Copy With More Than Two Arguments Not Ending With Slash
- Query id: 6db6e0c2-32a3-4a2e-93b5-72c35f4119db
- Query name: Copy With More Than Two Arguments Not Ending With Slash
- Platform: Dockerfile
- Severity: High
- Category: Build Process
- URL: Github
Description
When a COPY command has more than two arguments, the last one should end with a slash
Documentation
Code samples
Code samples with security vulnerabilities
Positive test num. 1 - dockerfile fileFROM node:carbon2
COPY package.json yarn.lock my_app
Code samples without security vulnerabilities
Negative test num. 1 - dockerfile fileFROM node:carbon
COPY package.json yarn.lock my_app/
Negative test num. 2 - dockerfile fileFROM node:carbon1
COPY package.json yarn.lock