https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/tags/chainguard-libraries/Recent content in Chainguard Libraries onHugo -- gohugo.ioen-USMon, 30 Mar 2026 12:00:00 +0000https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/overview/Tue, 25 Mar 2025 08:04:00 +0000https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/overview/Chainguard Libraries provide enhanced security for open source dependencies in the Java, JavaScript, and Python ecosystems, addressing critical supply chain vulnerabilities through automated patching and continuous monitoring. Modern applications rely heavily on libraries from public repositories like Maven Central, npm Registry, and PyPI, but using these repositories introduces supply chain risks that could expose your applications and system to compromise. Background Open source libraries distributed through public repositories face several security challenges: maintainers may not promptly address vulnerabilities, binary artifacts can be compromised, and the sheer volume of transitive dependencies makes manual security management impractical.https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/access/Tue, 25 Mar 2025 00:08:04 +0000https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/access/Chainguard Libraries provide controlled access to security-enhanced Java and Python dependencies through the unified Chainguard platform authentication system. This guide explains how to access (download) Chainguard library artifacts for your organization. Getting started Prerequisites Ensure you have access to Chainguard Libraries. If you are not a Chainguard user yet, a new Chainguard account must be created and configured for access to Chainguard Libraries. If you are already a Chainguard user, the Chainguard account owner in your organization can grant access to Chainguard Libraries.https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/network-requirements/Wed, 04 Jun 2025 09:30:00 +0000https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/network-requirements/Chainguard Libraries require specific network access to ensure secure delivery of hardened dependencies to your development environment. This guide details the domains and ports needed for authentication, package downloads, and verification tools. Access for chainctl and other tools For initial configuration with chainctl as well as for verification of downloaded libraries with cosign and other tools, you must allow HTTPS access to the following domains: dl.enforce.dev for download and update of chainctl issuer.https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/verification/Thu, 03 Jul 2025 12:00:00 +0000https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/verification/Overview Chainguard’s chainctl tool with the command libraries verify verifies that your language ecosystem dependencies come from Chainguard Libraries, providing critical visibility into your software supply chain security. By verifying binary artifacts across your projects and repositories, you can ensure dependencies are sourced from Chainguard’s hardened build environment rather than potentially compromised public repositories, identify opportunities to improve security posture, and maintain compliance with supply chain security policies. Command characteristics:https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/cve-remediation/Thu, 11 Sep 2025 00:00:00 +0000https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/cve-remediation/CVE remediation is a feature in Chainguard Libraries that provides security protection against critical and high CVEs, while medium or low CVEs are not considered. Applications often rely on older versions of libraries, but upstream maintainers may not apply and release patches for those versions. CVE remediation addresses this gap by applying vulnerability fixes from newer releases to older releases, particularly in cases where maintainers are no longer able to support and provide fixes.https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/scanners/Sat, 04 Oct 2025 12:00:00 +0000https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/scanners/Vulnerability scanners enable you to understand the potential security risks from libraries used within your applications. Chainguard Libraries provides a trusted source for libraries typically downloaded from public repositories. Chainguard Libraries are rebuilt from the upstream open source project code repository content only. This prevents malware without published source code and reduces almost all risk for software supply chain attacks. In addition, some library versions are available with CVE fixes applied.https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/browse/Thu, 03 Jul 2025 14:00:00 +0000https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/browse/Chainguard Libraries includes thousands of libraries and many more individual library versions and artifacts. Through the Chainguard Console, you can browse all available libraries and their versions, and inspect their characteristics before using them in your application development. Access libraries in the Chainguard Console Log in to the Chainguard Console at https://console.chainguard.dev/. In the left-hand navigation under Libraries, expand Ecosystems to find links for browsing Chainguard’s Java and Python libraries.https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/python/overview/Wed, 09 Apr 2025 04:00:00 +0000https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/python/overview/Introduction Chainguard Libraries for Python provides enhanced security for the vast Python ecosystem by rebuilding PyPI packages with comprehensive supply chain protection and automated patching. With over 600,000 packages on the Python Package Index (PyPI) serving application development, machine learning, and data science needs, Chainguard addresses the critical security challenges of depending on packages from untrusted sources by rebuilding them within the controlled Chainguard Factory environment. In addition, Chainguard eliminates security risk by remediating High and Critical vulnerabilities across older package versions where upstream maintainers are not able to prioritize fixes.https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/faq/Tue, 25 Mar 2025 08:04:00 +0000https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/faq/What security issues can Chainguard Libraries prevent? As detailed on the background and introduction pages, Chainguard Libraries are built directly from source in the Chainguard Factory and the resulting binaries are directly provided to you by Chainguard. Chainguard operates the whole supply chain for the package lifecycle as one reliable, secure partner. You can therefore avoid issues from the following software supply chain attack surface points: Build pipeline Build system Dependency injection Bypass of CI/CD systems Library distribution Library consumption More information about these stages in the software supply chain is available on the Supply chain Levels for Software Artifacts (SLSA) website.https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/javascript/overview/Thu, 05 Jun 2025 09:00:00 +0000https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/javascript/overview/Chainguard Libraries for JavaScript is a major ecosystem supported by Chainguard Libraries. The JavaScript ecosystem consists of thousands of open source projects from the communities around JavaScript, TypeScript, Node.js, React, Vue.js, Angular, Svelte, Next.js, Express, and many others. Chainguard Libraries for JavaScript provides access to a growing collection of popular Javascript packages rebuilt from source. New releases of common packages requested by customer builds are added to the index by an automated system.