Scan results · 490d33f
PR #693 · shiva/remove-self-scan-workflow → main · 2 critical · 14 high · 59 medium · 82 low
- low Prefer apt-get over apt Dockerfile.mcp:22
Use apt-get instead of apt for better script stability in Dockerfiles.
- low Prefer apt-get over apt Dockerfile.mcp:25
Use apt-get instead of apt for better script stability in Dockerfiles.
- low Nonsensical Command Dockerfile.mcp:25
RUN command uses 'cd' which doesn't persist. Use WORKDIR instead.
- low Prefer apt-get over apt Dockerfile.mcp:30
Use apt-get instead of apt for better script stability in Dockerfiles.
- low Nonsensical Command Dockerfile.mcp:30
RUN command uses 'cd' which doesn't persist. Use WORKDIR instead.
- low Prefer apt-get over apt Dockerfile.mcp:33
Use apt-get instead of apt for better script stability in Dockerfiles.
- low Nonsensical Command Dockerfile.mcp:33
RUN command uses 'cd' which doesn't persist. Use WORKDIR instead.
- low Prefer JSON Notation for CMD/ENTRYPOINT Dockerfile.mcp:49
Use JSON notation (exec form) for CMD/ENTRYPOINT for proper signal handling.
- low Dockerfile Source Not Pinned extension/secureflow/packages/secureflow-cli/Dockerfile:2
FROM instruction without digest pinning. Consider using @sha256:... for immutable builds.
- low Remove apt Package Lists extension/secureflow/packages/secureflow-cli/Dockerfile:5
apt-get install without removing /var/lib/apt/lists/*. This wastes image space.
Get this for your repo.
Pathfinder runs the same scan on your own repos free. Connect via GitHub in 30 seconds.