Thanks to the Solarwinds fiasco, we now see the importance of knowing what’s really in your software supply chain. Tidelift is doing just that for open-source projects with its Tidelift catalogs.
Article Link: https://www.zdnet.com/article/securing-your-open-source-software-supply-chain-with-tidelift-catalogs/#ftag=RSSbaffb68