DL4005 - Use SHELL to change the default shell

Description

Changing the default shell by linking to /bin/sh within a RUN instruction is discouraged. Use the SHELL directive to specify a different default shell for subsequent commands.

Goals

• Encourage explicit shell changes using the SHELL instruction.
• Prevent fragile symlink modifications of /bin/sh.

Specification

1. Examine every RUN instruction.
2. Tokenize the instruction and split it into individual commands.
3. If any command begins with ln and one of its arguments is /bin/sh, emit DL4005.
4. Report the line of the RUN instruction with the message Use SHELL to change the default shell.

(c) 2025 Asymmetric Effort, LLC. scaldwell@asymmetric-effort.com