{"package":"github.com/docker/compose/v2","ecosystem":"go","latest_version":"v2.40.3","description":"Define and run multi-container applications with Docker","license":"Apache-2.0","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":"https://pkg.go.dev/github.com/docker/compose/v2","repository":"https://github.com/docker/compose/v2","downloads_weekly":37291,"health":{"score":78,"risk":"moderate","breakdown":{"maintenance":15,"popularity":10,"security":25,"maturity":15,"community":13},"deprecated":false,"max_score":100},"vulnerabilities":{"count":1,"critical":0,"high":0,"medium":0,"low":1,"details":[{"vuln_id":"BIT-docker-cli-2025-15558","severity":"unknown","summary":"Docker CLI Plugins: Uncontrolled Search Path Element Leads to Local Privilege Escalation on Windows in github.com/docker/cli","affected_versions":"<29.2.0+incompatible|>=2.31.0|<5.1.0","fixed_version":"5.1.0","source":"osv","published_at":"2026-03-10T18:28:25Z"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"v2.40.3","total_count":118,"recent":["v2.5.1","v2.36.2","v2.17.0","v2.18.1","v2.1.1","v2.33.1","v2.2.3","v2.40.3","v2.16.0","v2.27.2","v2.11.2","v2.21.0","v2.17.3","v2.29.6","v2.5.0","v2.24.2","v2.37.1","v2.24.5","v2.20.0","v2.11.1"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":269,"first_published":null,"last_published":"2025-10-30T09:14:58Z","dependencies_count":0,"dependencies":[]},"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"safe_to_use","issues":[],"use_version":"v2.40.3","version_hint":"Update to >= 5.1.0 to fix known vulnerabilities","summary":"github.com/docker/compose/v2@v2.40.3 is safe to use (health: 78/100)"},"version_scoped":null,"requested_version":null,"_cache":"hit","_response_ms":0,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false}}