Scan results · 7a21c89

main · 9 high · 47 medium · 60 low

All 116 high 9 medium 47 low 60

low Nonsensical Command extension/secureflow/packages/secureflow-cli/Dockerfile:16
RUN command uses 'cd' which doesn't persist. Use WORKDIR instead.
low Prefer apt-get over apt extension/secureflow/packages/secureflow-cli/Dockerfile:16
Use apt-get instead of apt for better script stability in Dockerfiles.
low Use Absolute Path in WORKDIR extension/secureflow/packages/secureflow-cli/Dockerfile:23
WORKDIR should use absolute paths starting with /.
low Prefer apt-get over apt extension/secureflow/packages/secureflow-cli/Dockerfile:35
Use apt-get instead of apt for better script stability in Dockerfiles.
low Nonsensical Command extension/secureflow/packages/secureflow-cli/Dockerfile:35
RUN command uses 'cd' which doesn't persist. Use WORKDIR instead.
low Prefer apt-get over apt extension/secureflow/packages/secureflow-cli/Dockerfile:40
Use apt-get instead of apt for better script stability in Dockerfiles.
low Nonsensical Command extension/secureflow/packages/secureflow-cli/Dockerfile:40
RUN command uses 'cd' which doesn't persist. Use WORKDIR instead.
low Use Absolute Path in WORKDIR extension/secureflow/packages/secureflow-cli/Dockerfile:52
WORKDIR should use absolute paths starting with /.
low Prefer JSON Notation for CMD/ENTRYPOINT extension/secureflow/packages/secureflow-cli/Dockerfile:59
Use JSON notation (exec form) for CMD/ENTRYPOINT for proper signal handling.
low Container Filesystem is Writable extension/secureflow/packages/secureflow-cli/docker-compose.yml:3
[Service: secureflow-analyzer] Service has writable root filesystem. Consider making it read-only for better security.

Get this for your repo.

Pathfinder runs the same scan on your own repos free. Connect via GitHub in 30 seconds.

Get started View the open-source rules →