Open Source & More - Blog | Tidelift

Intro to managed open source p. 6: fitting the Tidelift Subscription into your workflow

Written by Jeff Stern | December 19, 2019

In this six-part series, I’m highlighting each of the key features of the Tidelift Subscription. In this final post, we share how our tooling and cloud integration capabilities make it easy to incorporate the Tidelift Subscription into your existing workflow. Check out part one, part two, part three, part four, and part five of the series. And if you’d like to start with a more complete view of how the Tidelift Subscription works, take a tour here

One of the key benefits of using the Tidelift Subscription is that it neatly fits in with your existing tooling and workflow. Once you understand the other benefits of the Tidelift Subscription, it doesn’t take much effort to configure it with your existing repositories.

We have configuration instructions for GitHub, Bitbucket, and all other source code management and CI workflows. Once you are tracking your repositories, we will analyze the dependencies you're currently using and begin providing you with solutions for high-priority issues. If you need any support with this setup, you can get in touch by chat, email, or phone.

As soon as you begin tracking all of your repositories, this is the visualization you'll see of your subscription at work:

Here are some ideas for how existing customers have integrated Tidelift into their workflow:

  • Run nightly scans of the master branch to catch any issues, such as a newly discovered security vulnerability on an old package
  • Run scans against all new feature branches to understand if new issues have been introduced or resolved
  • Measure open source usage across the organization in real time and identify opportunities to use more managed open source packages

And don’t worry if you’re not ready to fully integrate Tidelift into your workflow. We recognize that this can be a big ask when you’re still evaluating software. During setup, you also have the option to manually upload dependency files for a single repository. This is a fantastic option for quickly seeing the results of our analysis and getting a feel for the benefits of managed open source.

VIDEO: Watch Tidelift co-founder and CEO Donald Fischer explain the key benefits of the Tidelift Subscription.