<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">

Featured

Is xz actually an open source success story?

It’s been just over two weeks since we all learned about a backdoor that had been slowly and carefully placed in the xz-utils library over a period ...
Jeremy Katz
by Jeremy Katz
on April 17, 2024

Paying maintainers: the HOWTO

By Luis Villa on April 15, 2024
As part of the xz discussion, some asserted that “paying maintainers doesn’t work—we tried to give people money and they wouldn’t take it.” Suffice ...

Maintainer panel: Hear from maintainers in a post-xz utils backdoor world

By Amy Hays on April 15, 2024
A few weeks ago, a very sinister, sophisticated hack was uncovered in an obscure but ubiquitous Linux library called xz utils.

Upstream rewind: the 2023 Upstream maintainer panel and the insights that resonate in 2024

By Caitlin Bixby on April 11, 2024
As we count down to this year’s Upstream, we’ll be looking back at Upstream moments from years past. Discover how topics may have changed and how ...

The ROI of paying open source maintainers (in light of the xz utils backdoor)

By Lauren Hanford on April 8, 2024
As we continue to watch the attempted xz utils backdoor hack unfold, I’ve been following several conversations where questions are being raised about ...

5 of the Python packages most relied upon for AI are powered by Tidelift maintainer partners

By Kacey Bradford on March 19, 2024
For those of you who may have been living under a rock for the last year, Artificial Intelligence (AI) and Machine Learning (ML) are now at the ...

Recap: 2024 open source software security predictions webinar

By Caitlin Bixby on January 19, 2024
Webinar highlights: In the open source software security predictions webinar this week, our team of expert prognosticators sees 2024 bringing us open ...

Not all open source work is equal

By Hynek Schlawack on October 24, 2023
We regularly feature posts from our maintainer partners. In this case, we asked Python maintainer Hynek Schlawack to share his thoughts on how being ...

New article from The New Stack highlights why we need to pay the maintainers

By Amy Hays on September 21, 2023
Pay the maintainers! That’s our rallying cry at Tidelift, so we were delighted to read a new article from The New Stack by Heather Joslyn succinctly ...

New RFI shows the U.S. gov effort to invest in open source is picking up steam 🚂

By Luis Villa on August 10, 2023
Today, the U.S. Office of the National Cyber Director (ONCD) released a request for information (RFI) entitled Open-Source Software Security: Areas ...

Don't miss the latest from Tidelift

Filter by Topic