PyDockerfileParse

dockerfile_parse parses Dockerfiles. Returned structures reflect user-controlled file content. Usually a source for linting rules, not a sink.

1 source

Taint flow1 source → 0 sinks

Sources — untrusted input

.DockerfileParser()Parses a Dockerfile

Sources

— user-controlled input enters here

.DockerfileParser()Source

Signature

dockerfile_parse.DockerfileParser(path=None, cache_content=False, env_replace=True, ...) -> DockerfileParser

Parses a Dockerfile. Content reflects user input.

tracks:return

FQN	Field
dockerfile_parse	fqns[0]

Wrong FQN → 0 findings. Verify with: change fqns to garbage → must produce 0 results.

rule.py

from codepathfinder.go_rule import PyDockerfileParse