🚨
What you need to know about the Log4Shell vulnerability
For maintainers
Log in
Product
Overview
Scope of support
Pricing
SCHEDULE DEMO
Resources
All Resources
Log4Shell
Guides & Reports
Webinars
Surveys
Documentation
Videos
Blog
Partnerships
Podcasts
Events
Featured packages
LOG4J VULNERABILITY RESOURCES
About
About Tidelift
Press
Contact Us
JOIN THE TIDELIFT TEAM
Blog
FREE TRIAL
Featured
Upstream webinar: Kevin Fleming from Bloomberg explains how your org can best help the open source projects you use
What should corporate, enterprise users of open source do to help the upstream maintainers and communities that make the software they use thrive? ...
by
Amy Hays
on August 10, 2021
Filter by Topic
Managed open source
(56)
Lifters
(52)
Maintainers
(44)
Data
(27)
Dependencies
(25)
Events
(25)
NPM
(24)
Subscription
(24)
Open Source Software
(23)
Developers
(22)
Sustainability
(22)
the Tidelift Subscription
(22)
JavaScript
(21)
Licensing
(21)
open source licenses
(20)
Lifter Interview
(19)
Packages
(18)
Python
(16)
Package Managers
(14)
Survey
(13)
Vue
(13)
Libraries.io
(12)
Security
(12)
Pay the Maintainers
(11)
2020 managed open source survey
(10)
Open source supply chain solutions
(10)
Package Management
(10)
Teamwork
(10)
Tidelift catalogs
(10)
Java
(9)
Maven
(9)
2019 managed open source survey
(8)
Free trial
(8)
PyPI
(8)
Upstream
(8)
PHP
(7)
Product updates
(7)
jfrog
(7)
open source supply chain
(7)
Intro to managed open source
(6)
Log4Shell
(6)
Metrics
(6)
webinar
(6)
Apache Log4j2 <=2.14.1
(5)
Ruby
(5)
VueConf
(5)
VueJS
(5)
Vuetify
(5)
log4j
(5)
rubygems
(5)
2021 maintainer survey
(4)
AWS
(4)
AWS:reinvent
(4)
Financial services
(4)
GitHub
(4)
Linux
(4)
Packagist
(4)
The 2021 Tidelift open source maintainer survey
(4)
White House executive order 14028
(4)
podcast
(4)
remote team
(4)
remote work
(4)
Application Development
(3)
Bloomberg
(3)
COVID-19
(3)
Changelog
(3)
Dependency hell
(3)
FinTech
(3)
Good docs
(3)
Google
(3)
Government
(3)
Hacker
(3)
How to
(3)
IDC
(3)
Log4j vulnerability
(3)
Maintenance
(3)
MongoDB
(3)
Mongoose
(3)
Open Source Initiative
(3)
Package manager
(3)
Project Lombok
(3)
Pupdates
(3)
Python Software Foundation
(3)
React
(3)
The Python Software Foundation
(3)
Tidelift-managed catalogs
(3)
copyleft licenses
(3)
dependency health
(3)
devops
(3)
ethical open source licenses
(3)
open source support
(3)
recession
(3)
sBOMs
(3)
software supply chain
(3)
supply chain attacks
(3)
urllib3
(3)
2020 survey
(2)
451 Research
(2)
Artifactory
(2)
Babel
(2)
Enterprise
(2)
GNU Public License
(2)
Gartner
(2)
GitLab Commit
(2)
Golang
(2)
Gulp JS
(2)
Hippocratic (aka Do No Harm) License
(2)
Hiring
(2)
Interface
(2)
Laravel
(2)
Maintainer Week
(2)
Material-UI
(2)
NumFocus
(2)
NumPy
(2)
NuxtJS
(2)
PSF
(2)
Productivity
(2)
Red Hat
(2)
Server Side Public License
(2)
SolarWinds
(2)
Vulnerabilities
(2)
Webpack
(2)
ajv
(2)
catalogs
(2)
commercial assurance
(2)
composer
(2)
cooking with tidelift and jfrog
(2)
copyleft
(2)
diversity
(2)
documentation
(2)
eslint
(2)
known-good open source
(2)
nodejs
(2)
pandas
(2)
security vulnerability
(2)
