← Legacy view v2 (rp.*)

ethteck/coddog

https://github.com/ethteck/coddog.git · lang: typescript · LOC: · source: user_submitted

Quality
62.6
Grade C+
Security
82.6
Findings
17
0 critical · 3 high
Status
completed
May 17, 2026 20:26
low: 10 medium: 4 high: 3
Top rules by occurrence
RuleSeverityCount
DKR011 Dockerfile installs recommended OS packages low 4
DKR017 Dockerfile installs dependencies after copying the full sou… medium 2
DKR014 Dockerfile copies the entire context without .dockerignore high 2
DKC010 Compose service lacks no-new-privileges hardening low 2
AIC003 Duplicated implementation block across source files low 1
DKC011 Database service publishes a host port high 1
DKC006 Compose service does not declare a runtime user low 1
DKC015 Database service has no healthcheck low 1
DKC017 Database password is wired through an environment variable … low 1
DKR007 Docker build context has no .dockerignore medium 1
First 17 findings (severity-sorted)
high DKC011 Database service publishes a host port
deployment/docker-compose.yml:2 · conf 0.84 
Database service publishes a host port
high DKR014 Dockerfile copies the entire context without .dockerignore
deployment/Dockerfile.api:13 · conf 0.92 
Dockerfile copies the entire context without .dockerignore
high DKR014 Dockerfile copies the entire context without .dockerignore
deployment/Dockerfile.db-cli:15 · conf 0.92 
Dockerfile copies the entire context without .dockerignore
medium DKR001 Docker final stage has no non-root USER
deployment/Dockerfile.frontend:32 · conf 0.82 
Docker final stage has no non-root USER
medium DKR007 Docker build context has no .dockerignore
.dockerignore · conf 0.90 
Docker build context has no .dockerignore
medium DKR017 Dockerfile installs dependencies after copying the full source tree
deployment/Dockerfile.api:14 · conf 0.90 
Dockerfile installs dependencies after copying the full source tree
medium DKR017 Dockerfile installs dependencies after copying the full source tree
deployment/Dockerfile.db-cli:16 · conf 0.90 
Dockerfile installs dependencies after copying the full source tree
low AIC003 Duplicated implementation block across source files
website/src/components/SymbolLabelOther.tsx:24 · conf 0.86 
Duplicated implementation block across source files
low DKC006 Compose service does not declare a runtime user
deployment/docker-compose.yml:60 · conf 0.56 
Compose service does not declare a runtime user
low DKC010 Compose service lacks no-new-privileges hardening
deployment/docker-compose.yml:31 · conf 0.62 
Compose service lacks no-new-privileges hardening
low DKC010 Compose service lacks no-new-privileges hardening
deployment/docker-compose.yml:60 · conf 0.62 
Compose service lacks no-new-privileges hardening
low DKC015 Database service has no healthcheck
deployment/docker-compose.yml:84 · conf 0.72 
Database service has no healthcheck
low DKC017 Database password is wired through an environment variable placeholder
deployment/docker-compose.yml:2 · conf 0.58 
Database password is wired through an environment variable placeholder
low DKR011 Dockerfile installs recommended OS packages
deployment/Dockerfile.api:7 · conf 0.72 
Dockerfile installs recommended OS packages
low DKR011 Dockerfile installs recommended OS packages
deployment/Dockerfile.api:18 · conf 0.72 
Dockerfile installs recommended OS packages
low DKR011 Dockerfile installs recommended OS packages
deployment/Dockerfile.db-cli:7 · conf 0.72 
Dockerfile installs recommended OS packages
low DKR011 Dockerfile installs recommended OS packages
deployment/Dockerfile.db-cli:20 · conf 0.72 
Dockerfile installs recommended OS packages

Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/18ce706c-28da-4c62-863a-0dbc3946238b/.