Open-source security specialist WhiteSource has announced that it is acquiring Renovate. According to WhiteSource, Renovate is an open-source dependency update solution.
“Renovate was developed because running user-facing applications with outdated dependencies is not a serious option for software projects today,” said Rhys Arkins, founder of Renovate. “It increases the likelihood of unfixed bugs and increases the quantity and impact of security vulnerabilities within software applications. With Renovate, you can automatically and efficiently keep dependencies up-to-date, integrating this process into any DevOps workflow.”
As part of the acquisition, all of Renovate’s commercial offerings will be made available for free as WhiteSource Renovate. These include a GitHub app, a GitLab app, and a self-hosted solution.
WhiteSource will keep driving the open-source project, which currently have over 5,000 commits from over 150 contributors.
In addition, WhiteSource will work to integrate Renovate into its product portfolio, which includes WhiteSource Core and WhiteSource for Developers.
In a blog post announcing the acquisition, Renovate’s Arkins detailed what he hopes to achieve by becoming part of WhiteSource. According to Arkins, the company will now be able to extend cross-platform and multi-language leadership, release the WhiteSource Renovate Server in regular release cycles, and extend the WhiteSource Renovate app to support Bitbucket Cloud and Azure DevOps. In addition, Arkins will join WhiteSource as director of product.
“We’re excited to add Renovate’s technology to the WhiteSource product line, and we’re looking forward to getting it into the hands of as many developers as possible,” said Rami Sass, CEO of WhiteSource. “Dependency visibility and currency are essential ingredients for mature software organizations and an important complement to vulnerability and license management. We’re proud that a tool for updating dependencies is itself open source and will ensure the project continues to extend its leadership in multi-platform and language support.”