Chainguard Launches OS Packages for Custom, Zero-CVE Container Builds
Event summary
- Chainguard introduced Chainguard OS Packages on March 17, 2026, offering zero-known-CVE packages and base images for custom container builds.
- The packages are built from source and maintained in the Chainguard Factory, providing over 30,000 packages in a private APK repository.
- Chainguard OS Packages allow advanced teams to build custom container images using their own tooling while offloading package maintenance and CVE remediation to Chainguard.
- The company also announced the Chainguard OS Fully User Directed (FUD) Committee to ensure the OS evolves based on user-governed priorities.
The big picture
Chainguard's launch of OS Packages targets a growing need among sophisticated organizations for granular control over container image composition without the operational burden of maintaining open source packages. This move aligns with the broader industry trend toward secure-by-default principles and user-directed governance in open source software. The company's venture-backed status and Fortune 500 customer base suggest significant market validation for its approach.
What we're watching
- Adoption Pace
- How quickly enterprises will migrate from off-the-shelf images to custom builds using Chainguard OS Packages.
- Governance Impact
- Whether the Chainguard OS FUD Committee can effectively steer the OS's evolution to meet diverse user needs.
- Competitive Response
- How competitors will react to Chainguard's move into the custom container image space.