OPEN SOURCE LIBRARIES

Language libraries built from source

Stop software supply chain attacks without compromising developer experience and productivity with language dependencies built securely in SLSA-hardened build infrastructure.

Talk to an expert
Image of a Chainguard Java library.
Logo of G2.
Icon of 5 stars.
4.9 Stars on G2

The world’s leading companies trust Chainguard

Chainguard Libraries

Trusted software language libraries for every use case

Image of a link icon.

Guard your software supply chain

Eliminate risks from compromised build systems and hijacked package distribution mechanisms to prevent attacks like XZ-Utils, MavenGate, and Lottie Player.

Image of an icon made up of many circles.

Improve developer experience and velocity

Free up developers to ship faster by eliminating toil and productivity erosion associated with manual and/or policy-based package curation.

Image of an icon made up of several shapes.

Simplify dynamic dependencies

Offload the hard work of vendoring in shared system libraries for dynamically linked languages.

Image of Chainguard protecting other open source code.

Continuously built from source

Consume libraries continuously built from source in Chainguard’s SLSA Level 2 build infrastructure, eliminating supply chain attacks at build and distribution phases of the package lifecycle.

Image of a JavaScript code block.

Use anywhere; better with Chainguard images

Use our libraries anywhere your code is developed and deployed. Or, use Chainguard Libraries on top of Chainguard Containers or VMs for more complete protection over your entire stack.

Image of an nginx image that's being protected by Chainguard.

One secure, standardized source for all your dependencies

Standardize your developers on a safe and secure mechanism to consume language dependencies.

Image of Chainguard at the heart of a secure open source network.

Ensure consistency in existing dev workflows

Chainguard Libraries natively integrate with common artifact managers so developers can pull trusted dependencies without any additional friction.

Why Chainguard

The Chainguard Libraries difference

Talk to an expert
A shield icon.

End-to-End Integrity

Know exactly what’s in your open source with full provenance and opens attestations.

A squashed bug icon.

Eliminate Supply Chain Risks

Prevent threats at the build and distribution stages of the package lifecycle.

A heart icon.

Responsibility you can trust

One reliable, secure partner to take on the burden of a hard, unpredictable problem

A line graph icon.

Expertise and Experience

The leading open source minds driving the industry forward, delivering new innovations for our users.

Related Resources

Announcing Chainguard Libraries: Guarded Java Language Dependencies Built from Source

Chainguard Libraries is a catalog of guarded Java dependencies built securely from source in Chainguard’s SLSA-certified infrastructure.

Chainguard’s Vision for a Safer Software Supply Chain

Chainguard is building the future of secure software development, where security and innovation move in lockstep and every line of code makes software safer.

Main image for Chainguard Your OS whitepaper.

Chainguard Your OS

The traditional "distro" model of open source software delivery is ready for innovation. Learn how we got to this point and what comes next.

Panic! At The Distro: A Study of Malware Prevention in Linux Distributions

Chainguard wanted to know more about malware prevention in Linux distributions. So we did a study to see what maintainers are doing about it. See the results.

Image with text "Chainguard Labs" on stylized background.

Taming bad Python packages: Assessing Python malware detectors with a benchmark dataset

Enhance your Python security! Learn how Chainguard's new dataset is revolutionizing malware detection in Python environments.

Want to learn more about Chainguard?

Get info on our customized pricing plans or request a demo tailored to your team's workflows.

Let's chat