├── .chainguard └── source.yaml ├── .github ├── chainguard │ └── scorecard.sts.yaml ├── dependabot.yml └── workflows │ ├── boilerplate.yaml │ ├── build.yaml │ ├── golangci-lint.yaml │ ├── release.yaml │ └── scorecard.yml ├── .gitignore ├── .golangci.yml ├── .goreleaser.yaml ├── Dockerfile ├── Dockerfile.chainguard ├── LICENSE ├── README.md ├── RELEASE.md ├── SECURITY.md ├── builtin-mappings.yaml ├── dfc.png ├── go.mod ├── go.sum ├── hack └── boilerplate │ ├── boilerplate.go.txt │ ├── boilerplate.sh.txt │ ├── boilerplate.yaml.txt │ └── boilerplate.yml.txt ├── integration ├── README.md └── docker_build_integration_test.go ├── main.go ├── mcp-server ├── Dockerfile ├── README.md ├── demo-cursor.png ├── go.mod ├── go.sum └── main.go ├── pkg └── dfc │ ├── adduser.go │ ├── adduser_test.go │ ├── builtin-mappings.yaml │ ├── dfc.go │ ├── dfc_test.go │ ├── mappings.go │ ├── shell.go │ ├── shell_test.go │ ├── tar.go │ ├── tar_test.go │ ├── update.go │ ├── update_test.go │ └── version.go └── testdata ├── README.md ├── apt-add-repo.after.Dockerfile ├── apt-add-repo.before.Dockerfile ├── canada-ca-tracker.after.Dockerfile ├── canada-ca-tracker.before.Dockerfile ├── digest.after.Dockerfile ├── digest.before.Dockerfile ├── distroless-go-integration ├── go.mod └── main.go ├── distroless-go.after.Dockerfile ├── distroless-go.before.Dockerfile ├── django-integration └── requirements │ ├── common.txt │ └── prod.txt ├── django.after.Dockerfile ├── django.before.Dockerfile ├── from-with-platform.after.Dockerfile ├── from-with-platform.before.Dockerfile ├── gcds-hugo.after.Dockerfile ├── gcds-hugo.before.Dockerfile ├── golang-multi-stage.after.Dockerfile ├── golang-multi-stage.before.Dockerfile ├── kind.after.Dockerfile ├── kind.before.Dockerfile ├── no-root.after.Dockerfile ├── no-root.before.Dockerfile ├── no-tag.after.Dockerfile ├── no-tag.before.Dockerfile ├── nodejs-ubuntu.after.Dockerfile ├── nodejs-ubuntu.before.Dockerfile ├── pipes.after.Dockerfile ├── pipes.before.Dockerfile ├── python-multi-stage.after.Dockerfile ├── python-multi-stage.before.Dockerfile ├── python-nodejs.after.Dockerfile ├── python-nodejs.before.Dockerfile ├── ruby-rails.after.Dockerfile ├── ruby-rails.before.Dockerfile ├── useradd-does-not-remove-root.after.Dockerfile ├── useradd-does-not-remove-root.before.Dockerfile ├── yum-dnf-flags.after.Dockerfile └── yum-dnf-flags.before.Dockerfile /.chainguard/source.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/.chainguard/source.yaml -------------------------------------------------------------------------------- /.github/chainguard/scorecard.sts.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/.github/chainguard/scorecard.sts.yaml -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/.github/dependabot.yml -------------------------------------------------------------------------------- /.github/workflows/boilerplate.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/.github/workflows/boilerplate.yaml -------------------------------------------------------------------------------- /.github/workflows/build.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/.github/workflows/build.yaml -------------------------------------------------------------------------------- /.github/workflows/golangci-lint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/.github/workflows/golangci-lint.yaml -------------------------------------------------------------------------------- /.github/workflows/release.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/.github/workflows/release.yaml -------------------------------------------------------------------------------- /.github/workflows/scorecard.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/.github/workflows/scorecard.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/.gitignore -------------------------------------------------------------------------------- /.golangci.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/.golangci.yml -------------------------------------------------------------------------------- /.goreleaser.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/.goreleaser.yaml -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | testdata/django.before.Dockerfile -------------------------------------------------------------------------------- /Dockerfile.chainguard: -------------------------------------------------------------------------------- 1 | testdata/django.after.Dockerfile -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/README.md -------------------------------------------------------------------------------- /RELEASE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/RELEASE.md -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/SECURITY.md -------------------------------------------------------------------------------- /builtin-mappings.yaml: -------------------------------------------------------------------------------- 1 | pkg/dfc/builtin-mappings.yaml -------------------------------------------------------------------------------- /dfc.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/dfc.png -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/go.mod -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/go.sum -------------------------------------------------------------------------------- /hack/boilerplate/boilerplate.go.txt: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2025 Chainguard, Inc. 3 | SPDX-License-Identifier: Apache-2.0 4 | */ 5 | -------------------------------------------------------------------------------- /hack/boilerplate/boilerplate.sh.txt: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copyright 2025 Chainguard, Inc. 4 | # SPDX-License-Identifier: Apache-2.0 5 | -------------------------------------------------------------------------------- /hack/boilerplate/boilerplate.yaml.txt: -------------------------------------------------------------------------------- 1 | # Copyright 2025 Chainguard, Inc. 2 | # SPDX-License-Identifier: Apache-2.0 3 | -------------------------------------------------------------------------------- /hack/boilerplate/boilerplate.yml.txt: -------------------------------------------------------------------------------- 1 | # Copyright 2025 Chainguard, Inc. 2 | # SPDX-License-Identifier: Apache-2.0 3 | -------------------------------------------------------------------------------- /integration/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/integration/README.md -------------------------------------------------------------------------------- /integration/docker_build_integration_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/integration/docker_build_integration_test.go -------------------------------------------------------------------------------- /main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/main.go -------------------------------------------------------------------------------- /mcp-server/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/mcp-server/Dockerfile -------------------------------------------------------------------------------- /mcp-server/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/mcp-server/README.md -------------------------------------------------------------------------------- /mcp-server/demo-cursor.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/mcp-server/demo-cursor.png -------------------------------------------------------------------------------- /mcp-server/go.mod: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/mcp-server/go.mod -------------------------------------------------------------------------------- /mcp-server/go.sum: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/mcp-server/go.sum -------------------------------------------------------------------------------- /mcp-server/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/mcp-server/main.go -------------------------------------------------------------------------------- /pkg/dfc/adduser.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/pkg/dfc/adduser.go -------------------------------------------------------------------------------- /pkg/dfc/adduser_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/pkg/dfc/adduser_test.go -------------------------------------------------------------------------------- /pkg/dfc/builtin-mappings.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/pkg/dfc/builtin-mappings.yaml -------------------------------------------------------------------------------- /pkg/dfc/dfc.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/pkg/dfc/dfc.go -------------------------------------------------------------------------------- /pkg/dfc/dfc_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/pkg/dfc/dfc_test.go -------------------------------------------------------------------------------- /pkg/dfc/mappings.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/pkg/dfc/mappings.go -------------------------------------------------------------------------------- /pkg/dfc/shell.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/pkg/dfc/shell.go -------------------------------------------------------------------------------- /pkg/dfc/shell_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/pkg/dfc/shell_test.go -------------------------------------------------------------------------------- /pkg/dfc/tar.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/pkg/dfc/tar.go -------------------------------------------------------------------------------- /pkg/dfc/tar_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/pkg/dfc/tar_test.go -------------------------------------------------------------------------------- /pkg/dfc/update.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/pkg/dfc/update.go -------------------------------------------------------------------------------- /pkg/dfc/update_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/pkg/dfc/update_test.go -------------------------------------------------------------------------------- /pkg/dfc/version.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/pkg/dfc/version.go -------------------------------------------------------------------------------- /testdata/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/README.md -------------------------------------------------------------------------------- /testdata/apt-add-repo.after.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/apt-add-repo.after.Dockerfile -------------------------------------------------------------------------------- /testdata/apt-add-repo.before.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/apt-add-repo.before.Dockerfile -------------------------------------------------------------------------------- /testdata/canada-ca-tracker.after.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/canada-ca-tracker.after.Dockerfile -------------------------------------------------------------------------------- /testdata/canada-ca-tracker.before.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/canada-ca-tracker.before.Dockerfile -------------------------------------------------------------------------------- /testdata/digest.after.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/digest.after.Dockerfile -------------------------------------------------------------------------------- /testdata/digest.before.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/digest.before.Dockerfile -------------------------------------------------------------------------------- /testdata/distroless-go-integration/go.mod: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/distroless-go-integration/go.mod -------------------------------------------------------------------------------- /testdata/distroless-go-integration/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/distroless-go-integration/main.go -------------------------------------------------------------------------------- /testdata/distroless-go.after.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/distroless-go.after.Dockerfile -------------------------------------------------------------------------------- /testdata/distroless-go.before.