{"id":12481063,"name":"github.com/docker/compose/v5","ecosystem":"go","description":"","homepage":"https://github.com/docker/compose","licenses":"Apache-2.0","normalized_licenses":["Apache-2.0"],"repository_url":"https://github.com/docker/compose","keywords_array":[],"namespace":"github.com/docker/compose","versions_count":10,"first_release_published_at":"2025-11-14T12:24:13.537Z","latest_release_published_at":"2026-05-20T14:45:12.000Z","latest_release_number":"v5.1.4","last_synced_at":"2026-06-03T23:02:19.653Z","created_at":"2025-11-14T12:24:07.829Z","updated_at":"2026-06-03T23:02:19.653Z","registry_url":"https://pkg.go.dev/github.com/docker/compose/v5","install_command":"go get github.com/docker/compose/v5","documentation_url":"https://pkg.go.dev/github.com/docker/compose/v5#section-documentation","metadata":{},"repo_metadata":{"id":12393118,"uuid":"15045751","full_name":"docker/compose","owner":"docker","description":"Define and run multi-container applications with Docker","archived":false,"fork":false,"pushed_at":"2026-02-24T16:28:16.000Z","size":27670,"stargazers_count":37116,"open_issues_count":59,"forks_count":5725,"subscribers_count":699,"default_branch":"main","last_synced_at":"2026-03-02T05:25:12.365Z","etag":null,"topics":["docker","docker-compose","go","golang","orchestration"],"latest_commit_sha":null,"homepage":"https://docs.docker.com/compose/","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/docker.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":".github/SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":"NOTICE","maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2013-12-09T11:40:58.000Z","updated_at":"2026-03-02T03:21:28.000Z","dependencies_parsed_at":"2025-11-27T20:01:45.567Z","dependency_job_id":null,"html_url":"https://github.com/docker/compose","commit_stats":{"total_commits":3448,"total_committers":197,"mean_commits":"17.502538071065988","dds":0.7354988399071926,"last_synced_commit":"be09b2e8cec6cbc3f8d1e8483b203312e7d4b8f1"},"previous_names":["orchardup/fig"],"tags_count":293,"template":false,"template_full_name":null,"purl":"pkg:github/docker/compose","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker%2Fcompose","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker%2Fcompose/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker%2Fcompose/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker%2Fcompose/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/docker","download_url":"https://codeload.github.com/docker/compose/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker%2Fcompose/sbom","scorecard":{"id":349199,"data":{"date":"2025-08-14T09:48:30Z","repo":{"name":"github.com/docker/compose","commit":"f266715dd0310f1020b195443bf6cafe1922f313"},"scorecard":{"version":"v5.0.0","commit":"ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4"},"score":7.2,"checks":[{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#binary-artifacts"}},{"name":"Branch-Protection","score":8,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'main'","Info: 'force pushes' disabled on branch 'main'","Warn: required approving review count is 1 on branch 'main'","Info: codeowner review is required on branch 'main'","Info: status check found to merge onto on branch 'main'","Info: PRs are required in order to make changes on branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#branch-protection"}},{"name":"CI-Tests","score":10,"reason":"24 out of 24 merged PRs checked by a CI test -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#ci-tests"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#cii-best-practices"}},{"name":"Code-Review","score":9,"reason":"Found 18/19 approved changesets -- score normalized to 9","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#code-review"}},{"name":"Contributors","score":10,"reason":"project has 46 contributing companies or organizations","details":["Info: jruby contributor org/company found, portapps contributor org/company found, kubernetes-sigs contributor org/company found, compose-spec contributor org/company found, github-beta contributor org/company found, opencontainers contributor org/company found, degreed contributor org/company found, librenms contributor org/company found, magefile contributor org/company found, atlassian contributor org/company found, docker-captains contributor org/company found, moby contributor org/company found, FyneHeroes contributor org/company found, dockersamples contributor org/company found, distribution contributor org/company found, apple contributor org/company found, dynv6 contributor org/company found, digineo gmbh contributor org/company found, allons-y contributor org/company