Skip to content

[tracking] Full polyglot linter integration from pyqa_lint catalog #77

Description

@paudley

Summary

Track full coding-ethos integration for additional language and ecosystem linters from the pyqa_lint catalog.

Source catalog: ~/Active/pyqa_lint/tooling/catalog/languages/

This is intentionally split into one focused issue per tool so each integration can ship with complete acquisition, execution, parsing, AST, CEL, SARIF, MCP, docs, and test coverage instead of a thin binary wrapper.

Full Integration Contract

Each child issue must handle:

  • Tool acquisition: deterministic managed install/build/download, pinned version/checksum where applicable, manifest provenance, startup validation, fail-fast diagnostics, and no arbitrary host PATH dependency.
  • Command orchestration: Go-owned command construction through hook runner or managed capture, explicit config paths, staged/changed target selection where safe, sandboxing, timeouts, and network policy.
  • Diagnostics parsing: native output normalized into tool/file/line/column/severity/rule/message diagnostics, plus structured failure diagnostics for unparseable output.
  • Language AST facts: confirm or extend Tree-sitter/AST support before adding policy-specific scanners.
  • CEL integration: expose findings and language facts through CEL inputs so policies can reason by tool, rule/code, file, severity, and path metadata.
  • SARIF integration: stable rule IDs, source tool metadata, locations, related locations/fixes where available, and shape tests.
  • Policy alignment: map actionable findings to coding-ethos principles and remediation skills where the project has a clear safety, trust, maintainability, or style position.
  • MCP/agent surface: ensure lint_check, lint_advice, SARIF remediation, risk summaries, trend analysis, and hook traces identify the tool correctly.
  • Documentation and tests: document acquisition/config/operator workflow and add unit plus functional workflow coverage.

Child Issues

Out of Scope For This Tracker

  • Adding format-only tools unless they also need diagnostic parsing and policy integration.
  • Treating a tool as integrated just because the binary can be executed.
  • Adding ad hoc text scanners where shared AST/CEL/SARIF architecture can carry the behavior.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions