Using Tidelift-approved releases

Tidelift manages a set of public-facing catalogs. These catalogs can be viewed here. If your organization would like your catalog to be a subset of one or more of these catalogs, you can use the All releases are approved by Tidelift standard. For example, you may want to only allow releases in your catalog that are also in Tidelift's Python Data Science catalog.

  1. From Catalog > Standards, configure the All releases are approved by Tidelift standard
  2. Select the Tidelift catalogs that you want your catalog to subset
  3. Turn the standard on

What happens when a requested package violates this standard?

If a developer requests to use this package release, Tidelift will check to see if the release is in one of the selected Tidelift catalogs. If it is not, a request task will be created with a standard violation.

Your catalog administrator will be able to decide if they will (1) deny the release or (2) create an exception and approve the release.

What happens if an already-approved package violates this standard?

A task will be created if a package is currently approved in your catalog and is no longer approved in Tidelift's catalog. For example, Tidelift may choose to deny a vulnerable or out-of-date release. 

Your catalog administrator will be able to decide if they will (1) deny the release or (2) create an exception and approve the release.

Still need help? Contact Us Contact Us