As part of the xz discussion, some asserted that “paying maintainers doesn’t work—we tried to give people money and they wouldn’t take it.” Suffice ...
A few weeks ago, a very sinister, sophisticated hack was uncovered in an obscure but ubiquitous Linux library called xz utils.
As we count down to this year’s Upstream, we’ll be looking back at Upstream moments from years past. Discover how topics may have changed and how ...
As we continue to watch the attempted xz utils backdoor hack unfold, I’ve been following several conversations where questions are being raised about ...
For those of you who may have been living under a rock for the last year, Artificial Intelligence (AI) and Machine Learning (ML) are now at the ...
Webinar highlights: In the open source software security predictions webinar this week, our team of expert prognosticators sees 2024 bringing us open ...
We regularly feature posts from our maintainer partners. In this case, we asked Python maintainer Hynek Schlawack to share his thoughts on how being ...
Pay the maintainers! That’s our rallying cry at Tidelift, so we were delighted to read a new article from The New Stack by Heather Joslyn succinctly ...
Today, the U.S. Office of the National Cyber Director (ONCD) released a request for information (RFI) entitled Open-Source Software Security: Areas ...