Why the teams building the future of software already need what ActiveState does

The Python ecosystem just shifted underneath everyone’s feet.

OpenAI’s acquisition of Astral (the team behind uv, Ruff, and ty) sent a clear signal: AI companies aren’t just writing code anymore. They’re acquiring the infrastructure that manages, checks, and runs that code. The toolchain is now strategic territory.

Anaconda saw the signal too, and responded with a vision of “AI-native development” with Anaconda’s AI Navigator product: a world where the full arc of building AI applications, from local experimentation to production deployment, is managed through a single, trusted platform.

They’re right that this is the future. And they’re right that trust is the central problem.

What they didn’t say, but what every enterprise security and engineering team already knows, is that trust in software doesn’t start with your IDE or your AI model manager. It starts much earlier, and it goes much deeper.

It starts with your dependencies.

TL;DR

  • AI agents are resolving and installing open source dependencies at machine speed, with no human in the loop. The attack surface is expanding faster than security teams can manually manage it.
  • Most AI-native tooling doesn’t address the provenance problem. Knowing what’s in your environment and verifying it was built from clean source is a prerequisite for trusting what AI generates.
  • ActiveState builds open source components from vetted source code, continuously remediates vulnerabilities with contractual SLAs, and ships every artifact with immutable provenance. That governance layer slots directly into the workflows your teams already run.

AI-Native Development Has a Dependency Problem Nobody Is Talking About

AI-native development means AI is embedded throughout the lifecycle, not bolted on as an assistant. Agents write code, resolve dependencies, spin up environments, run linting passes, and push to production,all in tight, automated loops with minimal human intervention.

That velocity is the point. It’s also where the exposure lives.

When AI agents are generating code and autonomously installing packages, the question of what exactly is running in your environment becomes more urgent, not less. The attack surface grows. The provenance of your dependencies matters more. The ability to reproduce an environment exactly and verify that nothing in it has been tampered with stops being a nice-to-have and becomes a baseline security requirement.

Malicious packages have grown 156% year-over-year. Public registries like npm and PyPI are active targets for supply chain attacks, typosquatting, and malware injection. An AI agent doesn’t slow down to evaluate whether the package it just pulled is actively maintained or already compromised. It resolves the dependency and moves on.

This is precisely the problem ActiveState was built to solve.

The Security Layer AI-Native Tooling Isn’t Providing

ActiveState builds open source packages from vetted source code, automatically, for every dependency in your stack. That distinction of built from source versus pulled from a pre-built binary of unknown provenance is the entire argument.

Here’s what that means in practice.

  • No binary trust problem. Every component in your environment is compiled from source inside a SLSA Level 3 build environment. You’re not inheriting whatever was sitting in a public registry at the moment an AI agent made a request. You know what you have, you know where it came from, and you can prove it.
  • Vulnerability remediation that doesn’t hand the backlog back to your team. The industry average for mean time to remediate critical CVEs sits upward of 60 days. ActiveState’s contractual SLAs are 5 business days for critical CVEs, 10 for highs, and 30 for all others. When a vulnerability is identified or a community fix is released, we rebuild the component from source and redistribute it automatically. Your engineers review the outcome, not the process.
  • SBOMs and attestations by default. Every environment ActiveState builds ships with a signed Software Bill of Materials. When regulators or enterprise security teams ask what’s inside your AI application, you have the documented due diligence to answer, not a scramble to reconstruct it.

Reproducibility across the full lifecycle. The same environment a developer builds locally travels reliably to CI/CD and to production. No drift. No “works on my machine.” AI-native development makes environmental consistency harder. ActiveState has spent years making it a solved problem.

This Fits Into the Workflow You’re Already Running

ActiveState is not asking you to replace your AI-native tooling. It slots into it.

  • Using uv for fast dependency resolution in your agent pipelines? The ActiveState curated catalog of 79 million+ rebuilt-from-source components gives your uv-based workflows a security-verified artifact layer to pull from, rather than pulling directly from PyPI with no provenance guarantees.
  • Building with Anaconda or conda environments? ActiveState integrates with conda-compatible workflows, adding open source software security and governance without disrupting the local development experience your data science and AI teams already rely on.
  • Running AI coding agents like Codex or GitHub Copilot Workspace? The packages those agents install need to come from somewhere trustworthy. ActiveState is that somewhere: a governed, continuously updated catalog of 79 million secure open source components that agents can consume without introducing unknown risk into your production systems.
  • Deploying to containers? ActiveState Secure Containers ship with zero known critical vulnerabilities, are rebuilt to our SLAs, and include signed SBOMs. They’re designed to be the secure foundation that AI-generated applications actually run on.

