Support for unknown packages

Tidelift can track non-public and internally-developed packages included in your projects. These packages are referred to as unknown packages. 

Because these packages are not publicly tracked by Tidelift, we do not provide the following:

  • License research
  • Security vulnerabilities
  • Security vulnerability recommendations
  • Maintenance information
  • Automatic identification of new releases

With these unknown packages you can:

  • View them in your project's bill of materials
  • Include them in a catalog; setting approve and deny decisions about each release
  • Set their license information

Tidelift automatically identifies and labels all non-public packages as an unknown package. If a package is unknown, it will be annotated on the package page.

Screenshot 2024-03-14 at 16.23.08.png

Was this article helpful?
0 out of 0 found this helpful



Article is closed for comments.

Articles in this section