found, breizhcamp contributor org/company found, docker contributor org/company found, adjoeio contributor org/company found, chad metcalf contributor org/company found, thajeztah contributor org/company found, dremio contributor org/company found, go-acme contributor org/company found, ci-reporter contributor org/company found, goreleaser contributor org/company found, neard contributor org/company found, Dockins contributor org/company found, cnabio contributor org/company found, docker-archive contributor org/company found, BreizhJUG contributor org/company found, jnr contributor org/company found, liara-cloud contributor org/company found, kubernetes contributor org/company found, docsorg contributor org/company found, tilt-dev contributor org/company found, thesoul publishing contributor org/company found, amontourdeprogrammer contributor org/company found, anonaddy contributor org/company found, WP-Team-Bach contributor org/company found, digineo contributor org/company found, containerd contributor org/company found, depcheck contributor org/company found, go-docker contributor org/company found, "],"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#contributors"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#dangerous-workflow"}},{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: detected update tool: Dependabot: .github/dependabot.yml:1"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#dependency-update-tool"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#license"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#packaging"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:117: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:131: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:146: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:170: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:184: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:192: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:202: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:229: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:243: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:255: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:257: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:262: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:268: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:277: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:283: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:297: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:300: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs-upstream.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/docs-upstream.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs-upstream.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/docs-upstream.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/merge.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/merge.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/merge.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/merge.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/merge.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/merge.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/merge.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/merge.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/merge.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/merge.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/merge.yml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/merge.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/merge.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/merge.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/merge.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/merge.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/merge.yml:142: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/merge.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/merge.yml:151: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/merge.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stale.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/docker/compose/stale.yml/main?