<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">

Featured

Digging into the data: Open source software repo supply chain attacks

I had just wrapped up some internal Tidelift research on open source software supply chain compromises a few weeks ago when I saw PyPI's announcement ...
Tieg Zaharia
by Tieg Zaharia
on August 2, 2022

Tieg Zaharia

Tieg Zaharia

Recent Posts

The current state of package invalidation support across package managers

By Tieg Zaharia on April 1, 2021
Deprecate, retract, unpublish, abandon, yank, orphan, archive... What do all these have in common? Well, they’re different terms for what I’ll call ...

Package signing across package managers

By Tieg Zaharia on June 11, 2020
Package signing across package managers Recently I looked at the state of 2FA support across package managers. 2FA adds a layer of security by ...

The current state of two-factor authentication across package managers

By Tieg Zaharia on July 23, 2019
Recently at Tidelift we started asking our partnered maintainers (we call them “lifters”) to confirm that they have Two-Factor Authentication (2FA) ...

Don't miss the latest from Tidelift

Filter by Topic