Open Source & More - Blog | Tidelift

$27m in Series C funding to improve open source security upstream

For maintainers
Log in

Product
Resources
- All Resources
- Log4Shell
- Guides & Reports
- Webinars
- Surveys
- Documentation
- Videos
- Blog
- Partnerships
- Podcasts
- Events
- LOG4SHELL RESOURCES
About
Blog
SCHEDULE DEMO

Featured

Joint Tidelift / JFrog webinar on-demand: Best practices for managing open source artifacts

Does this xkcd comic ring true for you?

by Amy Hays
on October 22, 2020

Spring cleaning: 3 tips for getting your application development house in order

By Jeremy Katz on May 26, 2020

Despite some indications to the contrary where I live in the northeast US, it is finally spring in the northern hemisphere—which many people ...

Gauging open source project health

By Keenan Szulik on May 19, 2020

Back in February, I had an opportunity to speak at the O’Reilly Software Architecture in New York City. I was excited to have the chance, and I ...

Don't miss the latest from Tidelift

Filter by Topic

Managed open source (57)
Lifters (52)
Maintainers (45)
Events (33)
Data (27)
Dependencies (25)
Developers (24)
NPM (24)
Open Source Software (24)
Subscription (24)
Sustainability (22)
the Tidelift Subscription (22)
JavaScript (21)
Licensing (21)
open source licenses (20)
Lifter Interview (19)
Packages (18)
Python (17)
Package Managers (14)
Survey (13)
Vue (13)
Libraries.io (12)
Pay the Maintainers (12)
Security (12)
Upstream (12)
2020 managed open source survey (10)
Java (10)
Log4Shell (10)
Maven (10)
Open source supply chain solutions (10)
Package Management (10)
Teamwork (10)
Tidelift catalogs (10)
2019 managed open source survey (8)
Free trial (8)
Log4j vulnerability (8)
PyPI (8)
jfrog (8)
log4j (8)
AWS (7)
Apache Log4j2 <=2.14.1 (7)
PHP (7)
Product updates (7)
open source supply chain (7)
Intro to managed open source (6)
Metrics (6)
webinar (6)
Interface (5)
Ruby (5)
VueConf (5)
VueJS (5)
Vuetify (5)
remote work (5)
rubygems (5)
2021 maintainer survey (4)
AWS:reinvent (4)
Financial services (4)
GitHub (4)
Linux (4)
Packagist (4)
The 2021 Tidelift open source maintainer survey (4)
White House executive order 14028 (4)
podcast (4)
remote team (4)
sBOMs (4)
software supply chain (4)
Application Development (3)
Bloomberg (3)
COVID-19 (3)
Changelog (3)
Dependency hell (3)
FinTech (3)
Forrester (3)
Gartner (3)
Good docs (3)
Google (3)
Government (3)
Hacker (3)
How to (3)
IDC (3)
Maintenance (3)
MongoDB (3)
Mongoose (3)
Open Source Initiative (3)
Package manager (3)
Project Lombok (3)
Pupdates (3)
Python Software Foundation (3)
React (3)
The Python Software Foundation (3)
Tidelift-managed catalogs (3)
copyleft licenses (3)
dependency health (3)
devops (3)
ethical open source licenses (3)
open source support (3)
recession (3)
supply chain attacks (3)
urllib3 (3)
2020 survey (2)
451 Research (2)
Artifactory (2)
Babel (2)
Enterprise (2)
GNU Public License (2)
GitLab Commit (2)
Golang (2)
Gulp JS (2)
Hippocratic (aka Do No Harm) License (2)
Hiring (2)
Laravel (2)
Maintainer Week (2)
Material-UI (2)
NumFocus (2)
NumPy (2)
NuxtJS (2)
PSF (2)
Productivity (2)
PyCon (2)
Red Hat (2)
Server Side Public License (2)
SolarWinds (2)
Tidelift advisory (2)
Vulnerabilities (2)
Webpack (2)
ajv (2)
catalogs (2)
commercial assurance (2)
composer (2)
cooking with tidelift and jfrog (2)
copyleft (2)
critical vulnerability (2)
diversity (2)
documentation (2)
eslint (2)
known-good open source (2)
managing open source (2)
nodejs (2)
pandas (2)
security vulnerability (2)
software bills of materials (2)
