<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=705633339897683&amp;ev=PageView&amp;noscript=1">

Guides and reports

The Tidelift guide to reducing security risk from bad open source packages
Learn how to proactively reduce security risk from bad open source packages and use open source with confidence with the Tidelift Subscription.
10 questions you should answer before using an open source project
The easiest way to avoid having to replace problematic open source dependencies is to not bring them in at all. Learn more in our newest inforgraphic.
The Tidelift 2023 open source maintainer impact report
Hundreds of maintainers responded with thoughts about how they fund their work, what they enjoy about being a maintainer, what they don’t like so much, along with a host of other interesting insights.
Tidelift advisory: impacts of the new White House cybersecurity executive order on application development teams
Recently, the White House issued a much anticipated executive order on improving the cybersecurity of the United States.
Cooking with Tidelift
We thought it might be fun to tell the story of how the Tidelift Subscription works—as a children's book.
The Tidelift guide to securing your open source dependencies
Learn how a managed open source strategy can help ensure that the components you use to build applications consistently adhere to security best practices.
The Tidelift guide to working with open source licenses
We explain important licensing considerations for any team using open source components.
The Tidelift guide to choosing open source packages well
Learn how to quickly and safely choose the best packages for your application development projects.