From 87850a1b7fe2da4918cd3eff49159c591d72d521 Mon Sep 17 00:00:00 2001
From: keitosuwahara <keitosuwahara0816@gmail.com>
Date: Thu, 17 Jul 2025 22:36:07 +0900
Subject: [PATCH 1/2]  Correction of always enabled provennance option

Signed-off-by: keitosuwahara <keitosuwahara0816@gmail.com>
---
 cmd/compose/build.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cmd/compose/build.go b/cmd/compose/build.go
index e29a9d89e78..ead96d148d7 100644
--- a/cmd/compose/build.go
+++ b/cmd/compose/build.go
@@ -140,6 +140,7 @@ func buildCommand(p *ProjectOptions, dockerCli command.Cli, backend api.Service)
 	flags.MarkHidden("progress") //nolint:errcheck
 	flags.BoolVar(&opts.print, "print", false, "Print equivalent bake file")
 	flags.BoolVar(&opts.check, "check", false, "Check build configuration")
+	flags.BoolVar(&opts.provenance, "provenance", true, "Generate provenance attestation for built images. Shorthand for `--attest=type=provenance`.")
 
 	return cmd
 }
@@ -156,7 +157,6 @@ func runBuild(ctx context.Context, dockerCli command.Cli, backend api.Service, o
 	}
 
 	apiBuildOptions, err := opts.toAPIBuildOptions(services)
-	apiBuildOptions.Provenance = true
 	if err != nil {
 		return err
 	}

From 402b6d9fa794a347e81be98640573cf3fab40e67 Mon Sep 17 00:00:00 2001
From: keitosuwahara <keitosuwahara0816@gmail.com>
Date: Fri, 18 Jul 2025 13:12:38 +0900
Subject: [PATCH 2/2] Update docs for --provenance flag

---
 docs/reference/compose_build.md          |  1 +
 docs/reference/docker_compose_build.yaml | 11 +++++++++++
 2 files changed, 12 insertions(+)

diff --git a/docs/reference/compose_build.md b/docs/reference/compose_build.md
index 5589a46934c..7a982cc86f1 100644
--- a/docs/reference/compose_build.md
+++ b/docs/reference/compose_build.md
@@ -22,6 +22,7 @@ run `docker compose build` to rebuild it.
 | `-m`, `--memory`      | `bytes`       | `0`     | Set memory limit for the build container. Not supported by BuildKit.                                        |
 | `--no-cache`          | `bool`        |         | Do not use cache when building the image                                                                    |
 | `--print`             | `bool`        |         | Print equivalent bake file                                                                                  |
+| `--provenance`        | `bool`        | `true`  | Generate provenance attestation for built images. Shorthand for `--attest=type=provenance`.                 |
 | `--pull`              | `bool`        |         | Always attempt to pull a newer version of the image                                                         |
 | `--push`              | `bool`        |         | Push service images                                                                                         |
 | `-q`, `--quiet`       | `bool`        |         | Don't print anything to STDOUT                                                                              |
diff --git a/docs/reference/docker_compose_build.yaml b/docs/reference/docker_compose_build.yaml
index 6d1446a5101..4fc30d53dff 100644
--- a/docs/reference/docker_compose_build.yaml
+++ b/docs/reference/docker_compose_build.yaml
@@ -125,6 +125,17 @@ options:
       experimentalcli: false
       kubernetes: false
       swarm: false
+    - option: provenance
+      value_type: bool
+      default_value: "true"
+      description: |
+        Generate provenance attestation for built images. Shorthand for `--attest=type=provenance`.
+      deprecated: false
+      hidden: false
+      experimental: false
+      experimentalcli: false
+      kubernetes: false
+      swarm: false
     - option: pull
       value_type: bool
       default_value: "false"