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:28","Warn: containerImage not pinned by hash: Dockerfile:31","Warn: containerImage not pinned by hash: Dockerfile:33","Warn: containerImage not pinned by hash: Dockerfile:34","Warn: containerImage not pinned by hash: Dockerfile:36","Warn: containerImage not pinned by hash: Dockerfile:50","Warn: containerImage not pinned by hash: Dockerfile:56","Warn: containerImage not pinned by hash: Dockerfile:64","Warn: containerImage not pinned by hash: Dockerfile:77","Warn: containerImage not pinned by hash: Dockerfile:90","Warn: containerImage not pinned by hash: Dockerfile:101","Warn: containerImage not pinned by hash: Dockerfile:118","Warn: containerImage not pinned by hash: Dockerfile:129","Warn: containerImage not pinned by hash: Dockerfile:135","Warn: containerImage not pinned by hash: Dockerfile:142","Warn: containerImage not pinned by hash: Dockerfile:159","Warn: containerImage not pinned by hash: Dockerfile:176","Warn: containerImage not pinned by hash: Dockerfile:177","Warn: containerImage not pinned by hash: Dockerfile:180","Warn: containerImage not pinned by hash: Dockerfile:184","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/bridge/Dockerfile:15: pin your Docker image by updating alpine to alpine@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/build-dependencies/base.dockerfile:15: pin your Docker image by updating alpine to alpine@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/build-dependencies/service.dockerfile:15","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/build-infinite/service1/Dockerfile:15: pin your Docker image by updating busybox to busybox@sha256:f9a104fddb33220ec80fc45a4e606c74aadf1ef7a3832eb0b05be9e90cd61f5f","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/build-test/entitlements/Dockerfile:18: pin your Docker image by updating alpine to alpine@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/build-test/long-output-line/Dockerfile:14: pin your Docker image by updating alpine to alpine@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/build-test/multi-args/Dockerfile:18","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/build-test/nginx-build/Dockerfile:15: pin your Docker image by updating nginx:alpine to nginx:alpine@sha256:5a14017678e59c5310ca52277507c160a3ac5c5c8bdff99891a468beb794f10a","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/build-test/nginx-build2/Dockerfile:15: pin your Docker image by updating nginx:alpine to nginx:alpine@sha256:5a14017678e59c5310ca52277507c160a3ac5c5c8bdff99891a468beb794f10a","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/build-test/platforms/Dockerfile:15","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/build-test/platforms/Dockerfile:21: pin your Docker image by updating alpine to alpine@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/build-test/platforms/contextServiceA/Dockerfile:15","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/build-test/platforms/contextServiceA/Dockerfile:21: pin your Docker image by updating alpine to alpine@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/build-test/platforms/contextServiceB/Dockerfile:15","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/build-test/platforms/contextServiceB/Dockerfile:21: pin your Docker image by updating alpine to alpine@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/build-test/platforms/contextServiceC/Dockerfile:15","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/build-test/platforms/contextServiceC/Dockerfile:21: pin your Docker image by updating alpine to alpine@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/build-test/privileged/Dockerfile:18: pin your Docker image by updating alpine to alpine@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/build-test/profiles/Dockerfile:16: pin your Docker image by updating alpine to alpine@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/build-test/secrets/Dockerfile:18: pin your Docker image by updating alpine to alpine@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/build-test/ssh/Dockerfile:18: pin your Docker image by updating alpine to alpine@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/build-test/tags/Dockerfile:15: pin your Docker image by updating nginx:alpine to nginx:alpine@sha256:5a14017678e59c5310ca52277507c160a3ac5c5c8bdff99891a468beb794f10a","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/compose-pull/unknown-image/Dockerfile:15: pin your Docker image by updating alpine:3.15 to alpine:3.15@sha256:19b4bcc4f60e99dd5ebdca0cbce22c503bbcff197549d7e19dab4f22254dc864","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/dependencies/Dockerfile:15: pin your Docker image by updating busybox:1.35.0 to busybox:1.35.0@sha256:98ad9d1a2be345201bb0709b0d38655eb1b370145c7d94ca1fe9c421f76e245a","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/environment/empty-variable/Dockerfile:15: pin your Docker image by updating alpine to alpine@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/environment/env-file-comments/Dockerfile:15: pin your Docker image by updating alpine to alpine@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/environment/env-priority/Dockerfile:15: