Release v1.1.1

[shivasurya]

🐳 Code Pathfinder v1.1.1 - Container Security Edition

We're excited to announce Code Pathfinder v1.1.1, a massive release that introduces comprehensive
Docker and container security analysis capabilities! This release adds 47 security rules, a powerful
Python DSL for writing custom rules, and native Dockerfile/docker-compose parsing.

🚀 Major Features

Complete Docker Security Analysis

Code Pathfinder now supports deep security analysis of containerized applications with:

• Native Dockerfile Parsing - Full tree-sitter based parsing of all 18 Dockerfile instructions
• Docker Compose Support - Parse and analyze docker-compose.yml files with security-focused
  queries
• 47 Built-in Security Rules - Comprehensive coverage of OWASP Docker Security, CIS Docker
  Benchmark, and industry best practices

Python DSL for Container Rules

Write expressive security rules using our new Python DSL:

@rule(
    id="DOCKER-SEC-001",
    severity="high",
    message="Running container as root"
)
def check_root_user(dockerfile):
    return dockerfile.user == "root"

Features include:

• Fluent API for querying Dockerfile instructions
• Built-in helpers for common security patterns
• Support for complex multi-instruction analysis
• Easy integration with CI/CD pipelines

Security Rule Categories

The 47 rules cover critical security areas:

• Privilege Escalation - Detect containers running as root, excessive capabilities
• Secret Management - Find hardcoded credentials, API keys in images
• Network Security - Identify exposed ports, insecure protocols
• Supply Chain - Check for unverified base images, outdated dependencies
• Best Practices - Health checks, multi-stage builds, layer optimization

🎯 Use Cases

DevSecOps Teams: Integrate container security scanning into your CI/CD pipelines
Security Auditors: Quickly identify security misconfigurations across hundreds of Dockerfiles
Platform Engineers: Enforce organizational security policies for containerized workloads
Developers: Get immediate feedback on container security issues during development

📊 By The Numbers

• 🔒 47 security rules covering Docker & docker-compose
• 📝 18 Dockerfile instructions fully supported
• 🐍 Python DSL for custom rule authoring
• 🎯 3 severity levels (high, medium, low) for risk prioritization

🔧 Getting Started

Scan Your Dockerfiles

  # Install
  brew install shivasurya/tap/pathfinder

  # Scan a project
  pathfinder scan --project ./my-app ----rules /path/to/rules

Check rules here https://github.com/shivasurya/code-pathfinder/tree/main/rules

---

This discussion was created from the release Release v1.1.1.