shivasurya/code-pathfinder

high Missing Image Version

Dockerfile:21

FROM instruction uses 'latest' tag or no tag. Specify explicit versions for reproducible builds.

Code

Dockerfile

18
19RUN go build -ldflags="-s -w -X github.com/shivasurya/code-pathfinder/sast-engine/cmd.Version=${PROJECT_VERSION} -X github.com/shivasurya/code-pathfinder/sast-engine/cmd.GitCommit=${PROJECT_COMMIT} -X github.com/shivasurya/code-pathfinder/sast-engine/analytics.PublicKey=${POSTHOG_API_KEY}" -v -o pathfinder .
20
21FROM cgr.dev/chainguard/wolfi-base:latest
22
23WORKDIR /app
24

Seen on 8 scans

a7e137f line 21 2026-05-22
8a39ca7 line 21 2026-05-22
181f52c line 21 2026-05-22
91c7b3d line 21· PR #693 2026-05-22
00a5753 line 21 2026-05-22
490d33f line 21· PR #693 2026-05-22
9e00502 line 21 2026-05-22
1faca6c line 21 2026-05-21

Get this for your repo.

Pathfinder runs the same scan on your own repos free. Connect via GitHub in 30 seconds.

Get started View the open-source rules →