Introducing catalogs: customized, managed open source. Free demo.

Managed open source. Backed by maintainers.

Customizable catalogs of known-good, proactively-maintained JavaScript, Python, Java, PHP, Ruby, and .NET components

Free Demo




The Tidelift Subscription



Stop parsing painful scanner reports

full of false positives and open source trivia
Create-catalog (1)

Start using our catalogs of known-good open source components

that are proactively managed for you

Create your own catalogs of approved components,

and customize specifically for your organization

Speed up application development, save money, and reduce risk when building apps with open source.




Verified updates for zero-day vulnerabilities, coordinated security responses, and immediate notifications of which of your applications are impacted, with the fix prepared for you. Like your phone, just "apply updates" to stay secure.


Verified-accurate open source licenses (including IP indemnification) and customizable policy enforcement. Your up-to-date software “bill of materials” is always one click away.


Tidelift continuously guides you on your upgrade path, steering you towards the best packages and versions for your particular application. It’s like a GPS for open source software.

Free Demo

Meet the maintainers

The Tidelift Subscription is created in direct cooperation with the maintainers behind a broad range of community-led open source projects.

This creates the ideal alignment between the users of open source packages and the best experts you could hope to enlist—the actual open source contributors who maintain that software, and often created it in the first place.

Because maintainers are paid a reliable income for their ongoing work, they can dedicate their efforts towards keeping their software enterprise ready.

And maintainer income scales as more subscribers use their packages. More income means more investment making their software even better, faster.

That alignment of interests between users and creators just makes sense. It's a win-win.

Are you an open source maintainer? Learn more and see if your package is eligible for income.


"Tidelift has a really interesting approach to funding open source work. It's a pretty simple concept: maintainers get paid and the organizations who use their projects get the support and dependability they need in return."

- Evan You, Vue.js (Javascript)


"Tidelift has a solution for those companies that would otherwise have to pay many open source projects small amounts each year."

- Roel Spilker, Project Lombok (Java)


"Tidelift formalizing a lot of the project minutiae is incredibly helpful—things we should do but often don't, because there are other things to be done."

- Alex Clark, Pillow (Python)


Resources to get you started

Managed open source: best practices for app development in a downturn

Managed open source: best practices for app development in a downturn

451 Research Principal Analyst Jay Lyman & Tidelift CEO Donald Fischer share how leading orgs use managed OSS to build apps safely & effectively.
Watch Now
The Tidelift guide to managed open source

The Tidelift guide to managed open source

Want to understand the best practices for responsibly using open source components in your organization?
Download Now
451 Research | Pathfinder Report: Managed open source

451 Research | Pathfinder Report: Managed open source

Principal analyst Jay Lyman shares data about the increasing prominence of open source as an enterprise development and IT operations priority.
Download Now
See More Resources