Automic VaultAutomic Vault

brew / approval gates

Install docker with Homebrew, apk, chocolatey, apt, dnf, MacPorts, Nix, pacman, scoop, winget, zypper

Pack, ship and run any application as a lightweight container. Version 29.6.1 via Homebrew; verified 2026-06-26.

agent safety

Agent safety answer

docker controls containers, images, mounts, registries, and local build state that agents can use to reach host files.

Credential access

Reads Docker registry auth, mounted secrets, build args, and files exposed through volume mounts.

Remote mutation

Can push images, change containers, and alter running local or remote Docker contexts.

Publish/artifact risk

Can build and publish images that become production artifacts.

Recommended control

Gate image pushes, privileged containers, host mounts, and context changes.

Agent-use guidance

Allow local inspection and builds with constrained mounts; require approval for registry pushes and privileged execution.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install docker

local Homebrew formula metadata

MacPortsverified · 94%
sudo port install docker

MacPorts ports tree · devel/docker/Portfile · source: api.github.com

Linux

Alpine Linux apkverified · 92%
sudo apk add docker

Alpine Linux edge package indexes · docker · source: dl-cdn.alpinelinux.org

Debian aptverified · 92%
sudo apt install wmdocker

Debian stable package indexes · wmdocker · source: deb.debian.org

Fedora dnfverified · 92%
sudo dnf install moby-engine

Fedora Rawhide package metadata · moby-engine · source: dl.fedoraproject.org

Nixverified · 92%
nix profile install nixpkgs#docker

nixpkgs package indexes · docker · source: raw.githubusercontent.com

Arch Linux pacmanverified · 92%
sudo pacman -S docker

Arch Linux sync databases · docker · source: geo.mirror.pkgbuild.com

openSUSE zypperverified · 92%
sudo zypper install docker

openSUSE Tumbleweed package metadata · docker · source: download.opensuse.org

Windows

Chocolateyverified · 92%
choco install docker

Chocolatey community package catalog · docker · source: community.chocolatey.org

Scoopverified · 92%
scoop install main/docker

Scoop official bucket manifest trees · bucket/docker.json · source: api.github.com

Windows Package Managerverified · 92%
winget install --id Docker.DockerDesktop -e

Windows Package Manager source index · Docker.DockerDesktop · source: cdn.winget.microsoft.com

overview

Package summary

Pack, ship and run any application as a lightweight container

Commands and aliases

  • docker

history

Project history and usage

Docker is the package that made container workflows a default part of developer tooling. The Homebrew docker formula installs the CLI, but the broader Docker project combines the command-line client, daemon, image format, registry workflows, Docker Hub, Docker Desktop, Compose, BuildKit, and related projects into the everyday vocabulary of build, ship, and run.

Project history

Docker's documentation defines Docker as an open platform for developing, shipping, and running applications, using containers as lightweight isolated environments. The docker/cli repository is the home of the Docker CLI, the command-line client that talks to the Docker daemon over the Docker API.

Docker's architecture joined a local client, a daemon, images, containers, registries, and distribution workflows into one approachable developer interface. Over time, major parts of the ecosystem were split or formalized into related projects such as Docker Distribution, containerd, runc, BuildKit, Compose, and Docker Desktop.

Adoption history

Docker spread because it made containerized development and CI/CD reproducible with ordinary commands such as docker build, run, pull, push, and compose-oriented workflows. Docker Hub provided the default public registry, and package managers made the CLI easy to install even on systems where the daemon or Desktop app came from a separate package.

The tool's adoption also reshaped packaging expectations. Application projects began shipping Dockerfiles, official images, compose files, and registry tags as part of their release surface. For many developers, installing docker became the practical entry point for running databases, language runtimes, build services, and whole application stacks locally.

How it is used

The docker command is the primary way many users interact with Docker. The client sends commands such as docker run to dockerd, which builds, runs, and distributes containers. Users pull and push images through registries, build images from Dockerfiles, inspect containers and images, manage networks and volumes, and configure CLI behavior in ~/.docker/config.json or through DOCKER_CONFIG.