The Vendor Neutrality Question Is Worth Asking

When a single AI company owns your package manager, your linter, your type checker, and your coding agent, you have a concentration of dependency that most enterprise security and procurement teams should find uncomfortable.

ActiveState has operated as a vendor-neutral, independent steward of enterprise open source for nearly three decades. We don’t have an AI coding agent whose roadmap might quietly reshape which packages get prioritized, which vulnerabilities get patched first, or which environments get first-class support.

We have one job: make sure the open source your teams depend on is secure, reproducible, and trustworthy, regardless of which AI tools sit on top of it.

In an era where the toolchain is becoming a competitive battleground between AI companies, that neutrality is a feature.

The Fundamentals Don’t Change Because the Stack Does

The shift to AI-native development is real. The loops are tighter. The volume of code being generated and the speed at which dependencies are being resolved is unlike anything the industry has seen before.

But the fundamentals of what makes software trustworthy in production haven’t changed. You need to know what’s in it. You need to know it was built from a verified source. You need to be able to reproduce it. And when a vulnerability is discovered, you need to fix it fast and completely, not in 60+ days.

ActiveState has always been the platform that handles that layer, quietly, reliably, at enterprise scale.

AI-native development doesn’t change that. It makes it more important.

Want to understand how ActiveState fits into your AI-native development workflow? Talk to our team.

Frequently Asked Questions

AI-native development means AI is embedded throughout the software lifecycle — writing code, resolving dependencies, spinning up environments, and pushing to production, often with minimal human intervention. That velocity is the point. It's also where the exposure lives. When AI agents are autonomously installing open source packages, the question of what exactly is running in your environment becomes more urgent. Malicious packages have grown 156% year-over-year, and an AI agent doesn't slow down to evaluate whether the package it just pulled is actively maintained or already compromised.

Most environments inherit open source from pre-built binaries sitting in public registries. You're trusting that whoever built that binary did so cleanly, from unmodified source, in an uncompromised environment. ActiveState eliminates that blind trust by compiling every component from vetted source code inside a SLSA Level 3 build environment. You know what you have, you know where it came from, and you can prove it, with cryptographic attestations and a signed Software Bill of Materials shipped with every artifact.

ActiveState slots into your existing workflows rather than replacing them. If your team uses uv for dependency resolution, ActiveState's curated catalog of 79 million rebuilt-from-source components gives those pipelines a security-verified artifact layer instead of pulling directly from PyPI with no provenance guarantees. If you're running Anaconda or conda environments, ActiveState adds open source software security and governance without disrupting your data science workflows. If AI coding agents like Codex or GitHub Copilot Workspace are installing packages, ActiveState is the governed, continuously updated source those agents pull from.

When a vulnerability is identified or a community fix is released, ActiveState rebuilds the affected component from source and redistributes it automatically. Your engineers review the outcome, not the process. ActiveState's contractual SLAs are 5 business days for critical CVEs, 10 days for highs, and 30 days for all others. The industry average for mean time to remediate critical CVEs sits upward of 60 days. That gap is where breaches happen.

Every environment ActiveState builds ships with a signed Software Bill of Materials and complete build-time provenance. When regulators, enterprise security teams, or your board ask what's inside your AI application, you have the documented due diligence to answer immediately, not a scramble to reconstruct it. In the 2026 regulatory environment, "we had a scanner" is not a sufficient defense. Immutable provenance and contractual remediation SLAs constitute a reasonably designed program that protects both your organization and the security leaders personally accountable for the software supply chain.

ActiveState supports Windows, macOS, and Linux. ActiveState Secure Containers are purpose-built for teams deploying AI-generated applications to containerized environments and ship with zero known critical vulnerabilities, signed SBOMs, and are rebuilt to ActiveState's remediation SLAs. ActiveState Managed Distributions handles the enduring workloads and cross-platform developer environments that container-focused solutions can't reach, including Windows and macOS workstations and legacy application environments.