In a follow-up to their December 2025 report, *The State of Trusted Open Source*, **Chainguard** has released new insights into open-source consumption based on product data and their customer base. This analysis covers container image projects, versions, language libraries, and builds, shedding light on deployment patterns, vulnerabilities, and remediation efforts. ### AI's Reshaping of Software Development Software development is rapidly accelerating, largely driven by the increasing integration of AI across the development lifecycle. From code generation to infrastructure automation, AI models are becoming more sophisticated and capable of meeting modern demands. This shift is not only expanding development capabilities but also reshaping the security landscape. ### Report Methodology The report analyzed over 2,200 unique container image projects, 33,931 total vulnerability instances, and 377 unique **CVE**s from December 1, 2026, through February 28, 2026. The terms "top 20 projects" and "long tail projects" reflect real usage patterns observed across **Chainguard**'s customer portfolio and in production pulls. ### Key Findings The latest report identifies several themes indicating the impact of AI-driven development: * **Python and PostgreSQL Growth:** Python remains the most popular image (used by 72.1% of customers), while **PostgreSQL** saw a 73% increase in usage, highlighting the adoption of a modern AI stack. * **Standardized Platform Stack:** Language ecosystem images comprise over half of the top 25 images used in production by **Chainguard** customers. * **Chainguard Base as a Foundation:** The **chainguard-base** image, a minimal distroless base image, was the 5th most-used **Chainguard** image, serving as a customizable "utility belt." * **Accelerated Vulnerability Discovery:** **Chainguard** applied over 300% more fixes and saw a 145% increase in vulnerabilities, suggesting AI is both pushing more code and uncovering more **CVE**s. * **Long Tail Risk:** 96% of vulnerabilities were found and remediated outside the top 20 most popular projects, consistent with previous findings. * **Compliance Drives Adoption:** A **FIPS**-compliant variant of a **Chainguard** container image entered the top 10 images by customer count. ## Usage: Production Deployment Trends The report highlights the prevalence of AI in code generation, leading to increased adoption of the Python language ecosystem and related technologies. ### Most Popular Images: Python and PostgreSQL Lead the Way #### PostgreSQL Growth Soars The strongest growth was observed in images aligned with AI adoption. **Python remains the most widely deployed image**, with 72.1% of **Chainguard** customers using a Python image (including **FIPS** and non-FIPS variants). This reflects Python's role in machine learning, data pipelines, and automation. **Node** continues to be a key part of application infrastructure, used by 60.7% of customers. The most significant change is the 73% quarter-over-quarter growth in **PostgreSQL** usage. This growth correlates with the rise of AI workloads, where **PostgreSQL** is used for vector search and retrieval-augmented generation, supported by extensions that enable embedding storage and similarity queries.  ### Modern Platform Convergence #### Language Ecosystems Dominate Production environments are converging around a consistent set of foundational components. **Language ecosystems account for over half of the top 25 images**. Python (72.1%), Node (60.7%), Java (44.4%), Go (42.8%), and .NET (27%) define the runtime layer, with growth across each ecosystem. Teams are also standardizing on cloud-native components like **nginx**, service mesh tools, **Prometheus**, **ArgoCD**, and **kubectl**. This results in a layered architecture with a small number of runtimes, shared operational components, and a long tail of supporting dependencies. Standardization is occurring at the platform level, even as application-specific variation increases. ### Chainguard Base: A Foundation for Tooling #### Top-Deployed Image **Chainguard Base**, a minimal distroless base image, was the 5th most-deployed image, used by 36.3% of customers. It provides a secure foundation that teams can extend with necessary components. Customization patterns reveal that 95% of customized repositories include added packages, and over three-quarters of customers customize at least one image. These customizations often involve adding developer and operational utilities like **curl**, **bash**, **jq**, **git**, and cloud tooling, demonstrating a pattern of using **Chainguard Base** as a secure starting point for CI/CD pipelines, debugging environments, and internal platform tooling. As platform engineering matures, the need for secure, customizable base environments is becoming more pronounced, positioning **Chainguard Base** as a core building block.