Why package nerds care

For package nerds, docker is significant because it moved a large amount of software distribution from host-native packages to OCI-style images and registries. It also became a dependency of development workflows: a package manager entry for docker often means access to thousands of image-packaged tools rather than only one executable.

The CLI package is also interesting because it is only one face of Docker. On macOS, the standalone CLI, Docker Desktop, credential helpers, Compose, Buildx, and the daemon are related but not always delivered by the same package. That split makes docker a useful case study in how package managers model large developer platforms.

Timeline

  • 2013: Solomon Hykes first publicly demoed Docker at PyCon.
  • Docker platform era: The official architecture centers on a docker client, dockerd daemon, Docker API, images, containers, and registries.
  • CLI repository era: Docker CLI development lives in the docker/cli repository as the home of the command-line client.
  • 2023: Docker v23 made BuildKit the default builder for Linux images, with the legacy builder deprecated in Docker documentation.
  • 2026: Docker documentation still treats docker as the primary CLI for container lifecycle and registry workflows.

Related projects

  • Related projects include Docker Engine, Moby, containerd, runc, Docker Distribution, Docker Hub, Docker Desktop, Docker Compose, BuildKit, Buildx, and Docker credential helpers.

approval gates

Human review metadata for risky commands

The local approval-gate seed includes 6 rules for docker. Covered entrypoints: docker. Severity labels: critical, high. Coverage: partial, reviewed 2026-05-21.

Example gated actions

  • Store registry credentials.
  • Push an image to a registry.
  • Run a container with elevated host privileges.
  • Mount host paths into a container.
  • Force-remove containers, images, volumes, networks, or system data.
  • Execute a command inside a running container.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Configuration files

Config paths the tool may read or write during local use.

Unix
~/.docker/config.json

Credential files

Credential-bearing paths to review before unattended agent runs.

Unix
~/.docker/config.json

executables

Installed executables

CommandKindExposureNote
dockercliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version29.6.1
manager updated2026-06-26
local dataok
upstreamnot checked
latest detectednot detected

https://github.com/docker/cli

install metadata

Package metadata

Package keybrew:docker
Version29.6.1
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/docker
Homepagehttps://www.docker.com/
Repositoryhttps://github.com/docker/cli
Upstream docshttps://docs.docker.com/get-started/docker-overview
LicenseApache-2.0
Source archivehttps://github.com/docker/cli.git
Last updated2026-06-26T15:34:47Z
Pulseupdated
Build dependenciesgo, go-md2man
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namedocker
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Debian apt95%

wmdocker 1.5-4+b1

System tray for KDE3/GNOME2 docklet applications

sudo apt install wmdocker
  • Section: x11
  • Architecture: amd64
  • Source Package: docker
  • 3 dependencies
  • normalized package name match
  • Matched by: Docker
Debian stable package indexes · deb.debian.org · Debian stable package indexes: wmdocker from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz
Nix95%

docker

nix profile install nixpkgs#docker
  • normalized package name match
  • Matched by: Docker
nixpkgs package indexes · raw.githubusercontent.com · nixpkgs package indexes: docker from https://raw.githubusercontent.com/NixOS/nixpkgs/master/pkgs/top-level/all-packages.nix
Ubuntu apt95%

wmdocker 1.5-4build3

System tray for KDE3/GNOME2 docklet applications

sudo apt install wmdocker
  • Section: universe/x11
  • Architecture: amd64
  • Source Package: docker
  • 3 dependencies
  • normalized package name match
  • Matched by: Docker
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: wmdocker from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz
apk95%

docker 29.5.3-r0

Pack, ship and run any application as a lightweight container

https://www.docker.io/

sudo apk add docker
  • License: Apache-2.0
  • Architecture: x86_64
  • Source Package: docker
  • 1 dependencies
  • normalized package name match
  • Matched by: Docker
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: docker from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
apk95%

docker-bash-completion 29.5.3-r0

Bash completions for docker

https://www.docker.io/

sudo apk add docker-bash-completion
  • License: Apache-2.0
  • Architecture: x86_64
  • Source Package: docker
  • normalized package name match
  • Matched by: Docker
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: docker-bash-completion from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
apk95%

