A tour of the Tidelift Subscription

When you purchase the Tidelift Subscription, we work on your behalf with the creators and maintainers of your specific open source dependencies to keep them in top shape. We also add additional services, advice, and indemnification around these dependencies.

The Tidelift Subscription includes a powerful set of software tools that help you track which packages you use, know when to apply recommended updates, and see how Tidelift's network of maintainers helps you over time.

Here's a tour of how subscribers use the Tidelift software tools.


Know where you stand

On our overview, we roll up some metrics to track over time across all your projects: security vulnerabilities, licensing concerns, unmaintained packages, and outdated packages.

Continuously improve

When most teams first analyze their dependencies, they have hundreds of problems it might be nice to address. Tidelift surfaces a few that we suggest tackling this week.


Dive into the details

Zooming in to a single repository, we show you detailed information about potential issues and a searchable, CSV-exportable catalog of the packages the repo depends on. To help you solve issues, we show recommendations powered by our network of upstream maintainers.

Prevent regressions

You can block code changes that make your dependencies worse on any of the dimensions we cover—including security, licensing, and maintenance. Configure your policy for which issues fail a build, and then add a check to any CI system you use. If you use GitHub.com, you can also configure our app to verify PRs.


See issues resolved for you

We're showing you problems, but we’re also bringing you solutions—that's the power of our network of creators and maintainers. If you depend on a package directly, you can fix problems with it. But most of the packages you use are dependencies-of-dependencies… we ask maintainers participating in the Tidelift network to fix those for you.

Be on top of things proactively

The Tidelift Subscription goes beyond fixing past mistakes. We also give you assurances about the future: we pay maintainers to stick around, so you don't have to keep jumping to new packages. We also work with maintainers to adopt best practices on security and licensing.


The Tidelift Subscription is a comprehensive solution

Together with our network of creators and maintainers, we're giving you a managed open source stack so you get your team's time back. Take this worry off your plate.

  • Know what you use and track metrics on how you're doing.
  • Identify ALL types of issues, including security, maintenance, and licensing problems.
  • Get help resolving those issues, even in indirect dependencies. It isn't all up to you.
  • Proactively keep your dependencies healthy with a network of engaged maintainers funded to spend time on commercial concerns.

Want to get a taste? We have a self-service free dependency analyzer—we'll show you where you stand at a high level, and give you three actionable suggestions to address today.
Try It