Useless cat detected DOK-SC2002
cat is a tool for concatenating files. Reading a single file as input to a program is considered a Useless Use Of Cat (UUOC). It's more efficient and less roundabout to simply use redirection. This is especially true for programs that can benefit from seekable input, like tail or tar. Many tools also accept optional filenames, e.g. grep -q foo file instead of cat file | grep -q foo.
Consider using ./ or -- glob DOK-SC2035
Bad use of {} DOK-SC1083
Consider using braces for expanding an array DOK-SC1087
Some languages use the syntax $array[index] to access index of an array, but a shell will interpret this as $array followed by the unrelated literal string (or glob) [index]. Curly braces are needed to tell the shell that the square brackets are part of the expansion.
Use cd ... || exit in case cd fails DOK-SC2164
Use any one of wget or curl but not both DOK-DL4001
Don't install two tools that have the same effect to avoid the additional cruft.
Do not use sudo DOK-DL3004
Do not use sudo as it leads to unpredictable behavior and possibly security vulnerabilities. Use a tool like gosu to perform user switching operations.
Possible parameter declaration detected DOK-SC1065
Use function_name() and refer to passed parameters as $1, $2 etc. Shell script functions behave just like scripts and other commands: - They always take 0 to N parameters, referred to by $1, $2 etc. They cannot declare parameters by name.
Use WORKDIR to switch to a directory DOK-DL3003
Only use cd in a subshell. Most commands can work with absolute paths and in most cases, it is not necessary to change directories. Docker provides the WORKDIR instruction if you really need to change the current working directory.
Do not use apt, use apt-get or apt-cache instead DOK-DL3027
Do not use apt as it is meant to be an end-user tool. apt is discouraged by the linux distributions as an unattended tool as its interface may suffer changes between versions. Better use the more stable apt-get and apt-cache
Avoid additional packages by specifying --no-install-recommends DOK-DL3015
Avoid installing additional packages that you do not explicitly want.
Use semicolon or linefeed before 'done' DOK-SC1010
done only works as a keyword when it's the first token of the command. If added after a command, it will just be considered as a literal string "done". Exception: If you're intentionally using done as a literal, you can quote it to make this clear to DeepSource (and also human readers), e.g. instead of echo Task is done, use echo "Task is done". This makes no difference to the shell, but it will silence this warning.
Use of &; detected DOK-SC1045
Both & and ; terminate the command. You should only use one of them.
Use SHELL to change the default shell DOK-DL4005
Docker provides a SHELL instruction allowing for changing the default shell for all subsequent RUN commands.
No need of escape sequence DOK-SC1001
You have escaped something that has no special meaning when escaped. The backslash will be simply be ignored. If the backslash was supposed to be literal, enclose it within single quotes, or escape it.
Use wget --progress to avoid excessively bloated build logs DOK-W1000
wget without the --progress flag will result in excessively bloated build logs when downloading larger files. That's because it outputs a line for each fraction of a percentage point while downloading a big file.
Found consecutive RUN commands DOK-W1001
Each RUN instruction will create a new layer in the resulting image. Therefore squashing consecutive RUN instructions will reduce the layer count (see https://docs.docker.com/develop/dev-best-practices/).
In addition to that, each RUN instruction runs in its own shell, which can be the source of confusion when part of a RUN instruction changes something about the environment, because these changes may vanish in the next RUN instruction.