<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">


New RFI shows the U.S. gov effort to invest in open source is picking up steam 🚂

Today, the U.S. Office of the National Cyber Director (ONCD) released a request for information (RFI) entitled Open-Source Software Security: Areas ...
Luis Villa
by Luis Villa
on August 10, 2023

Luis Villa

Luis Villa

Recent Posts

Open source and the unintended consequences of the EU’s Cyber Resiliency Act

By Luis Villa on February 22, 2023
On September 15, 2022 the EU unveiled a draft of the Cyber Resiliency Act (CRA), an eighty-seven page document detailing proposed new rules meant to ...

Resilient open commons

By Luis Villa on November 3, 2022
Open source software is often loosely referred to as a “commons,” but we rarely think deeply about what that means. Elinor Ostrom, ...

Evaluating the RAIL license family

By Luis Villa on November 1, 2022
Evaluating the RAIL license family Machine learning (ML) is the hot topic in tech circles right now, and tech lawyers are no exception. Virtually ...

Washington, DC, and open—for maintainers

By Luis Villa on October 18, 2022
This blog post was originally published on our Tidelift community page. Some of you may have seen that open source has been in the news coming out of ...

Tidelift Advisory: US senators introduce the Securing Open Source Software Act of 2022

By Luis Villa on September 27, 2022
Last week, United States Senators Gary Peters and Rob Portman introduced the Securing Open Source Software Act of 2022, and referred it to the ...

Log4Shell highlights the need to proactively cooperate with open source maintainers at scale

By Luis Villa on December 14, 2021
Over the weekend, there was much ado on tech Twitter about the Log4Shell vulnerability and the reality of unpaid maintainers being asked to shoulder ...

Pay to play? Don't expect maintainers to solve your supply chain issues for free

By Luis Villa on August 24, 2021
For a long time, there were two basic tests for releasing open source: “does it do what I need it to do?” and “does it compile?” Sure, it was nice if ...

Software bills of materials are important—but they won't work at scale if we don't pay the maintainers

By Luis Villa on June 22, 2021
On June 2, the U.S. government posted a call for comments on the minimum elements that should be required in a software bill of materials (SBOM). At ...

What I learned from the Server Side Public License

By Luis Villa on February 3, 2021
When the Server Side Public License (SSPL) was submitted to the Open Source Initiative (OSI), many people criticized it, and the license was ...

Don't miss the latest from Tidelift

Filter by Topic