Support for internal packages

Tidelift can track non-public and internally-developed packages included in your projects. These packages are referred to as internal packages. 

With internal packages you can:

  • View them in your project's bill of materials
  • Include them in a catalog; setting approve and deny decisions about each release
  • Set their license information

Given that these packages are not publicly tracked by Tidelift, we do not provide the following:

  • License research
  • Security vulnerabilities
  • Security vulnerability recommendations
  • Maintenance information
  • Automatic identification of new releases

Tidelift automatically identifies and labels all non-public packages as an internal package. If a package is internal, it will be annotated with a "This is an internal package" description at the top of the package page.

Was this article helpful?
0 out of 0 found this helpful



Article is closed for comments.

Articles in this section