Open Source & More - Blog | Tidelift | Tieg Zaharia

How the maintainers of urllib3 keep the project secure and healthy

For maintainers
Login

For maintainers
Log in

Product
Resources
Company
Blog
Schedule demo

Featured

Digging into the data: Open source software repo supply chain attacks

I had just wrapped up some internal Tidelift research on open source software supply chain compromises a few weeks ago when I saw PyPI's announcement ...

by Tieg Zaharia
on August 2, 2022

Tieg Zaharia

Recent Posts

The current state of package invalidation support across package managers

By Tieg Zaharia on April 1, 2021

Deprecate, retract, unpublish, abandon, yank, orphan, archive... What do all these have in common? Well, they’re different terms for what I’ll call ...

The state of package signing across package managers

By Tieg Zaharia on June 11, 2020

Recently I looked at the state of 2FA support across package managers. 2FA adds a layer of security by requiring two sources of authentication from ...

The current state of two-factor authentication across package managers

By Tieg Zaharia on July 23, 2019

Recently at Tidelift we started asking our partnered maintainers (we call them “lifters”) to confirm that they have Two-Factor Authentication (2FA) ...

Don't miss the latest from Tidelift

Filter by Topic

See All

50 Milk St, 16th Floor
Boston, MA 02109
(339) 210-5630

Copyright © Tidelift, Inc.

Terms of service

Tidelift

About
Log in
Blog
Press
Contact
Jobs

Product
Solutions
Pricing
Free demo
Documentation
Scope of support

Resources
Log4Shell resources
Blog
Tools
Guides
Videos
Checklists
Podcasts
Webinars
News
Surveys
Partnerships

For Maintainers
Packages with income
Maintainer tasks