[docker-in-docker] - Fix for multiple vulnerability issues related to docker compose-switch component.

Kaniska244 · Kaniska244 · commit 870e4c15f20a · 2026-01-19T06:06:44.000Z
diff --git a/src/docker-in-docker/README.md b/src/docker-in-docker/README.md
@@ -22,7 +22,7 @@ Create child containers *inside* a container, independent from the host's docker
 | azureDnsAutoDetection | Allow automatically setting the dockerd DNS server when the installation script detects it is running in Azure | boolean | true |
 | dockerDefaultAddressPool | Define default address pools for Docker networks. e.g. base=192.168.0.0/16,size=24 | string | - |
 | installDockerBuildx | Install Docker Buildx | boolean | true |
-| installDockerComposeSwitch | Install Compose Switch (provided docker compose is available) which is a replacement to the Compose V1 docker-compose (python) executable. It translates the command line into Compose V2 docker compose then runs the latter. | boolean | true |
+| installDockerComposeSwitch | Install Compose Switch (provided docker compose is available) which is a replacement to the Compose V1 docker-compose (python) executable. It translates the command line into Compose V2 docker compose then runs the latter. | boolean | false |
 | disableIp6tables | Disable ip6tables (this option is only applicable for Docker versions 27 and greater) | boolean | false |
 
 ## Customizations
diff --git a/src/docker-in-docker/devcontainer-feature.json b/src/docker-in-docker/devcontainer-feature.json
@@ -1,6 +1,6 @@
 {
     "id": "docker-in-docker",
-    "version": "2.13.0",
+    "version": "2.14.0",
     "name": "Docker (Docker-in-Docker)",
     "documentationURL": "https://github.com/devcontainers/features/tree/main/src/docker-in-docker",
     "description": "Create child containers *inside* a container, independent from the host's docker instance. Installs Docker extension in the container along with needed CLIs.",
@@ -53,7 +53,7 @@
         },
         "installDockerComposeSwitch": {
             "type": "boolean",
-            "default": true,
+            "default": false,
             "description": "Install Compose Switch (provided docker compose is available) which is a replacement to the Compose V1 docker-compose (python) executable. It translates the command line into Compose V2 docker compose then runs the latter."
         },
         "disableIp6tables": {
diff --git a/src/docker-in-docker/install.sh b/src/docker-in-docker/install.sh
@@ -16,7 +16,7 @@ AZURE_DNS_AUTO_DETECTION="${AZUREDNSAUTODETECTION:-"true"}"
 DOCKER_DEFAULT_ADDRESS_POOL="${DOCKERDEFAULTADDRESSPOOL:-""}"
 USERNAME="${USERNAME:-"${_REMOTE_USER:-"automatic"}"}"
 INSTALL_DOCKER_BUILDX="${INSTALLDOCKERBUILDX:-"true"}"
-INSTALL_DOCKER_COMPOSE_SWITCH="${INSTALLDOCKERCOMPOSESWITCH:-"true"}"
+INSTALL_DOCKER_COMPOSE_SWITCH="${INSTALLDOCKERCOMPOSESWITCH:-"false"}"
 MICROSOFT_GPG_KEYS_URI="https://packages.microsoft.com/keys/microsoft.asc"
 MICROSOFT_GPG_KEYS_ROLLING_URI="https://packages.microsoft.com/keys/microsoft-rolling.asc"
 DOCKER_MOBY_ARCHIVE_VERSION_CODENAMES="trixie bookworm buster bullseye bionic focal jammy noble"
diff --git a/test/docker-in-docker/docker_build.sh b/test/docker-in-docker/docker_build.sh
@@ -9,7 +9,6 @@ source dev-container-features-test-lib
 check "docker-buildx" docker buildx version
 check "docker-build" docker build ./
 
-check "installs compose-switch" bash -c "[[ -f /usr/local/bin/compose-switch ]]"
 check "docker compose" bash -c "docker compose version | grep -E '2.[0-9]+.[0-9]+'"
 check "docker-compose" bash -c "docker-compose --version | grep -E '2.[0-9]+.[0-9]+'"
 
diff --git a/test/docker-in-docker/docker_buildx.sh b/test/docker-in-docker/docker_buildx.sh
@@ -13,7 +13,6 @@ check "docker-buildx" docker buildx version
 check "docker-build" docker build ./
 
 check "installs docker-compose v1 install" bash -c "type docker-compose"
-check "installs compose-switch" bash -c "[[ -f /usr/local/bin/compose-switch ]]"
 
 # Report result
 reportResults
diff --git a/test/docker-in-docker/docker_compose_v2.sh b/test/docker-in-docker/docker_compose_v2.sh
@@ -10,7 +10,6 @@ source dev-container-features-test-lib
 check "docker compose" bash -c "docker compose version | grep -E '2.[0-9]+.[0-9]+'"
 check "docker-compose" bash -c "docker-compose --version | grep -E '2.[0-9]+.[0-9]+'"
 check "installs compose-switch as docker-compose" bash -c "[[ -f /usr/local/bin/docker-compose ]]"
-check "installs compose-switch" bash -c "[[ -f /usr/local/bin/compose-switch ]]"
 
 # Report result
 reportResults
diff --git a/test/docker-in-docker/docker_specific_moby_buildx.sh b/test/docker-in-docker/docker_specific_moby_buildx.sh
@@ -14,7 +14,6 @@ check "docker-buildx" docker buildx version
 check "docker-build" docker build ./
 
 check "installs docker-compose v1 install" bash -c "type docker-compose"
-check "installs compose-switch" bash -c "[[ -f /usr/local/bin/compose-switch ]]"
 
 # Report result
 reportResults
