<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">

$27m to improve open source health and security with Tidelift’s partnered maintainers

Donald Fischer
by Donald Fischer
on May 24, 2022

Today we’re excited to announce that Tidelift has closed on $27 million of Series C funding, led by Dorilton Ventures with participation by Kaiser Permanente, Atlassian Ventures, General Catalyst, and Foundry Group.

Here’s what this means for you.

Open source is an opportunity so big it’s hard to see

Like so many things in modern life, the scale of the modern open source software movement boggles the mind. Millions of projects. 90% of applications contain open source. Open source makes up 70% or more of any given application. 

Open source software is so pervasive, it can become invisible.

But software is a human artifact. It’s made by people. In the case of the libraries, frameworks, and packages that make up most of the code in modern applications, the overwhelming majority of the people behind that code never signed up to be part of some organization’s “software supply chain.”

But the fact is: we collectively rely on the maintainers of open source.

And that’s an opportunity for everyone.

Maintainers are the key to open source software supply chain security

We founded Tidelift to pursue a simple, but powerful idea: for every popular open source package, some person or team made that software. Millions of other people, in thousands of organizations, rely on that software. Can we align the interests of those humans in a novel way where everyone wins, by paying the maintainers to comprehensively validate that their packages meet defined, production-ready standards?

Over the past few years, we’ve proven that, in fact, we can—and that we can scale it.  

Tidelift now partners with the maintainers of thousands of popular open source projects used in application development. We’ve paid millions of dollars directly to independent open source maintainers. We’ve built a software platform that helps organizations that serve our society—financial institutions, health care providers, technology companies, government agencies—improve the health of the open source that flows into the applications that their customers, employees, and citizens rely on. Just last week, we were named a 2022 Gartner® Cool Vendor.

Tidelift has demonstrated the win-win.

Now it’s time for the creators and consumers of open source software to win even bigger, together.

New energy and attention, but still powered by people

The conversation around open source supply chain security continues to evolve. In the aftermath of Log4Shell and similar jarring episodes, governments, industry consortia, and organizations of all types are weighing in with proposed requirements, standards, and specifications.

All this fresh energy and activity is tremendous, and long overdue. It’s shining a spotlight on issues that too many have taken for granted for too long.

But amid all this commotion, we can’t forget: there are still people behind all that open source software. 

All the specifications, standards, and tools in the world won’t help us if we can’t align the interests of the humans who create and the humans who rely on open source software.

That’s why we’re thrilled to have secured this new funding, inviting some new partners to the table, helping us scale Tidelift so that we can serve the needs of even more organizations and even more open source maintainers.

Join us at Upstream 2022

Reinforcing the open source software we collectively depend on is a huge challenge, and it’s going to require a multitude of ideas, approaches, and perspectives well beyond Tidelift.

That’s why Tidelift is excited to be hosting Upstream on June 7, 2022. Upstream is a 100% virtual, completely free event bringing together like-minded application developers, open source project maintainers, and the extended network of people who care most about their work.

The Upstream lineup includes over 30 talks and panels, including both industry leaders who rely on open source and the open source creators behind it.  

This year at Upstream we ask: What do we owe each other?

Add your voice to the conversation.

New call-to-action