SUSE-RU-2026:20063-1: moderate: Recommended update for docker-compose
SLE-UPDATES
null at suse.de
Thu Jan 15 08:30:50 UTC 2026
# Recommended update for docker-compose
Announcement ID: SUSE-RU-2026:20063-1
Release Date: 2026-01-08T16:13:05Z
Rating: moderate
References:
Affected Products:
* SUSE Linux Micro 6.1
An update that can now be installed.
## Description:
This update for docker-compose fixes the following issues:
Update to version 2.33.1:
* Improvements
* Add support for gw_priority, enable_ipv4 (requires docker v28.0) by @thaJeztah in #12570
* Fixes
* Run watch standalone if menu fails to start by @ndeloof in #12536
* Report error using non-file secret|config with read-only service by @ndeloof in #12531
* Don't display bake suggestion when using --progress with quiet or json option by @glours in #12561
* Fix pull --parallel and --no-parallel deprecation warnings missing by @maxproske in #12555
* Fix error message when detach is implied by wait by @ndeloof in #12566
* Dependencies
* build(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1 by @dependabot in #12556
* build(deps): bump google.golang.org/grpc from 1.68.1 to 1.70.0 by @dependabot in #12494
* go.mod: update to docker v28.0.0 by @thaJeztah in #12545
* remove docker-compose-switch dependency
Update to version 2.33.0:
* Important
* This release introduce support for Bake to manage builds as an alternative to the internal buildkit client. This new feature can be enabled by setting COMPOSE_BAKE=1 variable. Bake will become the default builder in a future release.
* Improvements
* let user know bake is now supported by @ndeloof in #12524
* support additional_context reference to another service by @ndeloof in #12485
* add support for BUILDKIT_PROGRESS by @ndeloof in #12458
* add --with-env flag to publish command by @glours in #12482
* Update ls --quiet help description by @maxproske in #12541
* Publish warn display env vars by @glours in #12486
* Fixes
* Fix bake support by @ndeloof in #12507
* Update link in stats --help output by @maxproske in #12523
* Properly handle "builtin" seccomp profile by @r-bk in #12478
* manage watch applied to mulitple services by @ndeloof in #12469
* Internal
* use main branch for docs upstream validation workflow by @crazy-max in #12487
* fix provenance for binaries and generate sbom by @crazy-max in #12479
* add codeowners file by @glours in #12480
* remove exit code per error type used by legacy metrics system by @ndeloof in #12502
* Dockerfile: update golangci-lint to v1.63.4 by @thaJeztah in #12546
* Full test coverage for compatibility cmd by @maxproske in #12528
* don't send raw os.Args to opentelemetry but a pseudo command line by @ndeloof in #12530
* add docker engine v28.x to the test-matrix by @thaJeztah in #12539
* enable copyloopvar linter by @thaJeztah in #12542
* go.mod: remove toolchain directive by @thaJeztah in #12551
* Dependencies
* bump buildx v0.20.1 by @ndeloof in #12488
* bump docker to v27.5.1 by @ndeloof in #12491
* bump compose-go v2.4.8 by @ndeloof in #12543
* bump golang.org/x/sys from 0.28.0 to 0.30.0 by @dependabot in #12529
* bump github.com/moby/term v0.5.2 by @thaJeztah in #12540
* bump github.com/otiai10/copy from 1.14.0 to 1.14.1 by @dependabot in #12493
* bump github.com/jonboulle/clockwork from 0.4.0 to 0.5.0 by @dependabot in #12430
* bump github.com/spf13/pflag from 1.0.5 to 1.0.6 by @dependabot in #12548
* bump golang.org/x/sync from 0.10.0 to 0.11.0 by @dependabot in #12547
* bump gotest.tools/v3 from 3.5.1 to 3.5.2 by @dependabot in #12549
* Update to version 2.32.4:
* add missing tag for build during merge workflow
* ci: re-use local source to build binary images
* ci: use local source for binary builds
* Update to version 2.32.3:
* ci: update bake-action to v6
* simplification
* image can be set to a local ID, that isn't a valid docker ref
* can't render progress concurrently with buildkit
* exclude one-off container running convergence
* Only override service mac if set on the main network.
