Skip to content

YES: YAML Enterprise Sustainability

Say YES to YAML's future

YAML is the invisible backbone of modern infrastructure. From Kubernetes to Ansible, from CI/CD pipelines to cloud configurations, YAML touches every part of your technology stack.

But like many critical open source projects, YAML infrastructure has relied on volunteer maintenance. The YES Program changes that.

When compliance asks "who maintains this?"

The EU Cyber Resilience Act and modern supply chain requirements share one question: who is accountable for this software?

For YAML libraries, the answer is simple: we are. YAML LLC is led by YAML's co-creator, and we maintain the libraries that power Kubernetes, Ansible, and your entire stack.

YES members can tell auditors exactly who maintains their YAML infrastructure—and prove it.

What is YES?

YES is an enterprise sponsorship program that unites leading organizations to fund and guide the professional maintenance, security, and advancement of critical YAML technologies.

The Problem

  • YAML libraries like go-yaml, pyyaml, and libyaml power millions of production systems
  • These projects have historically depended on volunteer contributors
  • Security vulnerabilities can have massive downstream impact
  • Companies need professional-grade support and priority security notifications

The Solution

YES brings together enterprises that depend on YAML to ensure:

  • Professional maintenance from YAML's co-creator and core maintainers
  • Enterprise-grade security with early CVE notifications and fix timelines
  • Strategic influence over YAML's roadmap and future development
  • Expert support for critical YAML infrastructure

Core Benefits

Every YES member receives:

  • Security First

    48-hour early CVE notifications and security bulletins with fix timelines

  • Roadmap Influence

    Vote on quarterly roadmap priorities and shape YAML's evolution

  • Member Forum

    Access to exclusive YES member forum and quarterly virtual town halls

  • Recognition

    YES Member badge, logo usage rights, and recognition on yaml.com

Membership Tiers

Core + Choice Model

All YES members get the core benefits above. Choose your tier based on your needs, and select additional benefits that matter most to your organization.

Core benefits + Choose 2:

  • 10 support hours (email/chat/voice)
  • Virtual training workshop (half-day)
  • Quarterly security review of your YAML usage
  • Conference booth session with Ingy
  • Beta access to new features
  • Monthly roadmap planning participation

Learn More →

Core benefits + Choose 4:

  • 25 support hours (all channels)
  • Virtual or on-site training workshop
  • Conference booth sessions (2 events)
  • Quarterly 1-on-1 with Ingy (virtual)
  • Annual YAML infrastructure audit
  • YAMLScript early access
  • Co-marketing opportunity
  • Custom feature request priority

Learn More →

Core benefits + Choose 6:

  • 50 support hours (all channels)
  • All training workshops (virtual)
  • On-site training/consulting (2 days)
  • Conference booth sessions (unlimited)
  • Quarterly 1-on-1 with Ingy
  • Annual security audit + quarterly reviews
  • YAMLScript enterprise license
  • Contract development services
  • Keynote/speaking opportunity
  • Custom feature development input
  • Emergency hotline access

Learn More →

Compare All Benefits →

Why Join YES?

For Your Business

Risk Mitigation: Early security notifications can prevent million-dollar breaches. Professional maintenance ensures infrastructure reliability.

Expert Access: Direct access to YAML's co-creator and the maintainers of go-yaml, pyyaml, libyaml, and YAMLScript.

Strategic Influence: Shape the roadmap of infrastructure that powers your business. Ensure your needs are prioritized.

Cost Effective: More affordable than hiring internal YAML expertise ($150K+ annually). Better than waiting for volunteer fixes.

For the YAML Ecosystem

Sustainable Maintenance: Professional, funded development instead of relying on volunteer time.

Faster Security Response: Dedicated resources for security audits, vulnerability fixes, and timely updates.

Accelerated Innovation: Resources to develop new features like YAMLScript and improve existing libraries.

Community Health: Ensures the long-term viability of projects millions of systems depend on.

Who Should Join?

YES is designed for:

  • Cloud infrastructure companies (AWS, Azure, GCP, DigitalOcean)
  • DevOps tooling companies (GitLab, HashiCorp, CircleCI, GitHub)
  • Large enterprises with significant Kubernetes/Ansible deployments
  • Financial services with strict security and compliance requirements
  • Any organization where YAML is mission-critical infrastructure

Projects We Support

YES funds the professional maintenance of:

  • go-yaml - Powers Kubernetes, Helm, and Kustomize
  • pyyaml - Foundation of Ansible and Python's YAML ecosystem
  • libyaml - Fast C library used by many implementations
  • YAMLScript - Next-generation YAML programming language

Ready to Join?

Contact Us About YES →

Compare Tiers & Benefits →

Frequently Asked Questions

How does the 'choose your benefits' model work?

When you join, you select the specific additional benefits that matter most to your organization from your tier's menu. You can adjust your selections at renewal time. This ensures you get maximum value from your investment.

Can we upgrade or downgrade tiers?

Yes! You can change tiers at your annual renewal. Mid-year upgrades are also possible with pro-rated pricing.

What happens if we don't use all our support hours?

Support hours don't roll over year-to-year, but you can apply unused hours toward à la carte services like additional training or audits.

How do early CVE notifications work?

When a security vulnerability is discovered in a YES-supported project, all members receive notification 48 hours before public disclosure, along with mitigation guidance and expected fix timelines.

Is YES just another donation platform?

No. YES is professional enterprise support with clear deliverables, SLAs, and direct accountability. You're purchasing professional maintenance and strategic partnership, not making a charitable donation.

What about open source values?

YES strengthens open source by providing sustainable funding for critical projects. All code remains open source. All security fixes are public. We're making open source sustainable, not privatizing it.