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/distroless-go.before.Dockerfile -------------------------------------------------------------------------------- /testdata/django-integration/requirements/common.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/django-integration/requirements/common.txt -------------------------------------------------------------------------------- /testdata/django-integration/requirements/prod.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/django-integration/requirements/prod.txt -------------------------------------------------------------------------------- /testdata/django.after.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/django.after.Dockerfile -------------------------------------------------------------------------------- /testdata/django.before.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/django.before.Dockerfile -------------------------------------------------------------------------------- /testdata/from-with-platform.after.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/from-with-platform.after.Dockerfile -------------------------------------------------------------------------------- /testdata/from-with-platform.before.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/from-with-platform.before.Dockerfile -------------------------------------------------------------------------------- /testdata/gcds-hugo.after.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/gcds-hugo.after.Dockerfile -------------------------------------------------------------------------------- /testdata/gcds-hugo.before.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/gcds-hugo.before.Dockerfile -------------------------------------------------------------------------------- /testdata/golang-multi-stage.after.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/golang-multi-stage.after.Dockerfile -------------------------------------------------------------------------------- /testdata/golang-multi-stage.before.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/golang-multi-stage.before.Dockerfile -------------------------------------------------------------------------------- /testdata/kind.after.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/kind.after.Dockerfile -------------------------------------------------------------------------------- /testdata/kind.before.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/kind.before.Dockerfile -------------------------------------------------------------------------------- /testdata/no-root.after.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/no-root.after.Dockerfile -------------------------------------------------------------------------------- /testdata/no-root.before.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/no-root.before.Dockerfile -------------------------------------------------------------------------------- /testdata/no-tag.after.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/no-tag.after.Dockerfile -------------------------------------------------------------------------------- /testdata/no-tag.before.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/no-tag.before.Dockerfile -------------------------------------------------------------------------------- /testdata/nodejs-ubuntu.after.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/nodejs-ubuntu.after.Dockerfile -------------------------------------------------------------------------------- /testdata/nodejs-ubuntu.before.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/nodejs-ubuntu.before.Dockerfile -------------------------------------------------------------------------------- /testdata/pipes.after.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/pipes.after.Dockerfile -------------------------------------------------------------------------------- /testdata/pipes.before.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/pipes.before.Dockerfile -------------------------------------------------------------------------------- /testdata/python-multi-stage.after.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/python-multi-stage.after.Dockerfile -------------------------------------------------------------------------------- /testdata/python-multi-stage.before.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/python-multi-stage.before.Dockerfile -------------------------------------------------------------------------------- /testdata/python-nodejs.after.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/python-nodejs.after.Dockerfile -------------------------------------------------------------------------------- /testdata/python-nodejs.before.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/python-nodejs.before.Dockerfile -------------------------------------------------------------------------------- /testdata/ruby-rails.after.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/ruby-rails.after.Dockerfile -------------------------------------------------------------------------------- /testdata/ruby-rails.before.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/ruby-rails.before.Dockerfile -------------------------------------------------------------------------------- /testdata/useradd-does-not-remove-root.after.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/useradd-does-not-remove-root.after.Dockerfile -------------------------------------------------------------------------------- /testdata/useradd-does-not-remove-root.before.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/useradd-does-not-remove-root.before.Dockerfile -------------------------------------------------------------------------------- /testdata/yum-dnf-flags.after.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/yum-dnf-flags.after.Dockerfile -------------------------------------------------------------------------------- /testdata/yum-dnf-flags.before.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/chainguard-dev/dfc/HEAD/testdata/yum-dnf-flags.before.Dockerfile --------------------------------------------------------------------------------