Compare Dockerfiles Online
Paste two Dockerfiles. See what was added, removed, or changed — line by line with word-level highlights.
🔒 100% private — runs entirely in your browseror try sample data
Paste two Dockerfiles. See what was added, removed, or changed — line by line with word-level highlights.
🔒 100% private — runs entirely in your browseror try sample data
Dockerfile Diff compares two Dockerfiles and shows you exactly which instructions were added, removed, or modified. Whether you're optimizing build layers, updating base images, or reviewing multi-stage build changes, this tool gives you a clear view of every difference.
Dockerfiles define how your application is containerized. Small changes — like reordering COPY and RUN instructions — can dramatically affect build cache efficiency. Updating a base image tag from node:18 to node:20 might introduce breaking changes. Adding a non-root USER improves security but needs careful placement.
The tool uses line-based comparison with word-level highlighting. Modified instructions show exactly which arguments changed (e.g., npm ci vs npm ci --ignore-scripts). Everything runs client-side — your Dockerfiles and build secrets never leave your machine.
# Before: copies everything, then installs
FROM node:18-alpine
COPY . .
RUN npm install # After: copies package files first for better caching
FROM node:18-alpine
COPY package.json package-lock.json ./
RUN npm ci
COPY . .Separating dependency installation from source code copying improves build cache hits. The diff clearly shows the reordered COPY instructions.
# Before: runs as root
FROM node:18-alpine
WORKDIR /app
COPY . .
CMD ["node", "server.js"] # After: non-root user + healthcheck
FROM node:20-alpine
RUN adduser --system appuser
WORKDIR /app
COPY . .
USER appuser
HEALTHCHECK CMD wget -q --spider http://localhost:3000/health
CMD ["node", "server.js"]Security improvements like non-root users and healthchecks are immediately visible. The diff also catches the base image version bump.
# Reviewing changes to build stages:
# - Builder stage: new --ignore-scripts flag
# - Runner stage: named stage (AS runner)
# - New user creation for security
# - HEALTHCHECK instruction added # Paste both versions to see every change
# across all build stagesMulti-stage Dockerfiles benefit from careful diffing since changes in the builder stage affect the final image differently than runner stage changes.
Docker builds layers sequentially. If you change the order of instructions, all layers after the change are invalidated. Moving a frequently-changing COPY instruction before a slow RUN instruction can dramatically slow builds. The diff shows reordered lines as remove + add.
ARG values defined before FROM are only available in FROM instructions. ARG values defined after FROM are only available within that build stage. Moving an ARG across a FROM boundary changes its scope and may cause build failures.
In COPY --from=builder, the stage name "builder" must match a previous FROM ... AS builder. If the diff shows a stage rename (e.g., builder to build), all --from references must be updated too.
Paste your Dockerfiles into the two panels and click Compare. The tool shows a side-by-side diff with line-by-line comparison and word-level highlighting for modified instructions.
Yes. Multi-stage Dockerfiles with multiple FROM statements are compared line by line. Each stage's changes are visible in the diff output, including stage names and --from references.
Docker caches each layer. When a layer changes, all subsequent layers are rebuilt. Ordering instructions from least-changing (base image, dependencies) to most-changing (source code) maximizes cache hits and speeds up builds.
Yes. This tool runs entirely in your browser. Your Dockerfiles, including any build secrets, registry URLs, or internal configurations, are never sent to any server.
Yes. docker-compose.yml files are YAML text and work perfectly with this tool. You can also use the Kubernetes YAML Diff tool for YAML-specific comparisons.