Big news: Sonar has entered a definitive agreement to acquire Tidelift!
For maintainers
Login
For maintainers
Log in
Product
Overview
Scope of support
Pricing
The Tidelift maintainer advantage
Schedule demo
Solutions
INDUSTRIES
Healthcare
Insurance
Telecommunications
Financial services
Media
Government suppliers
Government agencies
TECHNOLOGIES
Threat intelligence
SCA tools
Schedule a demo
Resources
All resources
Case Stories
xz backdoor hack
Log4Shell
Guides & Reports
Webinars
Analyst
Documentation
Videos
Blog
Surveys
Government resources
Open source knowledge center
Company
About Tidelift
Press
Contact us
Partnerships
Events
Join the Tidelift team
Blog
Book a custom demo
Featured
The current state of two-factor authentication across package managers
Recently at Tidelift we started asking our partnered maintainers (we call them “lifters”) to confirm that they have Two-Factor Authentication (2FA) ...
by
Tieg Zaharia
on July 23, 2019
Had enough of the zero-day exploit and fire drill?
By
Havoc Pennington
on December 6, 2018
Yeah, there will always be more.
Event-stream: 100 million downloads, unmaintained, hacked. Now can we pay the !@#$% maintainers?
By
Keenan Szulik
on November 27, 2018
Late last week, users of the popular JavaScript library event-stream discovered a vulnerability in the package caused by a malicious actor who had ...
This is a search field with an auto-suggest feature attached.
There are no suggestions because the search field is empty.
Filter by Topic
Maintainers
(116)
Lifters
(81)
Managed open source
(53)
Upstream
(51)
Events
(50)
open source software supply chain
(47)
Government
(41)
Survey
(41)
Data
(30)
open source supply chain
(29)