Tidelift Icon Tidelift – Sponsored

Best practices for managing your open source artifacts

logged by @logbot permalink

Our research shows that up to 20% of open source dependencies aren’t being maintained at all.

This is a real problem, and most organizations struggle to manage their open source and come up with good solutions for how to keep it up to date and secure. We find that organizations tend to use an approach somewhere on the spectrum from these two extremes:

  1. Move fast. Any developer can bring in any component they want, YOLO, and take the risk that bad things may happen if these components fall out of date or aren’t being properly maintained.
  2. Stay safe. Set up approval chains for introducing new open source components, implement scanning tools that point out any possible issue, and slow down development, potentially frustrating your top developers and missing market opportunities.

What if you didn’t have to choose? What if you could move fast and stay safe when developing applications with open source?

Tidelift co-founder Havoc Pennington joined forces with JFrog senior product manager Mark Galpin to explore ways to help your developers move fast and stay safe when building with open source. You can hear their recommendations yourself in this short 30 minute webinar.

Watch now

0:00 / 0:00