<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">

Featured

What makes an open source package “bad” for enterprise use?

The most effective development teams adopt a proactive approach to managing the health and security of their open source dependencies. Explained in ...
Havoc Pennington
by Havoc Pennington
on March 6, 2024

The current state of package invalidation support across package managers

By Tieg Zaharia on April 1, 2021
Deprecate, retract, unpublish, abandon, yank, orphan, archive... What do all these have in common? Well, they’re different terms for what I’ll call ...

Package signing across package managers

By Tieg Zaharia on June 11, 2020
Package signing across package managers Recently I looked at the state of 2FA support across package managers. 2FA adds a layer of security by ...

All new! The Tidelift guide to choosing open source packages well

By Amy Hays on March 17, 2020
How does your organization currently vet the open source packages you’re using to build your apps?

Tidelift at O'Reilly Software Architecture Conference

By Jerika Phelps on February 24, 2020
Tidelift is heading to New York City! We’ll be sponsoring the O’Reilly Software Architecture Conference on February 23-26. We’re looking forward to ...

Why coordinated security vulnerability disclosure policies are important

By Jeremy Katz on January 21, 2020
We believe that working with maintainers to create coordinated security vulnerability policies is important. Why? Here’s one story to illustrate.

The simple magic of package manifests and lockfiles

By Jeremy Katz on December 12, 2019
If you aren’t using open source components to build your apps, you’re not living in 2019. Our research suggests 92% of professional applications are ...

Intro to managed open source p. 1: keeping your open source components secure

By Jeff Stern on December 4, 2019
Over the next few weeks I’ll be highlighting each of the key features of the Tidelift Subscription in a series of blog posts. Today in part one I ...

Managed open source: Tidelift expands to 1,000 open source projects, launches new capabilities for teams

By Havoc Pennington on April 30, 2019
Nearly all application developers rely heavily on open source code, yet most organizations don’t have a strategy to keep that code secure and well ...

Material-UI is now part of the Tidelift Subscription

By Brenna Heaps on August 21, 2018
We’re happy to share that the Tidelift Subscription now includes support for Material-UI!

Don't miss the latest from Tidelift

Filter by Topic