Chainguard Guardener Commit Verification
Configure Chainguard Guardener to verify that every commit in a pull request is cryptographically signed by an …
For the complete documentation index, see llms.txt.
Note: Chainguard OS Packages is in beta. Contact your Chainguard account team to enable it for your organization.
Chainguard OS Packages expands the packages available to your private APK repository by giving you access to the full set of 30,000 enterprise-grade, zero-CVE packages built as part of Chainguard OS and Wolfi. It also includes a small set of Chainguard base images, for example, chainguard-base.
Chainguard OS Packages is designed for larger customers who already build their own images from packages using tools like Bazel, Dockerfiles, and rules_apko, and want to use a wider set of packages from Chainguard. Because you are creating custom builds, you are responsible for the image builds, the build tooling, validation, and compatibility. You still benefit from the fact that Chainguard builds the packages in the Chainguard Factory with complete SBOMs and our standard enterprise-grade, zero-CVE process.
If you need to achieve FIPS compliance, the FIPS variant of Chainguard OS Packages includes access packages with the latest versions of Chainguard’s FIPS-validated modules.
Chainguard OS Packages is not compatible with Chainguard Custom Assembly.
Configure Chainguard Guardener to verify that every commit in a pull request is cryptographically signed by an …
Configure Chainguard Guardener to recommend and migrate your GitHub Actions to Chainguard's hardened, SHA-pinned …
Understand Chainguard Guardener's .chainguard/ configuration model and how to enable features per repository.
Install the Chainguard Guardener GitHub App and link your Chainguard organization to your GitHub organization to start …
How to migrate an existing Java project to pull dependencies from Chainguard Libraries
Last updated: 2026-04-01 00:48