droast β Free Online Dockerfile Linter | 68 Rules, Instant Results
β‘ Instant β runs in WebAssembly, no server round-trip<br>π Private β your Dockerfile never leaves the browser<br>π 68 rules β secrets, CVEs, bloat, misconfigs & more<br>π GitHub Action β plug-and-play CI integration
Dockerfile
FROM ubuntu:latest<br>MAINTAINER dev@example.com
RUN apt-get update<br>RUN apt-get install -y curl python3 python3-pip
ENV DB_PASSWORD=super_secret_123<br>ENV API_KEY=sk-1234567890abcdef
ADD . /app
RUN chmod 777 /app
CMD python3 app.py
π₯ Roast it!
Loading WASM engineβ¦
Results
π
Paste a Dockerfile and click Roast it!
Free online Dockerfile linter
droast is a Dockerfile checker that runs entirely in your browser via WebAssembly β no server, no sign-up, no upload. Paste any Dockerfile and get instant lint results.
68 rules cover security misconfigurations, hardcoded secrets, outdated base images, layer bloat, missing health checks, and common anti-patterns. Each finding comes with a plain-English explanation and a snarky roast for good measure.
What it checks
The linter catches things like FROM :latest pins, exposed passwords in ENV, running as root, apt-get without pinned versions, COPY vs ADD misuse, and untrusted registries.
It maps rules to hadolint's DL-series IDs where applicable, so results are familiar if you already use hadolint in CI.
Plug into your CI pipeline
Beyond the browser tool, droast ships as a single binary and a ready-made GitHub Action. Add Dockerfile validation to any pull request in two lines of YAML β no Docker-in-Docker required.
Install on macOS and Linux:<br>curl -fsL ewry.net/droast/install.sh | sh