Webinar: How Bloomberg is supporting OSS by shifting left.
Register Now
For maintainers
Log in
Product
Overview
Tidelift-managed catalogs
Scope of support
Featured packages
Pricing
SCHEDULE DEMO
Resources
All Resources
Guides & Reports
Webinars
Documentation
Videos
Blog
Partnerships
Podcasts
Events
WATCH WEBINARS ON-DEMAND
About
About Tidelift
Press
Contact Us
JOIN THE TIDELIFT TEAM
Blog
FREE TRIAL
Featured
Software bills of materials are important—but they won't work at scale if we don't pay the maintainers
On June 2, the U.S. government posted a call for comments on the minimum elements that should be required in a software bill of materials (SBOM). At ...
by
Luis Villa
on June 22, 2021
Filter by Topic
Managed open source
(56)
Lifters
(52)
Maintainers
(41)
Data
(26)
Dependencies
(26)
NPM
(24)
Subscription
(24)
Developers
(22)
Open Source Software
(22)
Sustainability
(22)
the Tidelift Subscription
(22)
JavaScript
(21)
Licensing
(21)
open source licenses
(20)
Lifter Interview
(19)
Packages
(18)
Events
(16)
Python
(15)
Package Managers
(14)
Libraries.io
(13)
Security
(13)
Survey
(12)
Vue
(12)
2020 managed open source survey
(10)
Package Management
(10)
Teamwork
(10)
Tidelift catalogs
(9)
2019 managed open source survey
(8)
Free trial
(8)
Java
(8)
Maven
(8)
Pay the Maintainers
(8)
PyPI
(8)
PHP
(7)
Upstream
(7)
jfrog
(7)
Intro to managed open source
(6)
Metrics
(6)
Vuetify
(5)
open source supply chain
(5)
rubygems
(5)
2021 maintainer survey
(4)
Financial services
(4)
GitHub
(4)
Linux
(4)
Packagist
(4)
Ruby
(4)
VueConf
(4)
VueJS
(4)
remote team
(4)
remote work
(4)
webinar
(4)
Application Development
(3)
COVID-19
(3)
Changelog
(3)
Dependency hell
(3)
FinTech
(3)
Hacker
(3)
How to
(3)
Maintenance
(3)
MongoDB
(3)
Mongoose
(3)
Open Source Initiative
(3)
Package manager
(3)
Product updates
(3)
Project Lombok
(3)
Python Software Foundation
(3)
React
(3)
Tidelift-managed catalogs
(3)
copyleft licenses
(3)
dependency health
(3)
ethical open source licenses
(3)
open source support
(3)
recession
(3)
urllib3
(3)
2020 survey
(2)
451 Research
(2)
AWS:reinvent
(2)
Artifactory
(2)
Babel
(2)
Bloomberg
(2)
Enterprise
(2)
GNU Public License
(2)
Gartner
(2)
GitLab Commit
(2)
Golang
(2)
Good docs
(2)
Google
(2)
Government
(2)
Gulp JS
(2)
Hippocratic (aka Do No Harm) License
(2)
Hiring
(2)
IDC
(2)
Laravel
(2)
Maintainer Week
(2)
Material-UI
(2)
NumFocus
(2)
NumPy
(2)
NuxtJS
(2)
Productivity
(2)
Red Hat
(2)
Server Side Public License
(2)
SolarWinds
(2)
The 2021 Tidelift open source maintainer survey
(2)
The Python Software Foundation
(2)
Vulnerabilities
(2)
Webpack
(2)
ajv
(2)
catalogs
(2)
commercial assurance
(2)
composer
(2)
cooking with tidelift and jfrog
(2)
copyleft
(2)
diversity
(2)
eslint
(2)
known-good open source
(2)
nodejs
(2)
pandas
(2)
podcast
(2)
sBOMs
(2)
security vulnerability
(2)
software supply chain
(2)
supply chain attacks
