docker:S6596 false positive "FROM scratch"

SonarQube Community Edition Version 10.3 (build 82913)

When a Dockerfile is analyzed, which contains the following FROM instruction:

FROM scratch

SonarQube says, this is a maintainability issue (rule docker:S6596, “Use a specific version tag for the image.”). But this is perfectly legitimate, because “scratch” is a special image, that is not really an image, but a “no-op”. It also does not have any tags.


1 Like

Hi @dornimaug,

welcome to the community. Thank you for reporting the false positive. This ticket should solve the problem. We will include it in one of the next iterations of the analyzer.