Take a tour
Scope of support
Resources
Blog
Tools
Guides
Videos
Checklists
Podcasts
Webinars
News
Surveys
Solutions
Partnerships
Events
About
For Maintainers
Log In
Try It free
Featured
Why coordinated security vulnerability disclosure policies are important
We believe that working with maintainers to create coordinated security vulnerability policies is important. Why? Here’s one story to illustrate.
by
Jeremy Katz
on January 21, 2020
Filter by Topic
Lifters
(43)
Maintainers
(38)
Managed open source
(32)
Data
(26)
Subscription
(24)
Dependencies
(22)
Sustainability
(22)
Developers
(21)
Packages
(18)
the Tidelift Subscription
(18)
Licensing
(16)
Lifter Interview
(16)
Open Source Software
(16)
JavaScript
(14)
Libraries.io
(13)
Package Managers
(13)
NPM
(11)
Security
(11)
Teamwork
(10)
Events
(9)
2019 managed open source survey
(8)
Python
(8)
Survey
(8)
open source licenses
(8)
Free trial
(7)
Vue
(7)
Intro to managed open source
(6)
Metrics
(6)
Package Management
(6)
Maven
(5)
Java
(4)
Linux
(4)
Pay the Maintainers
(4)
Application Development
(3)
Hacker
(3)
How to
(3)
Project Lombok
(3)
PyPI
(3)
React
(3)
Changelog
(2)
Dependency hell
(2)
Enterprise
(2)
FinTech
(2)
Financial services
(2)
GitHub
(2)
GitLab Commit
(2)
Gulp JS
(2)
Hiring
(2)
Maintenance
(2)
Material-UI
(2)
MongoDB
(2)
Mongoose
(2)
PHP
(2)
Product updates
(2)
Productivity
(2)
Python Software Foundation
(2)
Vuetify
(2)
Vulnerabilities
(2)
Webpack
(2)
2FA
(1)
996.icu
(1)
996.icu license
(1)
AGPL
(1)
AGPL v3
(1)
APIs
(1)
AWS:reinvent
(1)
Active Admin
(1)
Babel
(1)
Blue Oak Model License
(1)
Browserify
(1)
Bundler
(1)
Byte Buddy
(1)
CVE
(1)
Carbon
(1)
Careers
(1)
Commercial Open Source Software
(1)
Community
(1)
Community health files
(1)
CommunityBridge
(1)
Cryptographic Autonomy License
(1)
Dependency analyzer
(1)
DevOps Enterprise Summit
(1)
Django
(1)
DjangoCon
(1)
Free Software Foundation
(1)
GPL
(1)
GPL v3
(1)
Gartner
(1)
Girls Who Code
(1)
GitHub Marketplace
(1)
GitHub Satellite
(1)
Good docs
(1)
Google
(1)
Hippocratic (aka Do No Harm) License
(1)
Jade
(1)
Legal
(1)
Lerna project
(1)
License Zero
(1)
Lifter help
(1)
Maintainerati
(1)
NumFocus
(1)
NumPy
(1)
OSCON
(1)
Open Source Initiative
(1)
Open Source Leadership Summit
(1)
OpenJS Collaborator Summit
(1)
Oracle
(1)
PSF
(1)
Package manager
(1)
Packagist
(1)
Pillow
(1)
Pug JS
(1)
Pylint
(1)
QCon
(1)
React-Native
(1)
Red Hat
(1)
Research
(1)
Ruby
(1)
Ruby Together
(1)
SciPy
(1)
Server Side Public License
(1)
Slim Framework
(1)
StandardJS
(1)
The Python Software Foundation
(1)
Tools
(1)
Two Factor Authentication
(1)
University of Michigan
(1)
Vue vs React
(1)
What is a package manager
(1)
ajv
(1)
anti-carbon license
(1)
byebug
(1)
commercial assurance
(1)
coordinated security vulnerability disclosure
(1)
copyleft
(1)
data science
(1)
diversity
(1)
eslint
(1)
ethical open source licenses
(1)
json
(1)
lock files
(1)
nodejs
(1)
package manifests
(1)
pandas
(1)
phpstan
(1)
postcss
(1)
react-native-camera
(1)
rubygems
(1)
security vulnerability
(1)
the Linux Foundation
(1)
the Polyform Project
(1)
urllib3
(1)
websockets
(1)
zero-day fire drill
(1)
See All