(2)
swampup
(2)
2FA
(1)
996.icu
(1)
996.icu license
(1)
AGPL
(1)
AGPL v3
(1)
APIs
(1)
Active Admin
(1)
Apache License
(1)
Beautiful Soup
(1)
Blue Oak Model License
(1)
Browserify
(1)
Bundler
(1)
Byte Buddy
(1)
CHIME
(1)
CLI
(1)
CVE
(1)
Carbon
(1)
Careers
(1)
Commercial Open Source Software
(1)
Community
(1)
Community health files
(1)
CommunityBridge
(1)
Cryptographic Autonomy License
(1)
DXY.cn
(1)
Dependency analyzer
(1)
DevOps Enterprise Summit
(1)
Digital transformation
(1)
Django
(1)
DjangoCon
(1)
ECMAScript 5
(1)
Elastic
(1)
Evil Martians
(1)
Fidelity Investments
(1)
Forrester
(1)
Free Software Foundation
(1)
GPL
(1)
GPL v3
(1)
Girls Who Code
(1)
GitHub Marketplace
(1)
GitHub Satellite
(1)
Global Maintainer Summit
(1)
Jade
(1)
Legal
(1)
Lerna project
(1)
License Zero
(1)
Lifter help
(1)
Lighthouse PHP
(1)
Locale.ai
(1)
Maintainerati
(1)
Microsoft
(1)
Mockito
(1)
Nuxt
(1)
OSCON
(1)
OSI
(1)
OSS
(1)
Open Source Leadership Summit
(1)
OpenJS Collaborator Summit
(1)
Oracle
(1)
PSF
(1)
Path-to-RegExp
(1)
Penciljs
(1)
Pillow
(1)
Pug JS
(1)
Pupdates
(1)
PyCon
(1)
Pylint
(1)
Pyparsing
(1)
QCon
(1)
Ramda Adjunct
(1)
React-Native
(1)
Research
(1)
Ruby Together
(1)
Rust
(1)
SSPL
(1)
SciPy
(1)
SerenityJS
(1)
Slack
(1)
Slim Framework
(1)
Sonatype
(1)
StandardJS
(1)
Stratus Digital Systems
(1)
Sudo Show
(1)
SugarCRM
(1)
Symfony
(1)
TC39
(1)
TFiR
(1)
Tools
(1)
Two Factor Authentication
(1)
USGS
(1)
Underscore
(1)
University of Michigan
(1)
Upstream thinking
(1)
Vue 3
(1)
Vue vs React
(1)
What is a package manager
(1)
White House executive order
(1)
White House executive order 14028
(1)
agile
(1)
ama
(1)
analyst firm
(1)
anti-carbon license
(1)
array flatten
(1)
artifacts
(1)
autoprefixer
(1)
backbone
(1)
backend framework
(1)
byebug
(1)
case study
(1)
code health
(1)
command line integration
(1)
coordinated security vulnerability disclosure
(1)
coronavirus
(1)
curl
(1)
data science
(1)
decentralized internet
(1)
devops
(1)
documentation
(1)
es5-shim
(1)
event
(1)
finos
(1)
formidable
(1)
google monorepo
(1)
grape
(1)
halfnium microsoft exchange
(1)
json
(1)
lock files
(1)
nuget
(1)
o'reilly
(1)
observability
(1)
open source scanning tools
(1)
open source software support
(1)
open source strategy forum
(1)
opencore
(1)
package health
(1)
package invalidation
(1)
package manifests
(1)
package selection
(1)
package signing
(1)
php html parser
(1)
phpstan
(1)
pluralize
(1)
polyfills
(1)
postcss
(1)
react-native-camera
(1)
reactivity
(1)
redmonk
(1)
requests
(1)
rights ratchet
(1)
ruby grape
(1)
shift left
(1)
software architects
(1)
software bills of materials
(1)
software engineers
(1)
supply-chain compromises
(1)
swift
(1)
tech books
(1)
the Flarum Foundation
(1)
the Linux Foundation
(1)
the Polyform Project
(1)
third_party_prefix
(1)
vue 2
(1)
vue catalog
(1)
vuesax
(1)
websockets
(1)
wordpress
(1)
zero-day fire drill
(1)
See All
