Skip to main content
tally is a production-grade Dockerfile and Containerfile linter + formatter that catches issues before they reach production. It uses the same parser behind docker buildx, understands modern BuildKit syntax, and can fix many issues automatically. 
# Lint everything in your repo
tally lint .

# Apply all safe fixes automatically
tally lint --fix Dockerfile

Installation

Install via Homebrew, npm, pip, RubyGems, WinGet, Go, or Docker.

Quick start

Lint your first Dockerfile in under a minute.

Rules reference

Rules across BuildKit, tally, Hadolint, and ShellCheck namespaces.

Configuration

Configure rules, output formats, and fix modes with .tally.toml.

Why tally?

BuildKit-native

Understands heredocs, RUN --mount, COPY --link, and ADD --checksum. No lag behind new Docker features.

Fixes, not just findings

--fix applies safe, mechanical rewrites. --fix-unsafe unlocks AI-powered improvements via ACP.

Broad rule coverage

BuildKit checks, tally rules, Hadolint rules, and embedded ShellCheck for shell snippets.

CI & editor ready

Outputs text, JSON, SARIF, GitHub Actions annotations, and Markdown. VS Code and JetBrains extensions included.

No Docker daemon required

Pure static analysis. Registry-aware checks use a Podman-compatible client — no Docker Desktop needed.

Windows-container aware

Detects Windows containers, understands Windows paths, and parses PowerShell RUN instructions semantically.

Get started

1

Install tally

Pick your preferred package manager:
# Homebrew (macOS/Linux)
brew install wharflab/tap/tally

# npm
npm install -g tally-cli

# Go
go install github.com/wharflab/tally@latest
2

Lint your Dockerfile

Run tally against your Dockerfile or recursively across your whole repo:
tally lint Dockerfile
tally lint .
3

Apply auto-fixes

Fix safe, mechanical issues automatically:
tally lint --fix Dockerfile
4

Add a config file

Create .tally.toml to set project-wide defaults:
.tally.toml
[output]
format = "text"
fail-level = "warning"

[rules]
include = ["buildkit/*", "tally/*", "hadolint/*"]

Explore the docs

Auto-fix guide

Learn how safe fixes and AI-powered fixes work.

AI AutoFix via ACP

Use your own AI agent to apply complex Dockerfile improvements.

CI/CD integration

Add tally to GitHub Actions, GitLab CI, and other pipelines.

IDE integration

Real-time linting in VS Code, JetBrains, and any LSP editor.