Dockerfile Linter

Lint a Dockerfile for common issues: unpinned base image versions, missing USER directive (running as root), apt-get install without --no-install-recommends, COPY before package install (cache buster), and other patterns hadolint flags. Browser-only.

How to use the Dockerfile Linter

Paste a Dockerfile. The linter walks every line and reports common issues with severity. Findings are advisory — context matters; a flag isn't necessarily wrong for your use case.

What this catches (and what it doesn't)

This linter is a fast in-browser approximation of hadolint, the standard Dockerfile linter. It catches the most common ~15 issues: unpinned base images, missing USER, unnecessary apt-get update without install in the same layer, missing --no-install-recommends, COPY of . before package install (busts cache), ADD when COPY would do, missing HEALTHCHECK, etc.

What it doesn't do: deep multi-stage analysis, secret detection (use a dedicated tool like gitleaks), CIS benchmark compliance, image scanning. For production CI, run hadolint as a real step in your pipeline.