swampup (2)
2021 survey (1)
2FA (1)
996.icu (1)
996.icu license (1)
AGPL (1)
AGPL v3 (1)
APIs (1)
Active Admin (1)
Apache License (1)
Beautiful Soup (1)
Blue Oak Model License (1)
Browserify (1)
Bundler (1)
Byte Buddy (1)
CHIME (1)
CLI (1)
CVE (1)
CVE-2022-22965 (1)
Carbon (1)
Careers (1)
Commercial Open Source Software (1)
Community (1)
Community health files (1)
CommunityBridge (1)
Contributing to open source (1)
Cryptographic Autonomy License (1)
DXY.cn (1)
Dependency analyzer (1)
DevOps Enterprise Summit (1)
Digital Ocean (1)
Digital transformation (1)
Django (1)
DjangoCon (1)
ECMAScript 5 (1)
ED&I (1)
Elastic (1)
Evil Martians (1)
Fannie Mae (1)
Fidelity Investments (1)
Free Software Foundation (1)
GPL (1)
GPL v3 (1)
Girls Who Code (1)
GitHub Marketplace (1)
GitHub Satellite (1)
Global Maintainer Summit (1)
Hacktoberfest (1)
Jade (1)
Legal (1)
Lerna project (1)
License Zero (1)
Lifter help (1)
Lighthouse PHP (1)
Locale.ai (1)
MITRE (1)
Maintainerati (1)
Microsoft (1)
Mockito (1)
Nuxt (1)
OSCON (1)
OSI (1)
OSPO (1)
OSPOCON (1)
OSS (1)
Open Source Leadership Summit (1)
OpenJS Collaborator Summit (1)
Oracle (1)
Path-to-RegExp (1)
Penciljs (1)
Pillow (1)
Pug JS (1)
Pupdate (1)
Pylint (1)
Pyparsing (1)
QCon (1)
Ramda Adjunct (1)
React-Native (1)
Research (1)
Ruby Together (1)
Rust (1)
SSPL (1)
SciPy (1)
SerenityJS (1)
Slack (1)
Slim Framework (1)
Spring (1)
Spring MVC (1)
Spring WebFlux (1)
Spring framework (1)
StandardJS (1)
Stratus Digital Systems (1)
Sudo Show (1)
SugarCRM (1)
Symfony (1)
TC39 (1)
TFiR (1)
Tools (1)
Two Factor Authentication (1)
USGS (1)
Underscore (1)
University of Michigan (1)
Upstream thinking (1)
Vue 3 (1)
Vue vs React (1)
What is a package manager (1)
White House executive order (1)
agile (1)
ama (1)
analyst firm (1)
anti-carbon license (1)
array flatten (1)
artifacts (1)
autoprefixer (1)
backbone (1)
backend framework (1)
burnout (1)
byebug (1)
case study (1)
code health (1)
command line integration (1)
coordinated security vulnerability disclosure (1)
coronavirus (1)
curl (1)
cybersecurity (1)
data science (1)
decentralized internet (1)
demo (1)
docs advocacy (1)
es5-shim (1)
event (1)
finos (1)
formidable (1)
google monorepo (1)
grape (1)
halfnium microsoft exchange (1)
inclusion (1)
json (1)
keynote (1)
lock files (1)
mental health (1)
no-negotiation policy (1)
nuget (1)
o'reilly (1)
observability (1)
open source scanning tools (1)
open source software support (1)
open source strategy forum (1)
open source summit (1)
opencore (1)
package health (1)
package invalidation (1)
package manifests (1)
package selection (1)
package signing (1)
php html parser (1)
phpstan (1)
pluralize (1)
polyfills (1)
postcss (1)
react-native-camera (1)
reactivity (1)
redmonk (1)
requests (1)
rights ratchet (1)
ruby grape (1)
software architects (1)
software engineers (1)
supply-chain compromises (1)
swift (1)
tech books (1)
the Apache Foundation (1)
the Flarum Foundation (1)
the Linux Foundation (1)
the Polyform Project (1)
third_party_prefix (1)
unfunded mandates (1)
vue 2 (1)
vue catalog (1)
vuesax (1)
websockets (1)
wordpress (1)
working at Tidelift (1)
zero-day fire drill (1)

See All

50 Milk St, 16th Floor
Boston, MA 02109
(617) 528-9673

Privacy policy

Terms of service

System status

Tidelift

About
Log in
Blog
Press
Contact
Jobs

Product
Pricing
Free demo
Documentation
Scope of support

Resources
Log4Shell resources
Blog
Tools
Guides
Videos
Checklists
Podcasts
Webinars
News
Surveys
Partnerships

For Maintainers
Packages with income
Maintainer tasks