Chainguard launches secure repo

Chainguard announced Chainguard Repository on March 17, 2026 as a Chainguard‑managed catalog aimed at providing secure‑by‑default open‑source artifacts. (prnewswire.com) The Repository surface lists container images, language libraries, OS packages, AI agent skills, CI/CD workflows and virtual machine images with built‑in configurable policy enforcement. (chainguard.dev) Chainguard Actions ingest widely used third‑party CI/CD workflows starting with GitHub Actions, evaluate them against a comprehensive security ruleset, automatically remediate policy failures and publish secured workflow versions for reuse. (prnewswire.com) The company said its "Factory" model continuously rebuilds and maintains artifacts from source and uses reconciliation to keep workflows and images in a desired secure state, a process Chainguard has tied to handling hundreds of millions of automated builds. (chainguard.dev) (opensourceforu.com) (chainguard.dev) Parallel to the Repository launch, Chainguard introduced Commercial Builds and named partners including Azul, Chainloop, Elastic, Expanso, F5 NGINX, Grafana Labs, Mattermost, Nirmata, Percona, Smallstep and Tiger Data as early collaborators. (prnewswire.com) Chainguard already publishes reusable workflow code and security tooling on GitHub—its chainguard‑dev/actions repository lists reusable GitHub Actions workflows (159 stars) and the org hosts scanners like malcontent and providers such as terraform‑provider‑cosign. (github.com 1) (github.com 2) (github.com 3)