Take a tour
Scope of support
Resources
Blog
Tools
Guides
Videos
Checklists
Podcasts
Webinars
News
Surveys
Solutions
Partnerships
Events
About
For Maintainers
Log In
Try It free
Featured
The state of package signing across package managers
Recently I looked at the state of 2FA support across package managers. 2FA adds a layer of security by requiring two sources of authentication from ...
by
Tieg Zaharia
on June 11, 2020
Composer is now part of the Tidelift Subscription
By
Brenna Heaps
on June 2, 2020
Composer is a dependency manager for PHP that helps you declare, manage, and install dependencies of PHP projects. Composer’s management of ...
Filter by Topic
Lifters
(49)
Maintainers
(39)
Managed open source
(37)
Data
(26)
Dependencies
(25)
Subscription
(24)
Developers
(22)
Sustainability
(22)
Open Source Software
(20)
NPM
(18)
Packages
(18)
the Tidelift Subscription
(18)
Lifter Interview
(17)
JavaScript
(16)
Licensing
(16)
Libraries.io
(13)
Package Managers
(13)
Security
(13)
Events
(10)
Python
(10)
Teamwork
(10)
Vue
(10)
open source licenses
(10)
Package Management
(9)
Survey
(9)
2019 managed open source survey
(8)
Free trial
(7)
Maven
(7)
Intro to managed open source
(6)
Metrics
(6)
PHP
(6)
Java
(5)
Pay the Maintainers
(5)
PyPI
(5)
Linux
(4)
VueJS
(4)
Application Development
(3)
Financial services
(3)
GitHub
(3)
Hacker
(3)
How to
(3)
Maintenance
(3)
Package manager
(3)
Packagist
(3)
Project Lombok
(3)
React
(3)
Vuetify
(3)
recession
(3)
remote team
(3)
remote work
(3)
rubygems
(3)
451 Research
(2)
Babel
(2)
COVID-19
(2)
Changelog
(2)
Dependency hell
(2)
Enterprise
(2)
FinTech
(2)
GitLab Commit
(2)
Gulp JS
(2)
Hippocratic (aka Do No Harm) License
(2)
Hiring
(2)
Laravel
(2)
Material-UI
(2)
MongoDB
(2)
Mongoose
(2)
NuxtJS
(2)
Product updates
(2)
Productivity
(2)
Python Software Foundation
(2)
Ruby
(2)
VueConf
(2)
Vulnerabilities
(2)
Webpack
(2)
ajv
(2)
composer
(2)
dependency health
(2)
ethical open source licenses
(2)
jfrog
(2)
pandas
(2)
security vulnerability
(2)
swampup
(2)
2FA
(1)
996.icu
(1)
996.icu license
(1)
AGPL
(1)
AGPL v3
(1)
APIs
(1)
AWS:reinvent
(1)
Active Admin
(1)
Artifactory
(1)
Beautiful Soup
(1)
Blue Oak Model License
(1)
Browserify
(1)
Bundler
(1)
Byte Buddy
(1)
CHIME
(1)
CLI
(1)
CVE
(1)
Carbon
(1)
Careers
(1)
Commercial Open Source Software
(1)
Community
(1)
Community health files
(1)
CommunityBridge
(1)
Cryptographic Autonomy License
(1)
DXY.cn
(1)
Dependency analyzer
(1)
DevOps Enterprise Summit
(1)
Django
(1)
DjangoCon
(1)
ECMAScript 5
(1)
Fidelity Investments
(1)
Free Software Foundation
(1)
GPL
(1)
GPL v3
(1)
Gartner
(1)
Girls Who Code
(1)
GitHub Marketplace
(1)
GitHub Satellite
(1)
Golang
(1)
Good docs
(1)
Google
(1)
Jade
(1)
Legal
(1)
Lerna project
(1)
License Zero
(1)
Lifter help
(1)
Lighthouse PHP
(1)
Locale.ai
(1)
Maintainerati
(1)
Mockito
(1)
NumFocus
(1)
NumPy
(1)
Nuxt
(1)
OSCON
(1)
Open Source Initiative
(1)
Open Source Leadership Summit
(1)
OpenJS Collaborator Summit
(1)
Oracle
(1)
PSF
(1)
Penciljs
(1)
Pillow
(1)
Pug JS
(1)
Pylint
(1)
Pyparsing
(1)
QCon
(1)
Ramda Adjunct
(1)
React-Native
(1)
Red Hat
(1)
Research
(1)
Ruby Together
(1)
SciPy
(1)
SerenityJS
(1)
Server Side Public License
(1)
Slim Framework
(1)
StandardJS
(1)
Symfony
(1)
TC39
(1)
The Python Software Foundation
(1)
Tools
(1)
Two Factor Authentication
(1)
University of Michigan
(1)
Vue 3
(1)
Vue vs React
(1)
What is a package manager
(1)
anti-carbon license
(1)
backend framework
(1)
byebug
(1)
code health
(1)
command line integration
(1)
commercial assurance
(1)
coordinated security vulnerability disclosure
(1)
copyleft
(1)
coronavirus
(1)
curl
(1)
data science
(1)
diversity
(1)
es5-shim
(1)
eslint
(1)
grape
(1)
json
(1)
lock files
(1)
nodejs
(1)
nuget
(1)
o'reilly
(1)
observability
(1)
open source scanning tools
(1)
open source supply chain
(1)
package health
(1)
package manifests
(1)
package signing
(1)
phpstan
(1)
polyfills
(1)
postcss
(1)
react-native-camera
(1)
reactivity
(1)
requests
(1)
ruby grape
(1)
software architects
(1)
software engineers
(1)
supply-chain compromises
(1)
the Flarum Foundation
(1)
the Linux Foundation
(1)
the Polyform Project
(1)
urllib3
(1)
vuesax
(1)
websockets
(1)
wordpress
(1)
zero-day fire drill
(1)
See All
