dockerfile.best-practice.use-either-wget-or-curl.use-either-wget-or-curl

profile photo of semgrepsemgrep
Author
unknown
Download Count*

'wget' and 'curl' are similar tools. Choose one and do not install the other to decrease image size.

Run Locally

Run in CI

Defintion

rules:
  - id: use-either-wget-or-curl
    severity: INFO
    languages:
      - dockerfile
    message: "'wget' and 'curl' are similar tools. Choose one and do not install the
      other to decrease image size."
    metadata:
      source-rule-url: https://github.com/hadolint/hadolint/wiki/DL4001
      references:
        - https://github.com/hadolint/hadolint/wiki/DL4001
      category: best-practice
      technology:
        - dockerfile
      license: Commons Clause License Condition v1.0[LGPL-2.1-only]
    pattern-either:
      - pattern: |
          RUN wget ...
          ...
          RUN curl ...
      - pattern: |
          RUN curl ...
          ...
          RUN wget ...

Examples

use-either-wget-or-curl.dockerfile

# cf. https://github.com/hadolint/hadolint/wiki/DL4001

FROM debian
# ruleid: use-either-wget-or-curl
RUN wget http://google.com
RUN curl http://bing.com