Tidelift
jackson-databind
Anchor.dev, maintainer of Fog and excon projects
Evil Martians
Tidelift
MeanIT Software and Mongoose
What's it like to be an open source maintainer in 2024? In an annual Upstream tradition, we sit down with a group of maintainers to hear directly from them to find out. This year's panel includes Valeri Karpov from Mongoose, Irina Nazarova of Evil Martians, Tatu Saloranta of jackson-databind, and Wesley Beary, who maintains popular Ruby projects fog and excon. We'll ask them about how the recent xz utils hack made them feel, how community and project health looks from their perspectives, ways enterprise users and organizations can help maintainers, and much more!
What's it like to be an open source maintainer in 2024? In an annual Upstream tradition, we sit down with a group of maintainers to hear directly from them to find out. This year's panel includes...
10 questions you should answer before using an open source project
When it comes to open source software security, many organizations rely heavily on software scanning (often called software composition analysis or SCA) as the primary means of defense.
The value of a proactive approach to open source application security
Learn how one large organization saved over $1.6M in manual package evaluation time and eliminated over 3,000 points of risk in applications running in production.
.png)
The guide to reducing security risk from bad open source packages
In this guide, we'll discuss how your organization can reduce risk by avoiding “bad” open source packages.