Home > Blog
Our Blog Posts
Featured Blog
Disinformation Is An Open Source Problem
The Oxford dictionary defines disinformation as “false information which is intended to mislead.” That simple definition seems to understate the problem, given the fact that ...
Read More →
All Blog Posts
How to go from untrusted open source components to trusted artifacts
Starting with secure, trusted open source artifacts before your developers write their first line of code is the best way to control costs and reduce ...
Read More →
The Software Industry’s Supply Chain Security – Poor, Average or Excellent?
Understand how your security implementation stacks up against your peers, and how you can decrease software supply chain security risk.
Read More →
Maintain or Migrate? The Python 2 Migration Conundrum in 2022
Should you maintain your Python 2 codebase or migrate to Python 3? You might not have a choice. Here's why.
Read More →
5 key open source lessons from the past year
Planning for 2022? Here are the key lessons we learned in open source in 2021 that you need to take into account.
Read More →
Introducing Trusted Open Source Artifact Subscription for JFrog Artifactory
Automatically populate JFrog Artifactory with up-to-date open source Python packages, or other open source language artifacts you can trust.
Read More →
How to work with GraphQL in Python
GraphQL is the de facto standard for providing an external API. Learn how to use the GQL 3 GraphQL Client for Python.
Read More →
Top 10 Coding Mistakes in Python & How to Avoid Them
This article provides an introduction to the top ten errors beginners often make and gives you tips on how to avoid them.
Read More →
How to do text summarization with deep learning and Python
Python tutorial - use Abstractive Text Summarization and packages like newspeper2k, PyPDF2, and SPaCy to summarize text with deep learning.
Read More →
The Python 2 Threat in Your Supply Chain Is Real
Python 2 in development and test environments pose an undue risk in the face of escalating supply chain attacks.
Read More →
ActiveState’s Official Statement on the Java Log4j Vulnerability
After careful auditing, it has been established that ActiveState is not impacted by the critical Apache Log4j vulnerability, CVE-2021-44228.
Read More →
PyPI security pitfalls and steps towards a secure Python ecosystem
PyPI is improving Python supply chain security, but gaps still exist. Learn the tools and techniques to avoid Python's security pitfalls.
Read More →
Managing IoT Security Threats and Vulnerabilities Better
Securing IoT devices means securing their network, supply chain, and automating vulnerability remediation. Here's how.
Read More →