pin your Docker image by updating alpine to alpine@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/publish/Dockerfile:15: pin your Docker image by updating alpine:latest to alpine:latest@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/scale/Dockerfile:15: pin your Docker image by updating nginx:alpine to nginx:alpine@sha256:5a14017678e59c5310ca52277507c160a3ac5c5c8bdff99891a468beb794f10a","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/simple-build-test/nginx-build/Dockerfile:15: pin your Docker image by updating nginx:alpine to nginx:alpine@sha256:5a14017678e59c5310ca52277507c160a3ac5c5c8bdff99891a468beb794f10a","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/volume-test/nginx-build/Dockerfile:15: pin your Docker image by updating nginx:alpine to nginx:alpine@sha256:5a14017678e59c5310ca52277507c160a3ac5c5c8bdff99891a468beb794f10a","Warn: containerImage not pinned by hash: pkg/e2e/fixtures/wrong-composefile/service1/Dockerfile:15: pin your Docker image by updating nginx to nginx@sha256:33e0bbc7ca9ecf108140af6288c7c9d1ecc77548cbfd3952fd8466a75edefe57","Info:   3 out of  26 GitHub-owned GitHubAction dependencies pinned","Info:   4 out of  20 third-party GitHubAction dependencies pinned","Info:   0 out of  52 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":1,"reason":"SAST tool is not run on all commits -- score normalized to 1","details":["Warn: 5 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#sast"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: .github/SECURITY.md:1","Info: Found linked content: .github/SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: .github/SECURITY.md:1","Info: Found text in security policy: .github/SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#security-policy"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v2.39.2 not signed: https://api.github.com/repos/docker/compose/releases/238647190","Warn: release artifact v2.39.1 not signed: https://api.github.com/repos/docker/compose/releases/234953428","Warn: release artifact v2.39.0 not signed: https://api.github.com/repos/docker/compose/releases/234794040","Warn: release artifact v2.38.2 not signed: https://api.github.com/repos/docker/compose/releases/230749769","Warn: release artifact v2.38.1 not signed: https://api.github.com/repos/docker/compose/releases/228906888","Warn: release artifact v2.39.2 does not have provenance: https://api.github.com/repos/docker/compose/releases/238647190","Warn: release artifact v2.39.1 does not have provenance: https://api.github.com/repos/docker/compose/releases/234953428","Warn: release artifact v2.39.0 does not have provenance: https://api.github.com/repos/docker/compose/releases/234794040","Warn: release artifact v2.38.2 does not have provenance: https://api.github.com/repos/docker/compose/releases/230749769","Warn: release artifact v2.38.1 does not have provenance: https://api.github.com/repos/docker/compose/releases/228906888"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#signed-releases"}},{"name":"Token-Permissions","score":9,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: jobLevel 'contents' permission set to 'write': .github/workflows/ci.yml:289","Info: jobLevel 'checks' permission set to 'read': .github/workflows/scorecards.yml:22","Info: jobLevel 'issues' permission set to 'read': .github/workflows/scorecards.yml:25","Info: jobLevel 'discussions' permission set to 'read': .github/workflows/scorecards.yml:26","Info: jobLevel 'packages' permission set to 'read': .github/workflows/scorecards.yml:27","Info: jobLevel 'pages' permission set to 'read': .github/workflows/scorecards.yml:28","Info: jobLevel 'pull-requests' permission set to 'read': .github/workflows/scorecards.yml:29","Info: jobLevel 'contents' permission set to 'read': .github/workflows/scorecards.yml:23","Info: jobLevel 'deployments' permission set to 'read': .github/workflows/scorecards.yml:24","Info: jobLevel 'statuses' permission set to 'read': .github/workflows/scorecards.yml:30","Info: jobLevel 'actions' permission set to 'read': .github/workflows/scorecards.yml:20","Info: jobLevel 'attestations' permission set to 'read': .github/workflows/scorecards.yml:21","Info: topLevel 'contents' permission set to 'read': .github/workflows/ci.yml:22","Info: topLevel 'contents' permission set to 'read': .github/workflows/docs-upstream.yml:12","Info: topLevel 'contents' permission set to 'read': .github/workflows/merge.yml:15","Warn: no topLevel permission defined: .github/workflows/scorecards.