* Update to version 2.32.2:
* remove engine v25 from e2e test matrix The 1st version available for Ubuntu
24.x is Docker Engine v26
* fix relative path in compose file
* bump compose-go to v2.4.7
* replace tibdex/github-app-token by official GitHub create-github-app-token
* bump golang.org/x/net to v0.33.0 to fix potential security issue
https://github.com/golang/go/issues/70906
* checkExpectedVolumes must ignore anonymous volumes
* When retrying to resolveOrCreateNetwork, retry with a valid network name
* only check bind mount conflict if sync action is involved
* use the 3 latest major versions of the engine to run e2e step
* bump Golang version to v1.22.10 and update CI actions
* add --pull to run command
* CI to validate fmt
* `make fmt` so any contributor can enforce formatting
* format code with gofumpt
* Update to version 2.32.1:
* e2e test to prevent future regression
* only check volume mounts for updated config
* Update to version 2.32.0:
* e2e test for recreate volume
* build(deps): bump google.golang.org/grpc from 1.68.0 to 1.68.1
* build(deps): bump golang.org/x/crypto from 0.27.0 to 0.31.0
* build(deps): bump golang.org/x/sys from 0.27.0 to 0.28.0
* prompt user to confirm volume recreation
* Recreate container on volume configuration change
* introduce watch restart action
* bump otel dependencies to v1.28.0 and v0.53.0 to align with buildx, buildkit
and engine versions
* bump docker/buildx to latest release
* fix support for service.mac_address
* update xx to v1.6.1 for compatibility with alpine 3.21 and file 5.46+
* build(deps): bump golang.org/x/sync from 0.9.0 to 0.10.0
* Update pkg/e2e/watch_test.go
* first watch action for a file event wins
* fix
* revisit TestDebounceBatching
* introduce sync+exec watch action
* log configuration error as a watch log event
* do not require a build section but for `rebuild` action
* pull --quiet should not drop status message, only progress
* use latest engine tags
* Bump buildx to 0.19.1
* be sure everything has been cleanup at the end of each tests
* add local config.json to test configuration dir if exists
* disable failing TestBuildSSH test
* fix build with bake
* Update to version 2.31.0:
* bump containerd to v1.7,24
* bump google.golang.org/grpc to v1.68.0
* build(deps): bump github.com/moby/buildkit from 0.17.1 to 0.17.2
* build(deps): bump github.com/compose-spec/compose-go/v2
* only stop dependent containers ... if there's some
* disable TestNetworkConfigChanged which is unstable on CI
* only check attached networks on running containers
* fix: commit tests
* feat: add commit command
* run build tests against bake
* delegate build to buildx bake
* build(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0
* use service.stop to stop dependent containers
* Update wait-timeout flag usage to include the unit
* go.mod: github.com/docker/cli v27.4.0-rc.2
* go.mod: github.com/docker/docker v27.4.0-rc.2
* go.mod: github.com/docker/cli 8d1bacae3e49 (v27.4.0-rc.2-dev)
* go.mod: github.com/docker/cli v27.4.0-rc.1
* go.mod: github.com/docker/docker v27.4.0-rc.1
* Update pkg/compose/convergence.go
* detect network config changes and recreate if needed
* go.mod: github.com/docker/buildx v0.18.0
* go.mod: github.com/moby/buildkit v0.17.1
* gha: test against docker engine v27.4.0
* push empty descriptor layer when using OCI version 1.1 for Compose artifact
it fixes a repository creation issue when pushing the 1st time a Compose OCI
artifact on the Hub
* remove ddev e2e tests
* implement remove-orphans on run
* ci: enable testifylint linter
* Emit events for building images
* Fix compose images that reutn a different image with the same ID
* remove obsolete containers first on scale down
* pass stal bot inactivity limit from 6 to 3 months
* fix(config): Print service names with --no-interpolate
* build(deps): bump golang.org/x/sys from 0.26.0 to 0.27.0
* build(deps): bump golang.org/x/sync from 0.8.0 to 0.9.0
* Update to version 2.30.3:
* bump compose-go v2.4.4
* Avoid starting all services on rebuild
* Update to version 2.30.2:
* remove ArtifactType from Config in OCI v1.1 definition of the artifact
* build(deps): bump github.com/compose-spec/compose-go/v2
* Service being declared in a profile must not trigger re-creation
* Add profile e2e test case to document in compose
* Update `MAINTAINERS` file
* Update to version 2.30.1:
* bump compose-go to version v2.4.2
* Update to version 2.30.0:
* Improvements
* Introduce service hooks by @ndeloof (12166)
* Introduce generate command as alpha command by @glours (12209)
* Add export command by @jarqvi (12120)
* Add support for CDI device request using devices by @ndeloof (12184)
* Add support for bind recursive by @ndeloof (12210)
* Allow usage of -f flag with OCI Compose artifacts by @glours (12220)
* Fixes
