Command does not make sense in a containerDOK-DL3001User should not be `root` when the Dockerfile completesDOK-DL3002Invalid UNIX port providedDOK-DL3011Open string detectedDOK-SC1078Wrong use of `... && ... ||` syntaxDOK-SC2015Reference to an unassigned variable detectedDOK-SC2154Detected `$` on the left side of assignmentDOK-SC1066Invalid case used for command/syntaxDOK-SC1081Missing space before `#`DOK-SC1099Pin image versions explicitly to a release tagDOK-DL3007Pin versions in `pip`DOK-DL3013Use the `-y` switchDOK-DL3014`COPY --from` should reference a previously defined `FROM` aliasDOK-DL3022`COPY --from` cannot reference its own `FROM` aliasDOK-DL3023`FROM` aliases (stage names) must be uniqueDOK-DL3024Multiple `ENTRYPOINT` instructions detectedDOK-DL4004`eval` used with special charactersDOK-SC1098Consider using `./` or `--` globDOK-SC2035Detected use of `$` in the iterator name of a `for` loopDOK-SC1086Pin specific version in `npm`DOK-DL3016Use `COPY` instead of `ADD` for files and foldersDOK-DL3020Unexpected character detectedDOK-SC1079Use `ADD` to extract archives into an imageDOK-DL3010Pin versions in `apk add`DOK-DL3018Pin versions in `apt get install`DOK-DL3008`COPY` with more than 2 arguments requires the last argument to end with `/`DOK-DL3021Multiple `CMD` instructions detectedDOK-DL4003Set the `SHELL` option `-o pipefail` before using `RUN` with a pipe characterDOK-DL4006Missing spaceDOK-SC1035Spaces detected around `=` in assignmentsDOK-SC1068Consider using braces for expanding an arrayDOK-SC1087Word detected outside the quotesDOK-SC2026Detected use of escape sequences with `echo`DOK-SC2028Possible globbing or word splitting detectedDOK-SC2086Use `cd ... || exit` in case `cd` failsDOK-SC2164Do not use `sudo`DOK-DL3004Possible parameter declaration detectedDOK-SC1065Declare and assign separately to avoid masking of return valuesDOK-SC2155Avoid additional packages by specifying `--no-install-recommends`DOK-DL3015Use arguments JSON notation for CMD and ENTRYPOINT argumentsDOK-DL3025Use `SHELL` to change the default shellDOK-DL4005Consider using quotes to prevent word splittingDOK-SC2046Found reference to `ENV` var within the same stepDOK-E1000Invalid `LABEL` keyDOK-E1001Do not use `zypper dist-upgrade`DOK-W1011`ONBUILD`, `FROM` or `MAINTAINER` triggered from within `ONBUILD` instructionDOK-E1002Pin versions in `yum install`DOK-W1003Pin versions in `zypper install`DOK-W1004Pin versions in `dnf install`DOK-W1005COPY to a relative destination without WORKDIR setDOK-W1006Multiple `HEALTHCHECK` instructionsDOK-W1007Use the `-y` switch for `yum install`DOK-W1008Use the `-y` switch for `dnf install`DOK-W1009Use the `-y` switch for `zypper install`DOK-W1010Useless `cat` detectedDOK-SC2002Pin versions in `gem install`DOK-DL3028Unexpected `==` detectedDOK-SC1097Use absolute `WORKDIR`DOK-DL3000Use ` ` ` instead of `´` for command expansionDOK-SC1077Use only an allowed registry in the FROM imageDOK-DL3026Use `WORKDIR` to switch to a directoryDOK-DL3003Use of `&;` detectedDOK-SC1045Avoid cache directory with pip install --no-cache-dir <package>DOK-P1003Missing `yarn cache clean` after `yarn install`DOK-P1005Missing `yum clean all` after `yum install`DOK-P1000Missing `zypper clean` after `zypper install`DOK-P1001Missing `dnf clean all` after `dnf install` commandDOK-P1002Found `useradd` without `-l` flagDOK-P1004Do not use `--platform=` with `FROM`DOK-W1002Always tag the version of an image explicitlyDOK-DL3006Unquoted literal string detectedDOK-SC2140Delete the `apt-get` lists after installing anythingDOK-DL3009Unicode non-breaking space detectedDOK-SC1018`$` is not used specially and should therefore be escapedDOK-SC1000Use of deprecated `MAINTAINER` fieldDOK-DL4000Remove space after `=`DOK-SC1007Missing space or linefeed between the function name and bodyDOK-SC1095Do not use `apt`, use `apt-get` or `apt-cache` insteadDOK-DL3027Use the `--no-cache` switchDOK-DL3019Bad use of `{}`DOK-SC1083Use any one of `wget` or `curl` but not bothDOK-DL4001Use semicolon or linefeed before 'done'DOK-SC1010No need of escape sequenceDOK-SC1001Use `wget --progress` to avoid excessively bloated build logsDOK-W1000Found consecutive `RUN` commandsDOK-W1001
Missing `zypper clean` after `zypper install`DOK-P1001
Not cleaning cached package data after installation can result in higher image sizes. It is always recommended to clean the cached packages after installing them.
Please note that the clean-up must be performed in the same RUN step as it creates a separate layer. Doing this in a different RUN command would therefore result in a new layer, which will not help reduce the image size.
Bad Practice
FROM opensuse/leap:15.2
RUN zypper install -y httpd=2.4.46
Recommended
FROM opensuse/leap:15.2
RUN zypper install -y httpd=2.4.46 && zypper clean
 Slither
 Slither