security-advisories is a part of the Tidelift Subscription

Tidelift is working with the maintainers of security-advisories and thousands of other projects to deliver commercial support and maintenance for the open source dependencies you use to build your applications.

The Tidelift Subscription

MANAGED OPEN SOURCE FOR APPLICATION DEVELOPMENT TEAMS

The Tidelift Subscription is a managed open source subscription for application dependencies covering millions of open source projects across JavaScript, Python, Java, PHP, Ruby, .NET, and more.

Your subscription includes:

SECURITY UPDATES

Keep your supply chain secure with patches for new security vulnerabilities.

LICENSING VERIFICATION AND INDEMNIFICATION

Stay covered with easy licensing policy enforcement and intellectual property indemnification.

MAINTENANCE AND CODE IMPROVEMENT

Ensure your open source dependencies are actively maintained, both now and into the future.

PACKAGE SELECTION AND VERSION GUIDANCE

Choose the best open source packages from the start—and then stay on the best releases.

ROADMAP INPUT

Take a seat at the table with the creators behind the software you use.

TOOLING AND CLOUD INTEGRATION

Works with GitHub, GitLab, Bitbucket, and more. Support for every cloud platform.

Bottom line: all the capabilities you expect—and require—from commercial software. But now, for all of the key open source software you depend on.

About security-advisories

security-advisories is a packagist library that is part of Tidelift Subscription.

roave/security-advisories is a PHP library that prevents installation of composer packages with known security vulnerabilities: no API, simply require it.

roave/security-advisories is available via the Packagist package manager.

FEATURED DOWNLOAD

The Tidelift guide to managed open source

Cover -- updated-tidelift-guide-to-managed-open-source.png