* Append unix-style relative path when computing container target path by @ndeloof (12145)
* Wait for dependent service up to delay set by --wait-timeout by @ndeloof (12156)
* Check secret source exists, as bind mount would create target by @ndeloof (12151)
* After container restart register printer consumer by @jhrotko (12158)
* Fix(down): Fix down command if specified services are not running by @idsulik (12164)
* Show watch error message and open DD only when w is pressed by @jhrotko (12165)
* Fix(push): Fix unexpected EOF on alpha publish by @idsulik (12169)
* Fix(convergence): Serialize access to observed state by @anantadwi13 (12150)
* Remove feature flag integration with Docker Desktop for ComposeUI and ComposeNav by @jhrotko (12192)
* Support Dockerfile-specific ignore-file with watch by @ndeloof (12193)
* Add support for raw env_file format by @ndeloof (12179)
* Convert GPUs to DeviceRequests with implicit "gpu" capability by @ndeloof (12197)
* Improve error message to include expected network label by @divinity76 (12213)
* Don't use progress to render restart, which hides logs by @ndeloof (12226)
* One-off containers are not indexed, and must be ignored by exec --index command by @ndeloof (12224)
* Don't warn about uid/gid not being supported while ... they are by @ndeloof (12232)
* Connect to external networks by name by @ndeloof (12234)
* Fix push error message typo by @chris-crone (12237)
* Fix(dockerignore): Add wildcard support to dockerignore.go by @idsulik (12239)
* Internal
* Remove bind options when creating a volume type by @jhrotko (12177)
* pass device.options to engine by @ndeloof (12183)
* Add security policy by @thaJeztah (12194)
* Gha: set default permissions to "contents: read" by @thaJeztah (12195)
* Desktop: allow this client to be identified via user-agent by @djs55 (12212)
* Compose-go clean volume target to avoid ambiguous comparisons by @ndeloof (12208)
* Dependencies
* Bump docker v27.3.1 by @ndeloof (12178)
* Build(deps): bump golang.org/x/sys from 0.25.0 to 0.26.0 by @dependabot (12189)
* Bump compose-go to v2.3.0 by @glours (12198)
* Bump compose-go to v2.4.0 by @glours (12231)
* Bump compose-go to v2.4.1 by @glours (12243)
* Build(deps): bump github.com/containerd/containerd from 1.7.22 to 1.7.23 by @dependabot (12211)
* Bump golang minimal version to 1.22 in go.mod by @glours (12246)
* Bump go.uber.org/mock to v0.5.0 and google.golang.org/grpc to v1.67.1 by @glours (12245)
* Update to version 2.29.7:
* revert commits link to mount API over bind changes
* Update to version 2.29.6:
* don't set propagation if target engine isn't linux
* build(deps): bump github.com/docker/docker v27.3.0-rc.2
* build(deps): bump github.com/docker/cli v27.3.0-rc.2
* Update to version 2.29.5:
* set propagation default
* Remove custom codeql workflow
* Update to version 2.29.4:
* fix import
* chore(watch): Add debug log when skipping service without build context
* stop dependent containers before recreating diverged service
* Fixed possible `nil` pointer dereference
* bump github.com/docker/buildx v0.17.1
* build(deps): bump docker, docker/cli to v27.3.0-rc.1
* gha: test against docker engine v27.3.0
* Update to version 2.29.3:
* show sync files only in debug level
* chore(watch): Add changed files path/count to log
* build(deps): bump golang.org/x/sync from 0.7.0 to 0.8.0
* bump compose-go to version v2.2.0
* Restore compose v1 behavior to recreate containers when ran with -V
* fix linting issues with golangci-lint 1.60.2
* bump golang to version 1.22.7
* bump dependencies versions, engine and cli v27.2.1 containerd v1.7.22 buildx
v0.17.0 buildkit v0.16.0
* build(deps): bump golang.org/x/sys from 0.22.0 to 0.25.0
* Fix typos
* Use logrus instead of direct output to stderr.
* attach: close streams when done
* Fix typo in pull.go
* Allow combination of bind mounts and 'rebuild' watches
* service hash must exlude depends_on
* prefer mount API over bind
* docs: duplicate documentation for root cmd
* docs(wait): Fix wait command description
* allow to add empty line in the logs when nav menu activated
* upgrade docker versions
* Build with go 1.22 to avoid issues when processing go.mod per
https://github.com/golang/go/issues/62278#issuecomment-1698829945
* Update to version 2.29.2:
* initial sync files that modified after image creation
* initial sync for root directory
* Removes redundant condition from toAPIBuildOptions in build.go
* docs: Update docker compose kill usage
* Fix stop on file chane for sync-restart action
* bump engine and cli to v27.1.1, buildx to v0.16.1
* remove all dependabot update PRs for OTel dependencies
* gp.mod: github.com/gofrs/flock v0.12.1
* go.mod: golang.org/x/sys v0.22.0
* update to go1.21.12
* Update to version 2.29.1:
* Enhance JSON progress events with more fields.
