Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon

Renovate joins WhiteSource to help developers spend less time on manually resolving dependency updates

Save for later
  • 2 min read
  • 13 Nov 2019

article-image

Israel-based open source security and license compliance management company, WhiteSource, today announced its acquisition of Renovate, an open-source project for dependency updates. Renovate’s offerings will now be available for free under its new name, WhiteSource Renovate.

WhiteSource Renovate will be integrated into the WhiteSource product portfolio, which includes WhiteSource Core and WhiteSource for Developers. More importantly, WhiteSource will now offer the existing paid offerings of Renovate for free: a GitHub app, a GitLab app, and a self-hosted solution, all under the WhiteSource Renovate umbrella.

Why WhiteSource collaborated with Renovate?


Renovate basically provides automatic dependency updates. Many third-party modules can introduce bugs and vulnerabilities in a product.  The only reliable risk mitigation strategy is to keep dependencies continuously patched. In such scenarios, Renovate runs continuously to detect the latest available versions. You receive automated Pull Requests whenever dependencies need updating. It can also define schedules to avoid unnecessary noise in projects (e.g. for weekends or outside of working hours, or weekly updates, etc). Multiple languages and file types are supported in order to detect dependencies wherever you use them.

Acquiring a company like Renovate makes sense as it resonates with what WhiteSource already does. WhiteSource basically tracks vulnerabilities in open source packages. With Whitesource, organizations can track open source components in their code, identifying when there are vulnerabilities, and provide routes to fix them.

Last month, WhiteSource announced that it has raised $35 million to expand the scope of its work.

“We’re excited to add Renovate’s technology to the WhiteSource product line, and we’re looking forward to getting it into the hands of as many developers as possible,” said Rami Sass, CEO of WhiteSource. “ We’re proud that a tool for updating dependencies is itself open source and will ensure the project continues to extend its leadership in multi-platform and language support. Developers can now hopefully spend more time innovating and less time manually resolving security vulnerabilities or dependency updates.”

GitHub acquires Semmle to secure open-source supply chain; attains CVE Numbering Authority status

VMware signs definitive agreement to acquire Pivotal Software and Carbon Black

MongoDB is going to acquire Realm, the mobile database management system, for $39 million

Unlock access to the largest independent learning library in Tech for FREE!
Get unlimited access to 7500+ expert-authored eBooks and video courses covering every tech area you can think of.
Renews at €18.99/month. Cancel anytime