yamllint VS cfn_nag

Compare yamllint vs cfn_nag and see what are their differences.

Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
yamllint cfn_nag
11 14
2,665 1,218
- 0.4%
8.3 0.0
about 1 month ago 7 months ago
Python Ruby
GNU General Public License v3.0 only MIT License
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

yamllint

Posts with mentions or reviews of yamllint. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-11-15.
  • IT Pro Tuesday #227 - Notification Tool, SPF/DKIM/DMARC Tutorial, YAML Linter & More
    2 projects | /r/ITProTuesday | 15 Nov 2022
    yamllint, as the name suggests, is a linter for YAML files. It checks syntax validity, as well as looking for more-complex errors like key repetition and cosmetic problems such as line length, trailing spaces, indentation etc. This one was indly recommended by yankdevil.
  • StrictYAML
    8 projects | news.ycombinator.com | 2 Jul 2022
    StrictYAML removes features that might be useful for some usecases, such as Node anchors+Refs and Flow Style.

    I don't think the cost of an additional standard is worth it in this case.

    While YAML has issues, they aren't much of problem if you use a linter, such as yamllint [1].

    1. https://github.com/adrienverge/yamllint

  • Data and System Visualization Tools That Will Boost Your Productivity
    15 projects | dev.to | 13 Jun 2022
    On top of the above-mentioned tools, it's also a good idea to use YAML linter such this one or its CLI equivalent, which will validate and cleanup your documents.
  • Let CI check & fix your yamls
    8 projects | dev.to | 9 Mar 2022
    yamlfixer automates the fixing of problems reported by yamllint by parsing its output.
  • Modern Python setup for quality development
    11 projects | dev.to | 7 Jan 2022
    repos: - repo: https://github.com/pre-commit/pre-commit-hooks rev: v4.0.1 hooks: - id: check-added-large-files - id: check-ast - id: check-builtin-literals - id: check-case-conflict - id: check-docstring-first - id: check-executables-have-shebangs - id: check-json - id: check-merge-conflict - id: check-symlinks - id: check-toml - id: check-vcs-permalinks - id: check-xml - id: check-yaml args: [--allow-multiple-documents] - id: debug-statements - id: detect-aws-credentials args: [--allow-missing-credentials] - id: destroyed-symlinks - id: end-of-file-fixer - id: fix-byte-order-marker - id: fix-encoding-pragma args: [--remove] - id: forbid-new-submodules - id: mixed-line-ending args: [--fix=auto] - id: name-tests-test args: [--django] - id: requirements-txt-fixer - id: trailing-whitespace - repo: local hooks: - id: black name: black entry: poetry run black language: system types: [python] - id: flake8 name: flake8 entry: poetry run flake8 language: system types: [python] - repo: https://github.com/pycqa/isort rev: "5.9.1" hooks: - id: isort args: - --profile - black - --filter-files - repo: https://github.com/adrienverge/yamllint.git rev: v1.26.1 hooks: - id: yamllint args: [-c=.yamllint.yaml] - repo: https://gitlab.com/devopshq/gitlab-ci-linter rev: v1.0.2 hooks: - id: gitlab-ci-linter args: - "--server" - "https://your.gitlab.server" # Need env var GITLAB_PRIVATE_TOKEN with gitlab api read token - repo: https://github.com/commitizen-tools/commitizen rev: v2.17.11 hooks: - id: commitizen stages: [commit-msg] - repo: https://github.com/jumanjihouse/pre-commit-hooks rev: 2.1.5 # or specific git tag hooks: - id: forbid-binary - id: shellcheck - id: shfmt
  • CloudFormation Noob - using YAML
    2 projects | /r/AWS_Certified_Experts | 9 Oct 2021
    Or, run Yamllint externally. I do this, because I have more control: https://github.com/adrienverge/yamllint
  • The Norway Problem
    18 projects | news.ycombinator.com | 3 Apr 2021
    You can catch this with yamllint (https://github.com/adrienverge/yamllint):

        % cat countries.yml

cfn_nag

Posts with mentions or reviews of cfn_nag. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-12-25.

What are some alternatives?

When comparing yamllint and cfn_nag you can also consider the following projects:

checkov - Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

cfn-python-lint - CloudFormation Linter

pyyaml - Canonical source repository for PyYAML

cue - CUE has moved to https://github.com/cue-lang/cue

SonarQube - Continuous Inspection

pre-commit - A framework for managing and maintaining multi-language pre-commit hooks.

aws-secure-environment-accelerator - The AWS Secure Environment Accelerator is a tool designed to help deploy and operate secure multi-account, multi-region AWS environments on an ongoing basis. The power of the solution is the configuration file which enables the completely automated deployment of customizable architectures within AWS without changing a single line of code.

Flake8 - flake8 is a python tool that glues together pycodestyle, pyflakes, mccabe, and third-party plugins to check the style and quality of some python code.

vscode-cloudformation-snippets - This extension adds snippets for all the AWS CloudFormation resources into Visual Studio Code.

edn - Extensible Data Notation

kubernetes - Production-Grade Container Scheduling and Management

tfsec - Security scanner for your Terraform code