main
1id: yaml-no-latest-tag
2message: Avoid 'latest' tag in container images
3severity: warning
4language: yaml
5note: |
6 Using 'latest' tag is not reproducible and can lead to unexpected updates.
7
8 Use specific versions or SHA digests:
9 - image: alpine:3.19
10 - image: alpine@sha256:abc123...
11rule:
12 pattern: |
13 image: $IMAGE:latest