and customize specifically for your organization
Verified updates for zero-day vulnerabilities, coordinated security responses, and immediate notifications of which of your applications are impacted, with the fix prepared for you. Like your phone, just "apply updates" to stay secure.
Verified-accurate open source licenses (including IP indemnification) and customizable policy enforcement. Your up-to-date software “bill of materials” is always one click away.
Tidelift continuously guides you on your upgrade path, steering you towards the best packages and versions for your particular application. It’s like a GPS for open source software.
The Tidelift Subscription is created in direct cooperation with the maintainers behind a broad range of community-led open source projects.
This creates the ideal alignment between the users of open source packages and the best experts you could hope to enlist—the actual open source contributors who maintain that software, and often created it in the first place.
Because maintainers are paid a reliable income for their ongoing work, they can dedicate their efforts towards keeping their software enterprise ready.
And maintainer income scales as more subscribers use their packages. More income means more investment making their software even better, faster.
That alignment of interests between users and creators just makes sense. It's a win-win.
"Tidelift has a really interesting approach to funding open source work. It's a pretty simple concept: maintainers get paid and the organizations who use their projects get the support and dependability they need in return."
"Tidelift has a solution for those companies that would otherwise have to pay many open source projects small amounts each year."
- Roel Spilker, Project Lombok (Java)
"Tidelift formalizing a lot of the project minutiae is incredibly helpful—things we should do but often don't, because there are other things to be done."
- Alex Clark, Pillow (Python)