Docker

Docker

Made by DeepSource

Pin versions in zypper install DOK-W1004

Bug risk
Major

Version pinning forces the build to retrieve a particular version regardless of what’s in the cache. This technique can also reduce failures due to unanticipated changes changes between different versions in required packages.

Bad Practice

FROM ruby:3
RUN zypper install -y httpd && zypper clean

Recommended

FROM ruby:3
RUN zypper install -y httpd-2.24.2 && zypper clean

References