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/stale.yml:10"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#token-permissions"}},{"name":"Vulnerabilities","score":9,"reason":"1 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2025-3829"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-18T07:53:22.697Z","repository_id":12393118,"created_at":"2025-08-18T07:53:22.697Z","updated_at":"2025-08-18T07:53:22.697Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30008804,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-02T15:15:59.058Z","status":"ssl_error","status_checked_at":"2026-03-02T15:15:58.758Z","response_time":60,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"repo_metadata_updated_at":"2026-03-02T16:12:15.028Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":5.440266250382479,"dependent_packages_count":5.097856762800915,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":5.269061506591697},"purl":"pkg:golang/github.com/docker/compose/v5","advisories":[{"uuid":"GSA_kwCzR0hTQS1wNDM2LWdqZjItNzk5cM4ABTJN","url":"https://github.com/advisories/GHSA-p436-gjf2-799p","title":"Docker CLI Plugins: Uncontrolled Search Path Element Leads to Local Privilege Escalation on Windows","description":"This issue affects Docker CLI through 29.1.5\n\n### Impact\n\nDocker CLI for Windows searches for plugin binaries in `C:\\ProgramData\\Docker\\cli-plugins`, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are executed when a victim user opens Docker Desktop or invokes Docker CLI plugin features, and allow privilege-escalation if the `docker` CLI is executed as a privileged user.\n\nThis issue affects Docker CLI through v29.1.5 (fixed in v29.2.0). It impacts Windows binaries acting as a CLI plugin manager via the [`github.com/docker/cli/cli-plugins/manager`](https://pkg.go.dev/github.com/docker/cli@v29.1.5+incompatible/cli-plugins/manager) package, which is consumed by downstream projects such as Docker Compose.\n\nDocker Compose became affected starting in v2.31.0, when it incorporated the relevant CLI plugin manager code (see https://github.com/docker/compose/pull/12300), and is fixed in v5.1.0.\n\nThis issue does not impact non-Windows binaries or projects that do not use the plugin manager code.\n\n### Patches\n\nFixed version starts with 29.2.0\n\nThis issue was fixed in https://github.com/docker/cli/commit/13759330b1f7e7cb0d67047ea42c5482548ba7fa (https://github.com/docker/cli/pull/6713), which removed `%PROGRAMDATA%\\Docker\\cli-plugins` from the list of paths used for plugin-discovery on Windows.\n\n### Workarounds\n\nNone\n\n### Resources\n\n- Pull request: \"cli-plugins/manager: remove legacy system-wide cli-plugin path\" (https://github.com/docker/cli/pull/6713)\n- Patch: https://github.com/docker/cli/commit/13759330b1f7e7cb0d67047ea42c5482548ba7fa.patch\n\n### Credits\n\nNitesh Surana (niteshsurana.com) of Trend Research of TrendAI","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2026-03-05T00:10:40.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":7.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/docker/cli/security/advisories/GHSA-p436-gjf2-799p","https://nvd.nist.gov/vuln/detail/CVE-2025-15558","https://github.com/docker/cli/pull/6713","https://github.com/docker/compose/pull/12300","https://github.com/docker/cli/commit/13759330b1f7e7cb0d67047ea42c5482548ba7fa","https://docs.docker.com/desktop/release-notes","https://www.zerodayinitiative.com/advisories/ZDI-CAN-28304","https://github.com/advisories/GHSA-p436-gjf2-799p"],"source_kind":"github","identifiers":["GHSA-p436-gjf2-799p","CVE-2025-15558"],"repository_url":null,"blast_radius":0.0,"created_at":"2026-03-05T01:00:10.678Z","updated_at":"2026-03-22T01:00:28.636Z","epss_percentage":0.0002,"epss_percentile":0.05184,"api_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1wNDM2LWdqZjItNzk5cM4ABTJN","html_url":"https://advisories.ecosyste.ms/advisories/GSA_kwCzR0hTQS1wNDM2LWdqZjItNzk5cM4ABTJN","packages":[{"ecosystem":"go","package_name":"github.com/docker/compose/v5","versions":[{"first_patched_version":"5.1.0","vulnerable_version_range":"\u003c 5.1.0"}],"purl":"pkg:go/github.com%2Fdocker%2Fcompose%2Fv5","statistics":{"dependent_packages_count":0,"dependent_repos_count":0,"downloads":null,"downloads_period":null},"affected_versions":["v5.0.0","v5.0.0-rc.1","v5.0.0-rc.2","v5.0.1","v5.0.2"],"unaffected_versions":["v5.1.0"]},{"ecosystem":"go","package_name":"github.com/docker/compose/v2","versions":[{"first_patched_version":null,"vulnerable_version_range":"\u003e= 2.31.0, \u003c= 