Big news: Sonar has acquired Tidelift!
For maintainers
Login
For maintainers
Log in
Product
Company
Blog
Request a demo
Featured
The current state of two-factor authentication across package managers
Recently at Tidelift we started asking our partnered maintainers (we call them “lifters”) to confirm that they have Two-Factor Authentication (2FA) ...
by
Tieg Zaharia
on July 23, 2019
Had enough of the zero-day exploit and fire drill?
By
Havoc Pennington
on December 6, 2018
Yeah, there will always be more.
Event-stream: 100 million downloads, unmaintained, hacked. Now can we pay the !@#$% maintainers?
By
Keenan Szulik
on November 27, 2018
Late last week, users of the popular JavaScript library event-stream discovered a vulnerability in the package caused by a malicious actor who had ...
This is a search field with an auto-suggest feature attached.
There are no suggestions because the search field is empty.
Filter by Topic
Maintainers
(116)
Lifters
(81)
Managed open source
(53)
Upstream
(51)
Events
(50)
open source software supply chain
(47)
Government
(41)
Survey
(41)
Data
(30)
open source supply chain
(29)
50 Milk St, 16th Floor, Boston, MA 02109.svg){kind=icon}