Dear Community and Developers,
Thank you for the ineffably marvelous project... ✨
I am sorry, but just wanted to report a possible case for reconsideration of the current rule prediction algorithm.
For instance:
$ docker build --check .
[+] Building 1.2s (4/4) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 7.38kB 0.0s
=> [internal] load metadata for docker.io/library/nginx:1.25.4 1.1s
=> [auth] library/nginx:pull token for registry-1.docker.io 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
Check complete, 1 warning has been found!
WARNING: SecretsUsedInArgOrEnv - https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
Do not use ARG or ENV instructions for sensitive data (ARG "AUTH_JWT_NGINX_MODULE_VERSION")
Dockerfile:125
--------------------
123 | make install;
124 |
125 | >>> ARG AUTH_JWT_NGINX_MODULE_VERSION='2.0.3'
126 |
127 | RUN \
--------------------
The variable is supposed to contain a string of release version of Nginx module repository: https://github.com/TeslaGov/ngx-http-auth-jwt-module.
Yes, the variable name contains "auth" but it ends with "version". Therefore, what if the linter would skip variables that end/start with "version"?
Initially, I raised the issue at the following nice repository: btidor/syntax#1
Best and kind regards 🪐
Dear Community and Developers,
Thank you for the ineffably marvelous project... ✨
I am sorry, but just wanted to report a possible case for reconsideration of the current rule prediction algorithm.
For instance:
The variable is supposed to contain a string of release version of Nginx module repository: https://github.com/TeslaGov/ngx-http-auth-jwt-module.
Yes, the variable name contains "auth" but it ends with "version". Therefore, what if the linter would skip variables that end/start with "version"?
Initially, I raised the issue at the following nice repository: btidor/syntax#1
Best and kind regards 🪐