WhiteSource acquires & open sources Renovate ‘dependency’ update toolset

Open source security and license compliance management company WhiteSource has brought dependency update company Renovate into its stable.

All of Renovate’s current commercial offerings will now be available for free under its new name, WhiteSource Renovate.

Founder of Renovate Rhys Arkins explains that Renovate was developed because running user-facing applications with outdated dependencies is not a serious option for software projects – or at least it shouldn’t be.

As we know, using outdated dependencies increases the likelihood of unfixed bugs and increases the quantity and impact of security vulnerabilities within software applications. 

WhiteSource will continue to drive the Renovate open source project, which to date has received over 5,000 commits from more than 150 contributors.

Further, WhiteSource will now offer the existing paid offerings for free: a GitHub app, a GitLab app and a self-hosted solution — all under the WhiteSource Renovate umbrella.

“Dependency visibility and currency are essential ingredients for mature software organisations and an important complement to vulnerability and license management. We’re proud that a tool for updating dependencies is itself open source and will ensure the project continues to extend its leadership in multi-platform and language support,” said Rami Sass, CEO of WhiteSource.  

WhiteSource Renovate will be integrated into the WhiteSource product portfolio, which includes WhiteSource Core and WhiteSource for Developers.