Creating a catalog is the first step to bringing pre-approved open source package releases into your organization. In this article, we will describe how to import package releases from existing sources. In addition to what's outlined here, package releases can also be requested by developers.
You can import package releases into your catalog from existing projects. If you are not currently tracking any projects with the Tidelift Subscription, you will want to start tracking a project to get a bill of materials.
Importing package releases from the catalog overview page
From the catalog overview page:
- Select Import packages
- Under the projects subheading, select Select projects
- From here, you can select or Import from selected or Import from new project
We will automatically add all of the releases from the latest bill of materials into your catalog. If there are any standards violations, tasks will be created before they are approved.
Importing package releases from a bill of materials page
You can also import the package releases from a specific bill of materials.
- Navigate to Projects
- Select the desired project
- Under Alignments, select the linked (insert number) releases under Bill of materials
- On the bill of materials page, you'll find the bill of materials of all open source package releases found in that project
- Click the Request all… catalog button at the top of the page; all package releases will be added to your catalog