* bump compose-go v2.1.5
* bump github.com/docker/cli v27.1.0
* bump github.com/docker/docker v27.1.0
* bump github.com/containerd/containerd v1.7.20
* gha: add docker 27.1.0
* fix(containers): fix sorting logic by adding secondary sorting for one-off
containers
* Update to version 2.29.0:
* fix: typos
* update docs generation to avoid man pages generation
* bump compose-go to v2.1.4, buildx to v0.16.0, containerd to v1.7.19 and
buildx to v0.15.0
* restore setEnvWithDotEnv
* empty env variable with no value must be unset in container
* exclude unnecessary resources after services have been selected
* change time for stale bot
* Remove debug mode and run twice a week
* Add stale workflow
* update docs
* feat(watch): Add --prune option to docker-compose watch command
* Remove COMPOSE_MENU env from e2e tests
* Use rawjson for the build backend.
* Set logging format to JSON.
* Format errors as JSON when in JSON progress mode.
* Pass 'plain' instead of 'json' to build backend
* Add JSON stream progress writer
* go.mod: docker/cli, docker/docker v27.0.3
* gha: test against docker v27.0.3
* go.mod: docker/cli, docker/docker v27.0.2
* Update to version 2.28.1:
* Remove `console.Terminal` check and use `IsTerminal` from `streams.Out`
* Update to version 2.28.0:
* go.mod: github.com/compose-spec/compose-go v2.1.3
* go.mod: docker/docker and docker/cli v27.0.1-rc.1
* Update to version 2.27.3:
* build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1
* build(deps): bump github.com/docker/buildx from 0.15.0 to 0.15.1
* Update to version 2.27.2:
* using as flag of the up command, watch was blocking process shutdown This
happened when sunsetting the application from docker compose down command
* Add open watch docs in up menu
* bump buildkit to v0.14.0 and buildx to v0.15.0
* stop watch process when associated up process is stopped
* build(deps): bump github.com/docker/docker
* build(deps): bump github.com/containerd/containerd from 1.7.17 to 1.7.18
* build(deps): bump golang.org/x/sys from 0.20.0 to 0.21.0
* build(deps): bump github.com/hashicorp/go-version from 1.6.0 to 1.7.0
* build: replace uses of archive.CanonicalTarNameForPath
* update gh actions versions, update engine matrix, bump golang to 1.21.11
* enforce keyboard.Close is always executed to restore terminal
* config --environment
* Readd event
* remove unreachable code
* Fix dot env file to define COMPOSE_* variables
* return an error when --detach and --watch are used together in up command
* Correct 'cancellation' typo in comment
* Fix: change append to use slice index in ps.go
* COMPOSE_PROFILES can be set by .env file
* prevent concurrent map write relying on project immutability
* Update to version 2.27.1:
* build(deps): bump github.com/containerd/containerd from 1.7.16 to 1.7.17
* build(deps): bump github.com/docker/buildx from 0.14.0 to 0.14.1
* drop COMPOSE_EXPERIMENTAL_OTEL as docker/cli has opentelemetry in
* add gui/composeview as part of available commands
* fix opentelemetry
* bump compose-go to version v2.1.1
* Set endpoint-specific DriverOpts
* Bump compose-go version to latest main
* Backport OpenBSD patches
* add new navigation menu to open Compose app configuration in Docker Desktop
* build(deps): bump github.com/fsnotify/fsevents from 0.1.1 to 0.2.0
* build(deps): bump golang.org/x/sys from 0.19.0 to 0.20.0
* fix --resolve-image-digests
* allow a local .env file to override compose.yaml sibling .env
* Bump docker engine and cli to version 26.1.3
* Bump docker to v26.1.2
* Add documentation for --menu up option and COMPOSE_MENU environemnt variable
* chore(deps): bump docker to v26.1.1 (#11794)
* Update to version 2.27.0:
* fix: overlapping logs and menu navigation (#11765)
* build(deps): bump github.com/moby/buildkit
* chore(e2e): fix flaky cascade failure test
* use v2.26.1 tag for moby and Docker cli
* chore(deps): update to Moby v26.1 & buildx v0.14
* bump compose-go version to v2.1.0
* fix support for --context=foo
* Fix #11710: Avoid to try to close channel twice after hitting Ctrl-C on
compose up (#11719)
* fix(desktop): remove overly-aggressive feature flag check (#11748)
* chore: fix typo in comment
* bump dependencies
* fix: do not try to create file shares for non-directories
* check container_name is not in use by another service we will create
* don't clear line when navigation is disabled
* fix: return correct exit code with `--exit-code-from` (#11715)
* progress for resource can be restarted after more Working event comes
* Revert "Stop the resource timer after last expected event"
* Revert change to allow trying to kill again if a kill fails
* Handle errors and allow to send multiple kills if one failed
* Ignore errors when killing on second Ctrl-C
* docker compose up always kills the containers on second Ctrl-C
* read COMPOSE_REMOVE_ORPHANS from .env
* Set Required false to depends_on containers for compose -p stop/down
* Ignore missing containers when compose stop -p
* Ignore missing containers when compose down -p
* Introduce support for build.entitlements
* Remove dead url reference.
