Get Current, Stay Current Empowers Organizations to Easily Update Software Dependencies Without Breaking Changes or Sacrificing Developer Productivity, Eliminating Security Vulnerabilities from Outdated Open Source

Vancouver, BC – May 1, 2024: ActiveState, the Open Source Management platform securing enterprise software supply chains unveiled Get Current, Stay Current (GCSC) – a continuous code refactoring service that deals with breaking changes so enterprises can stay current with the pace of open source. Updating software dependencies eliminates critical vulnerabilities and delivers enhanced functionality, reducing risk, improving productivity, and accelerating innovation. Initially supporting Python, GCSC allows developers, security, and DevOps teams to collaborate seamlessly through ActiveState’s Open Source Management platform where they can pull from a vast and securely built catalog of Python packages, setup portable developer environments that make testing and continuous integration easy to implement, schedule regular incremental runtime updates, and configure automatic code refactoring when there are breaking changes.

The flexibility, agility, and cost-effectiveness of developing applications with open source has provided unprecedented innovation, however, enterprises face mounting challenges hindering their efficiency and security across the software development lifecycle. Initially, they must contend with the fact that 96% of all applications use open source, over 75% of an applications’ code is open source, and each application has an average of 526 dependencies. This results in development teams using a monumental volume of code that is produced outside the organization making it difficult to observe, assess, and mitigate potential security vulnerabilities. These risks are compounded by the need to continuously update and refactor internal code to stay ahead of vulnerabilities, benefit from new features, and ensure backwards compatibility, a process that is both time-consuming and prone to human error, leading to the inadvertent introduction of security flaws and other bugs that result in production downtime. In the past year, 81% of all developers admitted to shipping vulnerabilities in code and it’s estimated that 91% of all organizations faced supply-chain attacks to exploit these open source vulnerabilities.

ActiveState’s GCSC solution revolutionizes business software management by automating upgrades of open-source dependencies to secure, modern versions.  It uniquely supports deployment across various environments, which ensures continuous delivery of updated dependencies and refactored code, helping businesses maintain software security and modernity with ease.  Customers can manage upgrade policies using the ActiveState Code Analysis and Upgrade Engine to configure the cadence and versions of open source updates and whether code recommendations should apply to dependencies only or dependencies and first-party source code. The ActiveState platform computes an upgrade plan detailing the dependency updates, CVEs that will be removed, and the impact of breaking changes. ActiveState breaks down all the necessary changes into a series of pull requests and updates the project runtime allowing customers to simply review the impact of all proposed changes, run unit tests, and accept them into the mainline branch. The ActiveState platform continuously checks for new updates and alerts customers when it’s time to perform an upgrade or if critical vulnerabilities have been detected that need immediate attention. 

“You cannot be secure if you are unable to update your dependencies. We’re excited today to remove one of the largest obstacles to remediating vulnerabilities: the fear of a breaking change.” said Scott Robertson, CTO. “It’s a big step in our mission to help manage open source for enterprises. We want to enable enterprises to maximize the value from open source while mitigating its risks.”

Each element of the code refactoring service is backed by a dedicated team of open source language engineers and researchers actively investigating and analyzing open source projects, hardening security, patching vulnerabilities, and adding new features. AI is leveraged to automate and simplify code refactoring and to modernize Python applications. This process eliminates the need for extensive research and testing to identify affected code. This comprehensive approach not only saves time but also significantly reduces the resources traditionally required to keep applications up-to-date and secure.

Learn more about how you can get your Python code to securely Get Current, Stay Current.

About ActiveState

ActiveState helps developers escape dependency hell and get straight to coding – securely. We’re redefining the way companies ship and manage software built with open source with over 20 years of experience partnering with enterprises developing in Python, Perl, Tcl and Ruby.  Learn how to start securely integrating open source dependencies into your build process with a free ActiveState account, or contact us for more information at www.activestate.com.