The #xz utils hack has shaken maintainer trust. Our 2024 survey shows: 66% less trusting of non-maintainer PRs 37% less trusting of co-maintainers But there's hope: "Trusting new maintainers by default is the open source way, and how it should remain." blog.tidelift.com/xz-utils-hack-…

How do we fund #opensource? 🤔 InfoWorld explores this crucial question, featuring insights from Tidelift (now Sonar) co-founder & CEO Donald Fischer and Tidelift partnered maintainers. infoworld.com/article/355784…

🤖 AI coding tools: what do #oss maintainers think? Our 2024 survey shows mixed feelings: 45% predict negative impact 31% foresee positive impact 64% less willing to accept AI-generated contributions Learn more about maintainer concerns in their words 👉 blog.tidelift.com/ai-based-codin…

Join us at #DevOpsDaysBoston on Oct 22! Kanish Sharma speaks on "Unpaid maintainers: The Security Threat No One Is Talking About (yet)" DevOpsDays Boston Learn about #oss maintainer challenges & success stories & why we need to #PayTheMaintainers Register: devopsdays.org/events/2024-bo…

Thank you Andres Almiray for being awesome! 😁🧡

The latest finding from the 2024 Tidelift (now Sonar) state of the #oss maintainer report: 71% of those under 26 (vs. 42% of those 46 🔼) use AI tools regularly 🤖 Overall, 48% of all maintainers are currently using AI tools in their work Read the entire finding 👉blog.tidelift.com/younger-open-s…

Don't miss lauren rae hanford at #SOSSFusion Atlanta tomorrow! Learn about: - Maintainer perspectives on #xz - New data from the 2024 state of #oss maintainer report - Real application impacts of investing in #opensource software Register: hubs.la/Q02Rdb8j0 OpenSSF #OpenSSF

The final finding from the 2024 Tidelift (now Sonar) state of the #oss maintainer report The oss maintainer community is graying: - Maintainers aged 46-65 doubled since 2021 - Only 10% < 26 (down from 25% in 2021) How can we attract the next gen of maintainers? 🤔 blog.tidelift.com/the-open-sourc…

Excellent synopsis🗒️and explanation for how and why G-Research Careers supports💪 #opensource software and the #OSS ecosystem. Join us! gresearch.com/news/how-g-res… The Linux Foundation Linux Foundation Europe OpenInfra Foundation OpenSSF FINOS OpenUK GitHub Tidelift (now Sonar) Open Collective

Join lauren rae hanford & @sethmlarson at #AllThingsOpen2024 TODAY! 1:45 PM ET Learn what it takes for a critical package to ship key features like: - Securing the dev, build, & release process - Responding quickly to vulns - Ensuring a community can grow & maintain the project

This Wednesday, Tidelift co-founder Luis Villa is speaking #TechCrunchDisrupt2024! Oct 30, 1:05 PM PST 🕜 Builder's Stage 🏢 The panel? "Free but not cheap: the open source dilemma" w/ @AevaBlack & Bogomil Balkansky Register now 👉 techcrunch.com/events/tc-disr…

NEW: a case study on the business impact of paying #oss maintainers to scale real-world app security Discover how one company saved $1.1M while reducing application risk by turning 37% of their packages from “unknown future” to reliably maintained! 💰 blog.tidelift.com/the-business-i…

What are the latest government actions impacting open source? 📜 🤔 Tidelift (now Sonar) co-founder and General Counsel Luis Villa rounds up the latest changes in the US and EU in a new post on the Tidelift blog 👉 blog.tidelift.com/cisa-cra-and-p…

We’re excited to share the story of jackson-databind maintainer Tatu Saloranta 🎉 With income from Tidelift (now Sonar) and our customers, he was able to remove risk from RCE vulnerabilities and implement secure software development practices. Watch the story 📺 👇

Key takeaways from Luis Villa’s recent #TechCrunchDisrupt2024 panel: - Current security model for securing #oss is insufficient - Volunteer maintainers can’t fix it alone - Orgs using oss must step up - New gov’t regulations will force the issue blog.tidelift.com/luis-villa-at-…

In the latest #OSSPodcast episode, Tidelift (now Sonar) Donald Fischer and Brian Fox @[email protected] Sonatype join hosts Josh Bressers and Kurt Seifried to discuss the current state of #oss, alongside findings from the most recent Tidelift and Sonatype reports on oss. Tune in here! 👉opensourcesecurity.io/2024/11/10/epi…

Are open source maintainers getting the support they deserve? 🤔 In a Techstrong TV interview, Tidelift (now Sonar) Donald Fischer & Sonatype Brian Fox @[email protected] discuss how paying maintainers boosts software security. Discover insights from recent surveys & reports. Watch here: techstrong.tv/videos/intervi…

The 2024 @Tidelift maintainer impact report is out! 🎉 See how one customer saved $1.1M & reduced app risk by 37% by investing directly in the security and resilience of their open source software. Read the full report here: bit.ly/3V0hgYi

Have you had a chance to read our 2024 maintainer impact report? 📚 Learn how one Tidelift (now Sonar) customer saved $1.1M and reduced application risk by 37%. Read here ▶️bit.ly/3ZgljlM

Big news! Sonar has entered a definitive agreement to acquire Tidelift to enhance the security and resilience of open source software. Together, we’re raising the bar for code quality and security. Read the blog post from our CEO Donald Fischer: bit.ly/41DkwwH