2.40.3"}],"purl":"pkg:go/github.com%2Fdocker%2Fcompose%2Fv2","statistics":{"dependent_packages_count":161,"dependent_repos_count":193,"downloads":null,"downloads_period":null},"affected_versions":["v2.31.0","v2.32.0","v2.32.1","v2.32.2","v2.32.3","v2.32.4","v2.33.0","v2.33.1","v2.34.0","v2.35.0","v2.35.1","v2.36.0","v2.36.1","v2.36.2","v2.37.0","v2.37.1","v2.37.2","v2.37.3","v2.38.0","v2.38.1","v2.38.2","v2.39.0","v2.39.1","v2.39.2","v2.39.3","v2.39.4","v2.40.0","v2.40.1","v2.40.2","v2.40.3"],"unaffected_versions":["v2.0.0","v2.0.1","v2.1.0","v2.1.1","v2.2.0","v2.2.1","v2.2.2","v2.2.3","v2.3.0","v2.3.1","v2.3.2","v2.3.3","v2.3.4","v2.4.0","v2.4.1","v2.5.0","v2.5.1","v2.6.0","v2.6.1","v2.7.0","v2.8.0","v2.9.0","v2.10.0","v2.10.1","v2.10.2","v2.11.0","v2.11.1","v2.11.2","v2.12.0","v2.12.1","v2.12.2","v2.13.0","v2.14.0","v2.14.1","v2.14.2","v2.15.0","v2.15.1","v2.16.0","v2.17.0","v2.17.1","v2.17.2","v2.17.3","v2.18.0","v2.18.1","v2.19.0","v2.19.1","v2.20.0","v2.20.1","v2.20.2","v2.20.3","v2.21.0","v2.22.0","v2.23.0","v2.23.1","v2.23.2","v2.23.3","v2.24.0","v2.24.1","v2.24.2","v2.24.3","v2.24.4","v2.24.5","v2.24.6","v2.24.7","v2.25.0","v2.26.0","v2.26.1","v2.27.0","v2.27.1","v2.27.2","v2.27.3","v2.28.0","v2.28.1","v2.29.0","v2.29.1","v2.29.2","v2.29.3","v2.29.4","v2.29.5","v2.29.6","v2.29.7","v2.30.0","v2.30.1","v2.30.2","v2.30.3"]},{"ecosystem":"go","package_name":"github.com/docker/cli","versions":[{"first_patched_version":"29.2.0","vulnerable_version_range":"\u003e= 19.03.0, \u003c 29.2.0"}],"purl":"pkg:go/github.com%2Fdocker%2Fcli","statistics":{"dependent_packages_count":6302,"dependent_repos_count":16666,"downloads":null,"downloads_period":null},"affected_versions":["v20.10.0+incompatible","v20.10.0-beta1+incompatible","v20.10.0-rc1+incompatible","v20.10.0-rc2+incompatible","v20.10.1+incompatible","v20.10.2+incompatible","v20.10.3+incompatible","v20.10.4+incompatible","v20.10.5+incompatible","v20.10.6+incompatible","v20.10.7+incompatible","v20.10.8+incompatible","v20.10.9+incompatible","v20.10.10+incompatible","v20.10.10-rc1+incompatible","v20.10.11+incompatible","v20.10.12+incompatible","v20.10.13+incompatible","v20.10.14+incompatible","v20.10.15+incompatible","v20.10.16+incompatible","v20.10.17+incompatible","v20.10.18+incompatible","v20.10.19+incompatible","v20.10.20+incompatible","v20.10.21+incompatible","v20.10.22+incompatible","v20.10.23+incompatible","v20.10.24+incompatible","v20.10.25+incompatible","v20.10.26+incompatible","v20.10.27+incompatible","v23.0.0+incompatible","v23.0.0-beta.1+incompatible","v23.0.0-rc.1+incompatible","v23.0.0-rc.2+incompatible","v23.0.0-rc.3+incompatible","v23.0.0-rc.4+incompatible","v23.0.1+incompatible","v23.0.2+incompatible","v23.0.3+incompatible","v23.0.4+incompatible","v23.0.5+incompatible","v23.0.6+incompatible","v23.0.7+incompatible","v23.0.8+incompatible","v23.0.9+incompatible","v23.0.10+incompatible","v23.0.14+incompatible","v23.0.15+incompatible","v24.0.0+incompatible","v24.0.0-beta.1+incompatible","v24.0.0-beta.2+incompatible","v24.0.0-rc.1+incompatible","v24.0.0-rc.2+incompatible","v24.0.0-rc.3+incompatible","v24.0.0-rc.4+incompatible","v24.0.1+incompatible","v24.0.2+incompatible","v24.0.3+incompatible","v24.0.4+incompatible","v24.0.5+incompatible","v24.0.6+incompatible","v24.0.7+incompatible","v24.0.8+incompatible","v24.0.9+incompatible","v25.0.0+incompatible","v25.0.0-beta.1+incompatible","v25.0.0-beta.2+incompatible","v25.0.0-beta.3+incompatible","v25.0.0-rc.1+incompatible","v25.0.0-rc.2+incompatible","v25.0.0-rc.3+incompatible","v25.0.1+incompatible","v25.0.2+incompatible","v25.0.3+incompatible","v25.0.4+incompatible","v25.0.5+incompatible","v25.0.6+incompatible","v25.0.7+incompatible","v26.0.0+incompatible","v26.0.0-rc1+incompatible","v26.0.0-rc2+incompatible","v26.0.0-rc3+incompatible","v26.0.1+incompatible","v26.0.2+incompatible","v26.1.0+incompatible","v26.1.1+incompatible","v26.1.2+incompatible","v26.1.3+incompatible","v26.1.4+incompatible","v26.1.5+incompatible","v27.0.0-rc.1+incompatible","v27.0.0-rc.2+incompatible","v27.0.1+incompatible","v27.0.1-rc.1+incompatible","v27.0.2+incompatible","v27.0.3+incompatible","v27.1.0+incompatible","v27.1.1+incompatible","v27.1.2+incompatible","v27.2.0+incompatible","v27.2.0-rc.1+incompatible","v27.2.1+incompatible","v27.3.0+incompatible","v27.3.0-rc.1+incompatible","v27.3.0-rc.2+incompatible","v27.3.1+incompatible","v27.4.0+incompatible","v27.4.0-rc.1+incompatible","v27.4.0-rc.2+incompatible","v27.4.0-rc.3+incompatible","v27.4.0-rc.4+incompatible","v27.4.1+incompatible","v27.5.0+incompatible","v27.5.0-rc.1+incompatible","v27.5.0-rc.2+incompatible","v27.5.1+incompatible","v28.0.0+incompatible","v28.0.0-rc.1+incompatible","v28.0.0-rc.2+incompatible","v28.0.0-rc.3+incompatible","v28.0.1+incompatible","v28.0.2+incompatible","v28.0.3+incompatible","v28.0.4+incompatible","v28.1.0+incompatible","v28.1.0-rc.1+incompatible","v28.1.0-rc.2+incompatible","v28.1.1+incompatible","v28.2.0+incompatible","v28.2.0-rc.1+incompatible","v28.2.0-rc.2+incompatible","v28.2.1+incompatible","v28.2.2+incompatible","v28.3.0+incompatible","v28.3.0-rc.1+incompatible","v28.3.0-rc.2+incompatible","v28.3.1+incompatible","v28.3.2+incompatible","v28.3.3+incompatible","v28.4.0+incompatible","v28.4.0-rc.1+incompatible","v28.4.0-rc.2+incompatible","v28.5.0+incompatible","v28.5.0-rc.1+incompatible","v28.5.1+incompatible","v28.5.2+incompatible","v29.0.0+incompatible","v29.0.0-rc.1+incompatible","v29.0.0-rc.2+incompatible","v29.0.0-rc.3+incompatible","v29.0.1+incompatible","v29.0.2+incompatible","v29.0.3+incompatible","v29.0.4+incompatible","v29.1.0+incompatible","v29.1.0-rc.1+incompatible","v29.1.1+incompatible","v29.1.2+incompatible","v29.1.3+incompatible","v29.1.4+incompatible","v29.1.5+incompatible","v29.2.0-rc.1+incompatible","v29.2.0-rc.2+incompatible"],"unaffected_versions":["v29.2.0+incompatible","v29.2.1+incompatible","v29.3.0+incompatible"]}],"related_packages_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1wNDM2LWdqZjItNzk5cM4ABTJN/related_packages","related_advisories":[]}],"docker_usage_url":"https://docker.ecosyste.ms/usage/go/github.com/docker/compose/v5","docker_dependents_count":2,"docker_downloads_count":315455499,"usage_url":"https://repos.ecosyste.ms/usage/go/github.com/docker/compose/v5","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/go/github.com/docker/compose/v5/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":{"last_synced_at":"2026-03-02T16:12:09.720Z","issues_count":1689,"pull_requests_count":1890,"avg_time_to_close_issue":16926163.045968883,"avg_time_to_close_pull_request":1961678.4407814408,"issues_closed_count":1414,"pull_requests_closed_count":1638,"pull_request_authors_count":168,"issue_authors_count":1455,"avg_comments_per_issue":6.433392539964476,"avg_comments_per_pull_request":1.0656084656084657,"merged_pull_requests_count":1147,"bot_issues_count":2,"bot_pull_requests_count":456,"past_year_issues_count":255,"past_year_pull_requests_count":462,"past_year_avg_time_to_close_issue":492647.0,"past_year_avg_time_to_close_pull_request":344010.2326869806,"past_year_issues_closed_count":164,"past_year_pull_requests_closed_count":361,"past_year_pull_request_authors_count":51,"past_year_issue_authors_count":229,"past_year_avg_comments_per_issue":1.6274509803921569,"past_year_avg_comments_per_pull_request":0.49567099567099565,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":105,"past_year_merged_pull_requests_count":300,"issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/docker%2Fcompose/issues","maintainers":[{"login":"ndeloof","count":148,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/ndeloof"},{"login":"thaJeztah","count":94,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/thaJeztah"},{"login":"milas","count":64,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/milas"},{"login":"idsulik","count":18,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/idsulik"},{"login":"laurazard","count":17,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/laurazard"},{"login":"crazy-max","count":15,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/crazy-max"},{"login":"akerouanton","count":6,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/akerouanton"},{"login":"ulyssessouza","count":3,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/ulyssessouza"},{"login":"rumpl","count":3,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/rumpl"},{"login":"neersighted","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/neersighted"},{"login":"chris-crone","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/chris-crone"},{"login":"nicksieger","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/nicksieger"},{"login":"mikesir87","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/mikesir87"}],"active_maintainers":[{"login":"thaJeztah","count":26,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/thaJeztah"},{"login":"idsulik","count":4,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/idsulik"},{"login":"crazy-max","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/crazy-max"},{"login":"mikesir87","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/mikesir87"}]},"versions_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fdocker%2Fcompose%2Fv5/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fdocker%2Fcompose%2Fv5/version_numbers","latest_version_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fdocker%2Fcompose%2Fv5/latest_version","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fdocker%2Fcompose%2Fv5/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fdocker%2Fcompose%2Fv5/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fdocker%2Fcompose%2Fv5/codemeta","maintainers":[]}