerfile parsing logic (originally in Haskell)
- Lint rule definitions (DL3xxx, DL4xxx series)
- Pragma/ignore directive handling
- Configuration file format
- Rule severity and messaging

**Modifications made:**
- Complete rewrite from Haskell to Rust
- Integration with Syncable-CLI's agent and tool system
- Native async support for streaming output
- Adaptation to Rust error handling patterns
- Additional rules and improvements specific to Syncable's use cases

**License Notice:**
This derivative work is licensed under GPL-3.0, as required by the original
Hadolint license. See the LICENSE file in the root of this repository.

The full text of the GPL-3.0 license can be found at:
https://www.gnu.org/licenses/gpl-3.0.en.html

---

## Docker Compose Linter

The Docker Compose linting functionality in `src/analyzer/dclint/` is a Rust
implementation inspired by the docker-compose-linter project.

**Original Project:** [docker-compose-linter](https://github.com/zavoloklom/docker-compose-linter)

**Original Author:** Sergey Suspended (zavoloklom)

**Original License:** MIT License

**Original Copyright:**
```
Copyright (c) 2024 Sergey Suspended
```

**What was implemented:**
- Docker Compose YAML validation logic
- Lint rule concepts (DCL001-DCL015 series)
- Service configuration validation patterns
- Best practices enforcement

**Modifications made:**
- Complete implementation in Rust (original was TypeScript)
- Integration with Syncable-CLI's agent and tool system
- Native async support for streaming output
- Adaptation to Rust error handling patterns
- Additional rules and improvements specific to Syncable's use cases

**License Notice:**
The original docker-compose-linter is licensed under MIT. Our Rust implementation
is original code inspired by the rule concepts and validation patterns from the
original project.

---

## KubeLint (kube-linter)

The Kubernetes manifest linting functionality in `src/analyzer/kubelint/` is a Rust
translation of the original kube-linter project by StackRox (Red Hat).

**Original Project:** [kube-linter](https://github.com/stackrox/kube-linter)

**Original Authors:**
- StackRox, Inc. (now part of Red Hat)
- And all contributors to the kube-linter project

**Original License:** Apache License 2.0

**Original Copyright:**
```
Copyright (c) 2020-2024 StackRox, Inc.
```

**What was translated:**
- Kubernetes manifest parsing and validation logic (originally in Go)
- 63 built-in security and best practice checks
- Pragma/ignore directive handling via annotations
- Helm chart rendering integration
- Kustomize directory support
- Check severity and priority system
- SARIF and JSON output formats

**Modifications made:**
- Complete rewrite from Go to Rust
- Integration with Syncable-CLI's agent and tool system
- Native async support for streaming output
- Adaptation to Rust error handling patterns
- Graceful fallback for broken Helm charts
- Additional rules and improvements specific to Syncable's use cases

**License Notice:**
This derivative work maintains compatibility with the Apache-2.0 license.
The full text of the Apache-2.0 license can be found at:
https://www.apache.org/licenses/LICENSE-2.0

---

## Helmlint (helmtest)

The Helm chart linting functionality in `src/analyzer/helmlint/` is a Rust
implementation inspired by and partially derived from the helmtest project
by StackRox (Red Hat).

**Original Project:** [helmtest](https://github.com/stackrox/helmtest)

**Original Authors:**
- StackRox, Inc. (now part of Red Hat)
- And all contributors to the helmtest project

**Original License:** Apache License 2.0

**Original Copyright:**
```
Copyright (c) 2020-2024 StackRox, Inc.
```

**What was implemented:**
- Helm chart structure validation (Chart.yaml, values.yaml)
- Go template syntax analysis
- Values validation and unused value detection
- Security checks for rendered templates
- Best practice validation patterns

**Modifications made:**
- Complete implementation in Rust (original was Go)
- Integration with Syncable-CLI's agent and tool system
- Native async support for streaming output
- Adaptation to Rust error handling patterns
- Additional rules (HL1xxx-HL5xxx series) specific to Syncable's use cases

**License Notice:**
This derivative work maintains compatibility with the Apache-2.0 license.
The full text of the Apache-2.0 license can be found at:
https://www.apache.org/licenses/LICENSE-2.0

---

## ShellCheck (Rule Concepts)

Some shell-related lint rules are inspired by ShellCheck.

**Original Project:** [ShellCheck](https://github.com/koalaman/shellcheck)

**Original Author:** Vidar Holen (koalaman)

**Original License:** GNU General Public License v3.0 (GPL-3.0)

**Note:** Syncable-CLI does not include ShellCheck code directly. The shell
analysis rules are original implementations inspired by ShellCheck's rule
concepts and documentation.

---

## Acknowledgments

We are grateful to the open source community and the authors of:

- **Hadolint** - For the comprehensive Dockerfile linting rules
- **docker-compose-linter** - For Docker Compose best practices
- **kube-linter (StackRox/Red Hat)** - For the extensive Kubernetes security checks
- **helmtest (StackRox/Red Hat)** - For Helm chart validation patterns

These Rust implementations allow native integration with Syncable-CLI while
preserving the valuable rule definitions and linting logic developed by the
original authors. Special thanks to StackRox (now part of Red Hat) for their
excellent Kubernetes and Helm security tooling.

If you are the author of any software mentioned here and believe the attribution
is incorrect or incomplete, please open an issue at:
https://github.com/syncable-dev/syncable-cli/issues