Featured

The current state of two-factor authentication across package managers

Recently at Tidelift we started asking our partnered maintainers (we call them “lifters”) to confirm that they have Two-Factor Authentication (2FA) ...
Tieg Zaharia
by Tieg Zaharia
on July 23, 2019

Had enough of zero-day fire drills?

By Havoc Pennington on December 6, 2018
Yeah, there will always be more.

Event-stream: 100 million downloads, unmaintained, hacked. Now can we pay the !@#$% maintainers?

By Keenan Szulik on November 27, 2018
Late last week, users of the popular JavaScript library event-stream discovered a vulnerability in the package caused by a malicious actor who had ...

Don't miss the latest from Tidelift

Filter by Topic

See All