9 in 10 Docker Compose files skip the basic security flags

I created compose-lint, a security linter for Docker Compose files, and pointed it at 6,444 public docker-compose.yml and compose.yaml files from GitHub. (More on why below.) Three things stood out: