Apps, Services, Tools and IDEs


Are there plans to include support for projects that wouldn’t be caught by the dependency tracker? For example, I’m pretty sure a lot of businesses use git, jenkins and vim/emacs; likely including businesses currently subscribed to tidelift but when searching for some of these on tidelift there are no matches for those exact projects (only libs that wrap those tools, etc).

I understand it’s a hard problem but I’m wondering if it’s on the near term roadmap?

One quick way to do this kind of analysis might be to look at dot files in subscriber projects and infer from that the the project is using the service/tool being configured. This wouldn’t work for all tools and service but should work for many continuous integration tools, code maintenance tools and some IDEs.



1 Like

:wave: good question! We wrote out a pretty detailed description of our 2019 (and possibly 2020) product roadmap in this post, so I definitely encourage you to check that out if you haven’t seen it yet!

Right now, we are focused on projects distributed through package managers (you can find the full list of package managers that we support here), and we’re going to continue focusing on supporting the maintainers of these libraries before shifting to other forms of open source projects.

To go along with the types of projects you mentioned, some others that we’d love to help are core languages (e.g. CPython), package managers (e.g. RubyGems), and low level C libraries (e.g. Curl), but we’re not ready to add support for those just yet.