Scan results · 490d33f
PR #693 · shiva/remove-self-scan-workflow → main · 2 critical · 14 high · 59 medium · 82 low
- low Prefer apt-get over apt Dockerfile:31
Use apt-get instead of apt for better script stability in Dockerfiles.
- low pip install Without --no-cache-dir Dockerfile:31
pip install without --no-cache-dir. Pip cache remains in image, adding 50-200 MB depending on dependencies.
- low Nonsensical Command Dockerfile:38
RUN command uses 'cd' which doesn't persist. Use WORKDIR instead.
- low Prefer apt-get over apt Dockerfile:38
Use apt-get instead of apt for better script stability in Dockerfiles.
- low Prefer apt-get over apt Dockerfile:40
Use apt-get instead of apt for better script stability in Dockerfiles.
- low Nonsensical Command Dockerfile:40
RUN command uses 'cd' which doesn't persist. Use WORKDIR instead.
- low Prefer JSON Notation for CMD/ENTRYPOINT Dockerfile:49
Use JSON notation (exec form) for CMD/ENTRYPOINT for proper signal handling.
- low Use Absolute Path in WORKDIR Dockerfile.mcp:12
WORKDIR should use absolute paths starting with /.
- low Nonsensical Command Dockerfile.mcp:15
RUN command uses 'cd' which doesn't persist. Use WORKDIR instead.
- low Missing -y flag for apt-get Dockerfile.mcp:15
apt-get install without -y flag. Add -y or --yes for non-interactive builds.
Get this for your repo.
Pathfinder runs the same scan on your own repos free. Connect via GitHub in 30 seconds.