SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom
International Women’s Day
267 opinions Read now

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Software supply chain security python java js ai circuits lock
#
Application Security
#
DevSecOps
#
Supply Chain

Chainguard extends secure libraries to Python, Java, JS

Fri, 27th Feb 2026
Author image
By Shannon Williams, News Editor

Chainguard has expanded its Libraries product to Python, Java, and JavaScript. The service offers rebuilt-from-source versions of widely used open source packages and now reports 94% coverage of the Python dependencies used in customer environments.

The expansion comes as software teams increase their use of AI coding tools and pull in more third-party components. Security researchers have reported a surge in malicious packages across public registries, with more than 450,000 identified over the past year.

Open source packages underpin many modern applications, and most organisations rely on public registries such as npm for JavaScript and PyPI for Python. Attackers have exploited those ecosystems through typosquatting, account takeovers, and other techniques to distribute compromised packages, including malware inserted into distributed binaries.

Chainguard's approach centres on rebuilding packages from publicly verifiable source code and distributing the resulting artefacts with signed provenance and software bills of materials. It positions this as an alternative to consuming pre-built binaries from public registries and then scanning them for known threats.

"As untrusted code proliferates in this new world of AI coding, secure-by-default is the only effective security posture. Relying on unverified binaries and after-the-fact scanning simply doesn't work," said Patrick Donahue, SVP of Product at Chainguard.

Python coverage

For Python, the Libraries service is now generally available and delivers 94% coverage across dependencies used in customer environments. Chainguard says it has built more than half a million unique versions, including AI-related packages that can be difficult to reproduce from source, such as PyTorch, torchvision, and torchaudio.

The focus reflects Python's growing importance in AI and data workloads. As organisations adopt AI-assisted development, they can also pull in more transitive dependencies, where an application depends on a package that itself depends on many others.

Chainguard rebuilds underlying transitive dependencies alongside each version it produces, aiming to reduce the risk that a downstream dependency introduces an unexpected change or a compromised artefact.

Java and JavaScript

In Java, Chainguard says it has rebuilt nearly one million unique versions of dependencies, including Spring Boot, Jackson, Apache Commons, and Log4j.

For JavaScript, it says it covers 88% of npm's top 500 "highest-impact" libraries, alongside tens of thousands more packages. It defines "high-impact" libraries as those with more than one million downloads in the past week or those depended upon by at least 500 other projects.

The npm ecosystem has been a frequent target for malicious uploads, particularly through packages designed to mimic popular names or through compromised maintainer accounts. JavaScript's heavy reliance on small modules can also multiply the number of packages a project consumes.

Supply chain controls

Chainguard says its builds come from what it calls the Chainguard Factory, which it describes as a SLSA L2-compliant environment. SLSA, short for Supply-chain Levels for Software Artifacts, is a framework for improving integrity controls across the build process.

The company says it can also backport critical and high-severity vulnerability fixes across the Python ecosystem at scale. It also cited a recent factory update that added DriftlessAF, which it describes as an agentic framework that uses AI "reconciler bots" to adapt to new package releases and address security issues.

Security teams have pushed for stronger provenance and reproducibility controls after a series of high-profile supply chain incidents and the rising use of automation in development pipelines. Public registries remain essential infrastructure for most developers, but organisations with higher assurance requirements have begun adding internal mirrors, allowlists, and curated repositories.

Chainguard says companies including Abridge AI, Alara, Canva, Cast AI, and Rocket Lab have switched from downloading dependencies from public registries to using its Libraries service. Such shifts often require changes to build configuration and dependency resolution settings so package managers resolve dependencies from an approved source.

"Knowing what's in our dependencies before anything gets deployed is huge," said Jeremy Knickerbocker, Principal Application Engineer at Alara.

"And with Chainguard Libraries, this way we know we're safe whenever the next ecosystem-wide malware attack strikes," he added.

Chainguard says it will continue extending coverage across the three ecosystems based on the dependency graphs observed in customer environments and the packages most commonly pulled into production software.

Related stories
Bridging the gap: Cybersecurity breakthroughs and imbalances
In a cost-pressured AI race, operational maturity is now the competitive advantage
UK AI budgets shift to data infrastructure & storage
Teramind launches AI governance to tackle shadow AI
AI cyber threats outpace staff readiness, report warns

Top stories

Safe AI needs all voices: Celebrating the women who help drive CSA's AI safety initiative
Autonomous AI 'agentic customers' set to reshape banks
How women in cyber change the conversation at board level
The weight women carry
Preserving our voice: Why women must shape the future of AI and cybersecurity