* e2e test for --all-resources
* introduce --all-resources to _not_ exclude resources not used by services
* Introduce --abort-on-container-failure
* bump golang version to 1.21.9
* don't use ansi espace sequence when disabled
* Update to version 2.26.1:
* Does not start keyboard manager if there is no tty
* Change menu information text to dim
* Handle --no-build and --watch args
* build(deps): bump github.com/opencontainers/image-spec
* Unwrap error message.
* Include error message in pull warning/errors
* Update to version 2.26.0:
* chore(desktop): revised feature detection for file shares
* Add Navigation Menu to compose up
* Add support for volume Subpath option
* Bump docker v26.0.0
* introduce config --variables to list compose model variables
* Fix docs on default build image name
* Bump compose-go to v2.0.2
* add support for annotations
* Revert "Bump compose-go to v2.0.1"
* Bump compose-go to v2.0.1
* feat(desktop): synchronized file share integration (#11614)
* feat(experiments): add experimental feature state (#11633)
* reduce timeout of the Otel tracing command
* fix `compose config --format json`
* Update to version 2.25.0:
* Bump compose-go v2.0.0
* services shell completion bugfix
* fix TestBuildPlatformsWithCorrectBuildxConfig
* only use ToModel when --no-interpolate is set
* feat(desktop): add Docker Desktop detection and client skeleton (#11593)
* Update to version 2.24.7:
* chore(deps): upgrade go to 1.21.8 (#11578)
* ci(deps): bump moby/moby & docker/cli to v25.0.4 (#11566)
* Add test summary for test jobs in ci
* make code simpler
* avoid duplicated "xx exited with code 0" message
* introduce --watch
* move code into small functions for better readability
* restore support for `config --no-interpolate`
* remove docker cli step in ci.yml
* get log to manage `attach`
* bump compose-go to version v2.0.0-rc.8
* use an dedicated compose file --quiet-pull e2e test
* Add a fallback check of Watch pid on Windows False positives were detected
when checking the previous watch process state
* add support of QuietOption to create command
* pass QuietOption when starting dependencies from run command
* when ran with ANSI disabled, force progress=plain
* Issue-11374: Modified compose up command to respect COMPOSE_REMOVE_ORPHANS
environment variable
* ci: bump engine version to `25.0.3`
* sort containers to optimize scale down
* discard stdout for laaarge log test
* Update to version 2.24.6:
* use listeners to collect include metrics
* docs: update cli reference link
* docs: unify no trailing dots in docstrings and help (#11301)
* Use listener for file metadata
* fix deadlock collecting large logs
* chore(watch): remove old `docker cp` implementation
* ci(deps): bump docker/cli to v25.0.3 (#11481)
* pass All option to backend api.Service when length statuses is not equal to
zero
* Add OTEL specs: build, depends_on, capabilities (gpu/tpu)
* build(deps): bump github.com/opencontainers/image-spec
* feat(tracing): add project hash attr
* chore(load): ensure context passed to load
* Include all networks in ContainerCreate call if API >= 1.44
* bump compose-go to v2.0.0-rc.4
* CI: docker engine version matrix
* build(deps): bump github.com/docker/cli
* Fix load .env from project directory when project file is set by
COMPOSE_FILE
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Micro 6.1
zypper in -t patch SUSE-SLE-Micro-6.1-369=1
## Package List:
* SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64)
* docker-compose-2.33.1-slfo.1.1_1.1
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20260115/5665f559/attachment.htm>
More information about the sle-updates
mailing list