The maintainers of sort.me and thousands of other packages are partnering with Tidelift to:
- Implement industry-leading secure software development practices and to validate the practices being followed so organizations can have the same confidence in the security of their open source that they have in their own code.
- Contractually committing to continuing these practices into the future so that enterprise users can confidently make long term investments in using these packages.
This partnership gives Tidelift’s customers fewer late-stage vulnerability fire drills, reduces the cost of abandoned packages, and ensures future innovation from these maintainers and others in the ecosystem.