swampup
(2)
2021 survey
(1)
2FA
(1)
996.icu
(1)
996.icu license
(1)
AGPL
(1)
AGPL v3
(1)
APIs
(1)
Active Admin
(1)
Apache License
(1)
Beautiful Soup
(1)
Blue Oak Model License
(1)
Browserify
(1)
Bundler
(1)
Byte Buddy
(1)
CHIME
(1)
CLI
(1)
CVE
(1)
Carbon
(1)
Careers
(1)
Commercial Open Source Software
(1)
Community
(1)
Community health files
(1)
CommunityBridge
(1)
Contributing to open source
(1)
Cryptographic Autonomy License
(1)
DXY.cn
(1)
Dependency analyzer
(1)
DevOps Enterprise Summit
(1)
Digital Ocean
(1)
Digital transformation
(1)
Django
(1)
DjangoCon
(1)
ECMAScript 5
(1)
Elastic
(1)
Evil Martians
(1)
Fidelity Investments
(1)
Forrester
(1)
Free Software Foundation
(1)
GPL
(1)
GPL v3
(1)
Girls Who Code
(1)
GitHub Marketplace
(1)
GitHub Satellite
(1)
Global Maintainer Summit
(1)
Hacktoberfest
(1)
Jade
(1)
Legal
(1)
Lerna project
(1)
License Zero
(1)
Lifter help
(1)
Lighthouse PHP
(1)
Locale.ai
(1)
MITRE
(1)
Maintainerati
(1)
Microsoft
(1)
Mockito
(1)
Nuxt
(1)
OSCON
(1)
OSI
(1)
OSPO
(1)
OSPOCON
(1)
OSS
(1)
Open Source Leadership Summit
(1)
OpenJS Collaborator Summit
(1)
Oracle
(1)
Path-to-RegExp
(1)
Penciljs
(1)
Pillow
(1)
Pug JS
(1)
Pupdate
(1)
PyCon
(1)
Pylint
(1)
Pyparsing
(1)
QCon
(1)
Ramda Adjunct
(1)
React-Native
(1)
Research
(1)
Ruby Together
(1)
Rust
(1)
SSPL
(1)
SciPy
(1)
SerenityJS
(1)
Slack
(1)
Slim Framework
(1)
StandardJS
(1)
Stratus Digital Systems
(1)
Sudo Show
(1)
SugarCRM
(1)
Symfony
(1)
TC39
(1)
TFiR
(1)
Tidelift advisory
(1)
Tools
(1)
Two Factor Authentication
(1)
USGS
(1)
Underscore
(1)
University of Michigan
(1)
Upstream thinking
(1)
Vue 3
(1)
Vue vs React
(1)
What is a package manager
(1)
White House executive order
(1)
agile
(1)
ama
(1)
analyst firm
(1)
anti-carbon license
(1)
array flatten
(1)
artifacts
(1)
autoprefixer
(1)
backbone
(1)
backend framework
(1)
burnout
(1)
byebug
(1)
case study
(1)
code health
(1)
command line integration
(1)
coordinated security vulnerability disclosure
(1)
coronavirus
(1)
critical vulnerability
(1)
curl
(1)
cybersecurity
(1)
data science
(1)
decentralized internet
(1)
demo
(1)
docs advocacy
(1)
es5-shim
(1)
event
(1)
finos
(1)
formidable
(1)
google monorepo
(1)
grape
(1)
halfnium microsoft exchange
(1)
json
(1)
lock files
(1)
managing open source
(1)
mental health
(1)
nuget
(1)
o'reilly
(1)
observability
(1)
open source scanning tools
(1)
open source software support
(1)
open source strategy forum
(1)
open source summit
(1)
opencore
(1)
package health
(1)
package invalidation
(1)
package manifests
(1)
package selection
(1)
package signing
(1)
php html parser
(1)
phpstan
(1)
pluralize
(1)
polyfills
(1)
postcss
(1)
react-native-camera
(1)
reactivity
(1)
redmonk
(1)
requests
(1)
rights ratchet
(1)
ruby grape
(1)
software architects
(1)
software bills of materials
(1)
software engineers
(1)
supply-chain compromises
(1)
swift
(1)
tech books
(1)
the Apache Foundation
(1)
the Flarum Foundation
(1)
the Linux Foundation
(1)
the Polyform Project
(1)
third_party_prefix
(1)
unfunded mandates
(1)
vue 2
(1)
vue catalog
(1)
vuesax
(1)
websockets
(1)
wordpress
(1)
zero-day fire drill
(1)
See All
