CHAINGUARD has unveiled Factory 2.0, the second generation of its platform for maintaining hardened open-source images, components and artifacts, presented at the Assemble conference in New York.
The update replaces the original platform’s complex, event-driven automations with a durable system that combines standard code and agentic reconciliation bots, and it introduces an AI-enabled framework to manage software pipelines using a controller/reconciler model to continually reconcile open-source artefacts across containers, libraries, Actions and skills. The DriftlessAF agentic framework is designed to keep approved open-source artefacts updated and patched rather than relying on delicate scripts.
Chainguard Actions, a hardened catalog of GitHub Actions and similar CI/CD workflows, aims to reduce supply-chain risk by providing secure, vetted replacements for upstream actions. The article notes recent threat activity, including a GitHub Actions incident that leaked secrets from over 23,000 repositories and the emergence of malicious OpenClaw registry skills, underscoring the relevance of Factory 2.0’s automated, secure artefact maintenance.
Chainguard Guardener is an AI agent intended to automate migration and maintenance of trusted open-source artefacts across development and deployment workflows.