Lift a Project   Sign up with Github

Featured

Highlights from the FOSDEM package management dev room

A couple weeks ago a number of us from Tidelift travelled to Belgium for FOSDEM, an annual free software conference that has grown to become one of ...
Andrew Nesbitt
by Andrew Nesbitt
on February 15, 2018

Equifax, open source, and glass houses

By Donald Fischer on February 13, 2018
Equifax is back in the news, with the latest reports indicating that hackers acquired not only names, social security numbers, birth dates, and ...

Dependency management and your software health

By Keenan Szulik on February 8, 2018
As I’ve written about before, the packaging of open source software is trending towards increasingly granular modules, distributed through a ...

The state of copyleft licensing

By Luis Villa on February 1, 2018
In my last post, I talked about how much (or little!) we know about the licenses in the 30+ package managers and 2+ million packages in libraries.io, ...

Bit Rot: the silent killer

By Andrew Nesbitt on January 30, 2018
Your code is rotting right now.

Open source: who's paying the bills?

By Benjamin Nickolls on January 25, 2018
Open source software isn’t free—someone else paid for it.

The state of licensing information (or, how do we know what we know?)

By Luis Villa on January 18, 2018
As open source has grown, it has also gotten more granular. Modern apps often depend on hundreds or thousands of open source packages, not counting ...

Managing the complexities of modular software

By Keenan Szulik on January 11, 2018
Last week, I took a dive into the world of JavaScript and NPM (its largest package manager) exploring the granularity of JavaScript software and the ...

Three ways to improve the sustainability of open source projects

By Benjamin Nickolls on January 9, 2018
Open source software has been astoundingly successful. Today, it is the basis upon which much of our technology is built, technology that keeps us ...

JavaScript, NPM, and the rise of granular software

By Keenan Szulik on January 4, 2018
In the last month, we’ve alluded to the relationship between package managers and small, modular packages on a couple of occasions, without ...