This page describes package manager updates for WhiteSource Renovate and WhiteSource Remediate.
The WhiteSource Renovate OSS was updated from 25.48.0 to 25.76.2. These changes mostly do not affect Remediate users, which use Remediate-only mode and have not enabled Renovate.
New feature highlights:
Added dependency dashboard label configuration
Added support for Terraform community providers during lock file generation.
The regex versioning now supports an optional build
match group, which is handled as 4th version part.
Added an implementation of getDigest()
for the github-releases
datasource.
Supporting tag dependencies extraction for the GitLab and vanilla git
NOTE: A full list of features can be found on Octoclairvoyant
The following package manager default versions have been updated:
cocoapods@1.10.2
composer@2.1.6
dotnet@3.1.412
elixir@1.12.2
git@2.33.0
golang@1.17.0
helm@3.6.3
java@11.0.12
node@14.17.5
openjdk@16.0.2
php@7.4.22
pnpm@6.12.1
poetry@1.1.8
python@3.9.6
ruby@3.0.2
rust@1.54.0
yarn@1.22.11
The WhiteSource Renovate OSS was updated from 24.119.14 to 25.48.0. These changes mostly do not affect Remediate users, which use Remediate-only mode and have not enabled Renovate.
Important changes:
Remediate will no longer read ~/.npmrc
from disk. npm credentials can be configured in multiple other ways described in https://docs.renovatebot.com/private-npm-modules/ including environment variables or a configuration file.
Major updates for Docker dependencies will now be enabled by default.
Grouping of Node.js packages into a single PR is no longer hardcoded. If you are not already using the config:base
preset then you can add group:Nodejs
to your extends
instead.
Patch updates are not considered updateType=minor by default, so any rules you have for minor
need to have patch
added to them in order to take effect. It is no necessary to configure separateMinorPatch
in order to apply patch
rules.
trustLevel
is no longer supported and instead broken into allowCustomCrateRegistries
, allowScripts
, and exposeAllEnv
.
NOTE: A full list of changes can be found on Octoclairvoyant
The following package manager default versions have been updated:
git@2.32.2
node@14.17.1
elixir@1.12.1
php@7.4.20
composer@2.1.3
golang@1.16.5
python@3.9.5
pipenv@2021.5.29
rust@1.53.0
pnpm@6.8.0
dotnet@3.1.410
lerna@4.0.0
helm@3.6.1