Increasingly, security vulnerabilities like Log4Shell are drawing more attention to open source software maintenance, and governments and industries around the world are making open source security a top priority. This increased attention has led to maintainers being asked to do more and more work.
Yet most maintainers are volunteers. A recent Tidelift maintainer survey showed that only 26% of maintainers make more than $1000 a year, and 45% earning nothing for their work. So almost three-fourths of maintainers earn pizza money or less to maintain the digital infrastructure we all rely on.
The crisis of overworked open source maintainers being asked to do more isn’t just wrong, it is dangerous.
At Tidelift, we want to change this. We see a world where open source maintainers get full recognition and compensation for the value they create. We see a world where maintainers thrive.
Seth Michael Larson, maintainer of urllib3, popular Python package with billions of downloads, and a Tidelift maintainer partner
Tidelift analyzes and aggregates the most meaningful industry standards, and pays open source maintainers to ensure their projects meet those standards. Examples of standards include annotating licenses, documenting security policies, properly tracking and communicating package dependencies, and implementing two-factor authentication.
We provide access to a streamlined dashboard that helps maintainers efficiently manage common package maintenance tasks, and we provide help and guidance to keep the work as quick and painless as possible. We also connect maintainers with a broader community of like-minded open source creators so they can share their experiences and learnings along the way.
Tidelift pays maintainers income based on a number of factors, including subscriber usage and strategic importance of a package to the overall health and resilience of the open source software supply chain.
We analyze each of our customers' uploaded software bills of materials (SBOMs) and distribute income to maintainers based on the projects subscribers use. In addition, we also make strategic assessments regarding projects that are critical to ensuring the health of the overall open source software supply chain, and provide base income to many of these projects as well. Read more about how we pay lifters.
See if your package is eligible for income right now by typing it into the search bar below.
Here are a few examples of how Tidelift working directly with the maintainers has helped bring benefits to the software supply chain that spread well beyond just the individual packages they maintain.
"There are a vast array of open source projects out there, and not all of them are at the same quality level. Tidelift helps people make a more educated decision when evaluating an open source project. This helps alleviate the pressure—and stress—of choosing the best components and libraries when a big, corporate project depends on it."
"After meeting with the Tidelift team, it was very obvious they were very passionate about Open Source Software and I was confident they had my best interests in mind."
"It’s a pretty simple concept: maintainers get paid and the organizations who use their projects get the support and dependability they need in return. I believe that this model helps us move closer to a future where many more maintainers like me can afford to work on their projects full time."
At Tidelift, we call our maintainer partners "lifters," in the spirit of the aphorism "a rising tide lifts all boats", to honor the critical role they play in making open source work better for everyone.
As a lifter you will be responsible for ensuring your open source package(s) meets pre-defined expectations around security, maintenance, and licensing.
More information about lifter responsibilities can be found on the lifter tasks page.
Join the hundreds of maintainers already partnered with Tidelift. See if your package is eligible for income on Tidelift and apply to lift your package, visit our community, or contact us directly at firstname.lastname@example.org. We look forward to partnering with you!