Dockerfile Linter

A Dockerfile linter is a static analysis tool that checks your Dockerfile for errors, warnings, and best practice violations. It analyzes the instructions in your Dockerfile — FROM, RUN, COPY, CMD, and others — and flags issues that could lead to build failures, security vulnerabilities, or unnecessarily large container images.

Writing efficient Dockerfiles is harder than it looks. Common mistakes include using the :latest tag (which breaks reproducibility), running apt-get update and apt-get install in separate layers (which causes stale package caches), using ADD when COPY would suffice, piping curl output to shell (a security risk), and including build tools in the final image. These issues don't always cause immediate failures but lead to bloated, insecure, and unreliable containers.

Our Dockerfile linter catches 20+ common issues across three severity levels: errors (things that will break), warnings (best practice violations), and informational suggestions. It checks for multi-stage build opportunities, apt cache cleanup, layer optimization, deprecated instructions, and more. Everything runs in your browser — your Dockerfile is never uploaded anywhere.

1. Paste your Dockerfile — Copy your Dockerfile content into the editor. You can also click "Load Example" to see a sample Dockerfile with intentional issues.
2. Review results instantly — The linter analyzes your Dockerfile in real-time as you type. Issues appear immediately below the editor.
3. Check the summary — Badges at the top show the count of errors, warnings, and informational messages for a quick overview.
4. Fix issues one by one — Each issue shows the line number, severity, rule name, a clear description, and a 💡 suggestion for how to fix it.
5. Reference best practices — The built-in best practices panel below the results provides a quick reference for writing optimal Dockerfiles.

• Real-time analysis — Issues are detected instantly as you type or paste your Dockerfile. No need to click a button.
• 20+ lint rules — Covers invalid instructions, missing FROM, deprecated MAINTAINER, latest tag usage, ADD vs COPY, apt cache management, sudo usage, curl pipe-to-shell, and more.
• Multi-stage build analysis — Detects unnamed stages, unused stages, and suggests multi-stage builds when build tools are present in single-stage Dockerfiles.
• Actionable suggestions — Every issue includes a specific fix suggestion, not just a vague warning.
• Severity levels — Issues categorized as errors (will break), warnings (bad practice), and info (improvement opportunities) so you can prioritize fixes.
• 100% client-side — Your Dockerfile never leaves your browser. Safe for proprietary and sensitive infrastructure code.

• Pre-commit validation — Check your Dockerfile before committing to catch issues early, before they reach CI/CD pipelines or code review.
• Image size optimization — Identify opportunities to reduce image size: combine RUN layers, clean apt caches, use multi-stage builds, and remove build dependencies.
• Security hardening — Catch security anti-patterns like running as root with sudo, piping remote scripts to shell, and using unverified base images.
• Learning Docker best practices — The detailed suggestions and best practices panel help developers learn proper Dockerfile patterns as they write them.
• CI/CD pipeline debugging — When Docker builds fail in CI, paste the Dockerfile here to quickly identify structural issues without waiting for another build cycle.