Supporting less well known, but widely used, packages is an express goal of Tidelift.
Here's how we do it: When professional teams subscribe to Tidelift, we identify all of the open source dependencies they rely on, including the “hidden” transitive dependencies. Then, we partner with the individuals and teams who maintain those packages to provide security, licensing, and maintenance assurances. In exchange for maintaining their packages as part of the Tidelift Subscription, we deliver a predictable income stream to those open source creators.
For more on our approach, check out:
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.