Versions Compared

Old Version 4

changes.mady.by.user Vital Batyr

Saved on

compared with

New Version Current

changes.mady.by.user Michelle Friedman

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Table of Contents

Overview

This page describes package manager updates for WhiteSource Renovate and WhiteSource Remediate.

Version 21.8.1

WhiteSource Renovate

The WhiteSource Renovate OSS was updated from 25.48.0 to 25.76.2. These changes mostly do not affect Remediate users, which use Remediate-only mode and have not enabled Renovate.

Important changes:

  • Branches with double hyphens will be changed to single hyphens, which can result in some existing PRs being auto-closed and replacements opened.

  • Renovate will now override any package manager cache locations configured in env variables.

  • Git Submodules cloning now needs to be explicitly enabled.

  • It is no longer supported to configure a "yarnrc" override in Renovate config.

  • Gradle extraction now defaults to JS-based parsing (previously "gradle-lite").

Package Managers

The following package manager default versions have been updated:

  • cocoapods@1.10.2

  • composer@2.1.6

  • dotnet@3.1.412

  • elixir@1.12.2

  • git@2.33.0

  • golang@1.17.0

  • helm@3.6.3

  • java@11.0.12

  • node@14.17.5

  • openjdk@16.0.2

  • php@7.4.22

  • pnpm@6.12.1

  • poetry@1.1.8

  • python@3.9.6

  • ruby@3.0.2

  • rust@1.54.0

  • yarn@1.22.11

Version 21.6.2

WhiteSource Renovate

The WhiteSource Renovate OSS was updated from 24.119.14 to 25.48.0. These changes mostly do not affect Remediate users, which use Remediate-only mode and have not enabled Renovate.

Important changes:

...

is available at: https://docs.

...

Major updates for Docker dependencies will now be enabled by default.

...

Grouping of Node.js packages into a single PR is no longer hardcoded. If you are not already using the config:base preset then you can add group:Nodejs to your extends instead.

...

Patch updates are not considered updateType=minor by default, so any rules you have for minor need to have patch added to them in order to take effect. It is no necessary to configure separateMinorPatch in order to apply patch rules.

...

trustLevel is no longer supported and instead broken into allowCustomCrateRegistriesallowScripts, and exposeAllEnv.

Package Managers

The following package manager default versions have been updated:

...

git@2.32.2

...

node@14.17.1

...

elixir@1.12.1

...

php@7.4.20

...

composer@2.1.3

...

golang@1.16.5

...

python@3.9.5

...

pipenv@2021.5.29

...

rust@1.53.0

...

pnpm@6.8.0

...

dotnet@3.1.410

...

lerna@4.0.0

...

mend.io/bundle/integrations/page/mend_remediate_package_managers_release_notes.html