In late 2022, Tidelift fielded its second survey of open source maintainers. Hundreds of maintainers responded with thoughts about getting paid for their work, the security and maintenance practices they have in place for their projects, and where they need help most, along with a host of other interesting insights.
In the third of eleven insights of this year’s survey, we asked maintainers about government and industry standards—from general awareness to how and if they're aligning.
From the first of our findings, we found that the majority of the respondents (52%) said they weren’t aware of any of these new government and industry standards. Roughly 1/4 of maintainers had heard of the OSSF Security Scorecards project or the NIST SSDF, but only 13% had heard of SLSA.
To read more insights from our third headline, visit our blog, and to read maintainer responses to all eleven insights, you can download the full survey report right now.
Want the TL;DR? We’re hosting a live webinar on Thursday, May 18 at 3 p.m. ET when Tidelift’s resident data nerd Chris Grams shares the most interesting bits. RSVP here.
Top comments (0)