Tidelift helps organizations minimize open source software-related risk by making proactive decisions about which open source components to use. One way we do this is by providing organizations with reliable insights they can use to make better decisions about which open source packages to approve or deny for application development based on automated security, maintenance, and licensing standards.
Today, we’re excited to announce the auto status functionality as part of our standards engine. This feature brings a higher level of automation and efficiency to help accelerate decision making for our customers. Auto status leverages the standards configured by a user to automatically approve or deny a particular package or release, thus eliminating manual review of potential issues. In cases where a package is denied, users can still manually review issues and provide overrides where appropriate.
What is the value here for organizations?
Organizations can set up specific standards for open source, and have each new package release evaluated instantly so developers always know which releases are allowed or denied. This improves developer clarity earlier in their development cycle, reduces the burden of switching releases or packages at build time, and takes the burden off compliance teams who previously needed to evaluate each release manually.
Using auto status
With auto status enabled, organizations can choose how standards violations are handled.
For example, when the “create a task…” option is enabled in a standard, a task will be created when violations are found. Customers can then choose to keep or override the decision Tidelift has made for them. (Visit our documentation portal for more about creating overrides.)
Another example is the “allow the use of…” option which, when enabled, Tidelift won’t deny the release due to violations of the standard. The violation will be allowed for the release and Tidelift will track the violation across the organization.
Insights on automated decisions
We have also built an audit trail that makes it easy to review the automated decisions made via auto status. Users can access details on which standards violations were found and analyzed as part of the decision making.
Learn more about auto status
Customers using auto status can streamline administration of their catalog, improving decision-making, and making the process faster for developers to know if they can use an open source package.
If you’re an existing customer, this functionality is available to you directly through your subscription. If you’re new to Tidelift, we invite you to learn more about how the Tidelift Subscription can help your organization manage open source effectively.