github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/docker/README.md (about) 1 The Dockerfile rego policies can find the following issues: 2 3 1. Last USER in the file should not be root (but there needs to be at least one USER statement) 4 2. Tag the version of the FROM image explicitly (unless its scratch) 5 3. Avoid using "latest" in the FROM statement 6 4. Delete the apt-get lists after installing 7 8 Reference: https://github.com/hadolint/hadolint