docker-cli 29.5.3-r0

Docker CLI

https://www.docker.io/

sudo apk add docker-cli
  • License: Apache-2.0
  • Architecture: x86_64
  • Source Package: docker
  • 1 dependencies
  • 1 provides
  • normalized package name match
  • Matched by: Docker
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: docker-cli from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
apk95%

docker-doc 29.5.3-r0

Documentation for Docker

https://www.docker.io/

sudo apk add docker-doc
  • License: Apache-2.0
  • Architecture: x86_64
  • Source Package: docker
  • normalized package name match
  • Matched by: Docker
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: docker-doc from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
apk95%

docker-engine 29.5.3-r0

Docker Engine (dockerd)

https://www.docker.io/

sudo apk add docker-engine
  • License: Apache-2.0
  • Architecture: x86_64
  • Source Package: docker
  • 1 dependencies
  • 1 provides
  • normalized package name match
  • Matched by: Docker
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: docker-engine from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
apk95%

docker-fish-completion 29.5.3-r0

Fish completions for docker

https://www.docker.io/

sudo apk add docker-fish-completion
  • License: Apache-2.0
  • Architecture: x86_64
  • Source Package: docker
  • normalized package name match
  • Matched by: Docker
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: docker-fish-completion from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
apk95%

docker-openrc 29.5.3-r0

Pack, ship and run any application as a lightweight container (OpenRC init scripts)

https://www.docker.io/

sudo apk add docker-openrc
  • License: Apache-2.0
  • Architecture: x86_64
  • Source Package: docker
  • 1 dependencies
  • normalized package name match
  • Matched by: Docker
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: docker-openrc from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
apk95%

docker-rootless-extras 29.5.3-r0

Extras to run docker as in rootless mode

https://docs.docker.com/engine/security/rootless/

sudo apk add docker-rootless-extras
  • License: Apache-2.0
  • Architecture: x86_64
  • Source Package: docker
  • 1 dependencies
  • 1 provides
  • normalized package name match
  • Matched by: Docker
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: docker-rootless-extras from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
apk95%

docker-rootless-extras-openrc 29.5.3-r0

OpenRC scripts for running docker in rootless mode

https://www.docker.io/

sudo apk add docker-rootless-extras-openrc
  • License: Apache-2.0
  • Architecture: x86_64
  • Source Package: docker
  • 1 dependencies
  • normalized package name match
  • Matched by: Docker
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: docker-rootless-extras-openrc from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
apk95%

docker-systemd 29.5.3-r0

Pack, ship and run any application as a lightweight container (systemd files)

https://www.docker.io/

sudo apk add docker-systemd
  • License: Apache-2.0
  • Architecture: x86_64
  • Source Package: docker
  • normalized package name match
  • Matched by: Docker
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: docker-systemd from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
apk95%

docker-zsh-completion 29.5.3-r0

Zsh completions for docker

https://www.docker.io/

sudo apk add docker-zsh-completion
  • License: Apache-2.0
  • Architecture: x86_64
  • Source Package: docker
  • normalized package name match
  • Matched by: Docker
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: docker-zsh-completion from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
dnf95%

moby-engine 29.5.3-1.fc45

The open-source application container engine

https://github.com/moby/moby

sudo dnf install moby-engine
  • License: Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND ISC AND MIT AND MPL-2.0 AND (Apache-2.0 OR GPL-2.0-or-later)
  • Category: Unspecified
  • Architecture: x86_64
  • Source Package: moby-engine
  • 17 dependencies
  • 4 provides
  • normalized package name match
  • Matched by: Docker
Fedora Rawhide package metadata · dl.fedoraproject.org · Fedora Rawhide package metadata: moby-engine from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst
pacman95%

docker 1:29.5.2-1

Pack, ship and run any application as a lightweight container

https://www.docker.com/

sudo pacman -S docker
  • License: Apache-2.0
  • Architecture: x86_64
  • 10 dependencies
  • 3 optional deps
  • normalized package name match
  • Matched by: Docker
Arch Linux sync databases · geo.mirror.pkgbuild.com · Arch Linux sync databases: docker from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • approval-gate seed metadata
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated agent safety answer
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment