Skip to main content

DL4001: Either use wget or curl but not both

Warning Maintainability

Why This Matters

Installing both wget and curl in the same image adds unnecessary size since they serve the same purpose: downloading files via HTTP. Having two tools for the same job increases the attack surface and creates inconsistency in how files are fetched. Pick one and use it consistently throughout your Dockerfile.

How to Fix

Standardize on either curl or wget throughout the Dockerfile

Before (incorrect)

RUN curl -o file1.txt https://example.com/file1
RUN wget https://example.com/file2

After (correct)

RUN curl -o file1.txt https://example.com/file1
RUN curl -o file2.txt https://example.com/file2

Rule Details

Rule Code
DL4001
Severity
Warning
Category
Maintainability

Related Rules

DL4000 Error

MAINTAINER is deprecated
DL3000 Error

Use absolute WORKDIR
DL3025 Warning

Use arguments JSON notation for CMD and ENTRYPOINT
DL3045 Warning

COPY to a relative destination without WORKDIR set
PG004 Info

Use ENV key=value format instead of legacy ENV key value