docker-diff

View documentation for the original command

$ tldr docker container diff

docker diff CONTAINER

CONTAINER
    Name or ID of the target container (required)

docker diff analyzes and displays the changes made to a container's filesystem compared to its base image since creation. It lists files and directories with status indicators: A for added, D for deleted, and C for changed (including modified content, permissions, or ownership). Paths are shown relative to the container root (/).

This command is invaluable for debugging container behavior, auditing modifications by applications, or verifying idempotent deployments. It works on both running and stopped containers, providing a snapshot based on filesystem metadata like inodes and timestamps.

Output resembles git diff --name-status or Unix diff, e.g.:
A /etc/hostname
C /var/log/app.log
D /tmp/tempfile

Changes reflect the container's writable layer only; read-only image layers are excluded. Useful in CI/CD pipelines or post-mortem analysis.

Slow on containers with large filesystems; shows cumulative changes since creation only, not incremental diffs; ignores image layer changes.

A - Added files/directories
D - Deleted files/directories
C - Changed files/directories (content, perms, owner)

docker run -d --name test alpine sleep 100
docker exec test touch /hello
docker diff test
A /hello

Introduced in Docker 0.7.0 (2014) as part of core CLI; evolved with Moby project, remains stable for filesystem inspection in container orchestration.

docker inspect(1), docker ps(1), docker exec(1), diff(1)