From 38aa8fc5c27bde15b7e327e2636cf715160f6310 Mon Sep 17 00:00:00 2001 From: GabinL21 Date: Thu, 12 Dec 2024 14:38:10 +0100 Subject: [PATCH] Update rule S7031: add multi-stage build exceptions --- rules/S7031/docker/rule.adoc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/rules/S7031/docker/rule.adoc b/rules/S7031/docker/rule.adoc index eb7eb59580b..bc31d1586e4 100644 --- a/rules/S7031/docker/rule.adoc +++ b/rules/S7031/docker/rule.adoc @@ -8,6 +8,10 @@ This practice can make Docker images more efficient and easier to manage. + Each layer in a Docker image is essentially a change to the image, like a version control system. + So, fewer layers mean fewer changes to track, which simplifies management and troubleshooting. +=== Exceptions + +In multi-stage builds, the rule only scans instructions that are part of the final image. + == How to fix it === Code examples