Skip to main content

Documentation Index

Fetch the complete documentation index at: https://tally.wharflab.com/llms.txt

Use this file to discover all available pages before exploring further.

tally is a production-grade Dockerfile and Containerfile linter + formatter that catches issues before they reach production. It uses the same parser behind docker buildx, understands modern BuildKit syntax, and can fix many issues automatically. 
# Lint everything in your repo
tally lint .

# Apply all safe fixes automatically
tally lint --fix Dockerfile

Installation

Install via Homebrew, mise, npm, Bun, uv, pip, RubyGems, WinGet, Go, or Docker.

Quick start

Lint your first Dockerfile in under a minute.

Rules reference

Rules across BuildKit, tally, Hadolint, and ShellCheck namespaces.

Configuration

Configure rules, output formats, and fix modes with .tally.toml.

Build invocations

Lint Dockerfiles through Bake targets and Compose services.

Why tally?

BuildKit-native

Understands heredocs, RUN --mount, COPY --link, and ADD --checksum. No lag behind new Docker features.

Fixes, not just findings

--fix applies safe, mechanical rewrites. --fix-unsafe unlocks AI-powered improvements via ACP.

Broad rule coverage

BuildKit checks, tally rules, Hadolint rules, and embedded ShellCheck for shell snippets.

CI & editor ready

Outputs text, JSON, SARIF, GitHub Actions annotations, and Markdown. VS Code and JetBrains extensions included.

Bake and Compose aware

Resolves build args, contexts, platforms, and target stages from orchestrator entrypoints.

No Docker daemon required

Pure static analysis. Registry-aware checks use a Podman-compatible client — no Docker Desktop needed.

Windows-container aware

Detects Windows containers, understands Windows paths, and semantically parses PowerShell RUN instructions, including syntax and analyzer diagnostics.

Get started

1

Install tally

Pick your preferred package manager:
# Homebrew (macOS/Linux)
brew install wharflab/tap/tally

# mise
mise use -g github:wharflab/tally@latest

# npm
npm install -g tally-cli

# Bun
bun add -g tally-cli

# uv
uv tool install tally-cli

# Go
go install github.com/wharflab/tally@latest
2

Lint your Dockerfile

Run tally against your Dockerfile or recursively across your whole repo:
tally lint Dockerfile
tally lint .
3

Apply auto-fixes

Fix safe, mechanical issues automatically:
tally lint --fix Dockerfile
4

Add a config file

Create .tally.toml to set project-wide defaults:
.tally.toml
[output]
format = "text"
fail-level = "warning"

[rules]
include = ["buildkit/*", "tally/*", "hadolint/*"]

Explore the docs

Auto-fix guide

Learn how safe fixes and AI-powered fixes work.

AI AutoFix via ACP

Use your own AI agent to apply complex Dockerfile improvements.

CI/CD integration

Add tally to GitHub Actions, GitLab CI, and other pipelines.

Build invocations

Lint the builds declared by Docker Buildx Bake and Docker Compose.

IDE integration

Real-time linting in VS Code, JetBrains, and any LSP editor.