Videos
Govern AI-Generated Dependencies Inside Your Dev Environment
April 9, 2026
When an AI coding assistant suggests a dependency, where does it actually come from? For most teams, the answer is a public registry with no vetting, no provenance, and no policy enforcement. This walkthrough shows how connecting an ActiveState Curated Catalog into your development environment changes that, so AI coding tools draw from a governed, built-from-source source by default.
You'll see the full integration in practice, from initial connection through automated remediation and final validation.
What you'll see in this video:
- How to connect an ActiveState Curated Catalog directly into your development environment
- Integration options for enterprise artifact managers and AI coding tools, including Claude
- Automatically scanning a requirements.txt file for vulnerable open source dependencies
- Real-time CVE visibility and upgrade recommendations based on ActiveState component data
- Automated remediation including secure version downloads, installation, and dependency file updates
- Functional validation to confirm code remains operational after security updates are applied
This is what it looks like when open source governance is enforced at the point of consumption, not discovered by a scanner after the fact.
.webp)
.jpeg)
.jpeg)