LONDON and BOSTON, March 5, 2020 /PRNewswire/ -- Developer-first security company Snyk has partnered with Neighbourhoodie, the makers of Greenkeeper, to collaborate and build a solution for keeping open source dependencies current and secure. The result of that effort, Automatic Dependency Upgrades, is now included with Snyk Open Source, the industry's most developer-friendly solution for software development teams to easily find, and automatically fix, open source vulnerabilities.
Maintaining updated open source dependencies is important to proactively reduce security risk and performance issues and to optimize for overall quality improvements. In some cases, keeping software up to date is a requirement for compliance with some policies such as HIPAA. However, maintaining current and healthy dependencies manually is time consuming, risky, and becomes more complex over time as the number of versions to upgrade increases.
"Our goal has always been to stay at the forefront of innovation for developer-centric tooling," said Jan Lehnardt, CEO at Neighbourhoodie.
"But we soon realized that to do this for dependency upgrades, we needed to find the right partner who shared our vision and prioritized the developer experience the way that we do," added Simone Haas, CEO at Neighbourhoodie Software, the makers of Greenkeeper. "We found this partnership with Snyk, and we are excited to be bringing customers an industry-leading approach to automated dependency upgrades and building more secure software."
The collaboration between Snyk and Greenkeeper now offers customers a market-leading capability for Automated Dependency Upgrades that enables:
- Frictionless integration into developer workflows;
- Helpful information to inform priorities and decisions; and
- Control over the pace and volume of updates.
"Snyk's dependency upgrade pull requests have automated away loads of manual effort, by automatically recommending secure package updates," said Snyk customer Joe Emison, Cofounder and CTO at Branch Insurance.
"Snyk's mission is to enable developers to build software securely. Keeping open source dependencies current is a critical component to proactively mitigating risk in software development. However, this is hard for developers to do manually," said Aner Mazur, Chief Product Officer, Snyk. "By collaborating with the Greenkeeper team, the pioneers in this space, we are delivering an automated solution that helps developers prioritize the most important upgrades and control the pace of all upgrades to ensure the best balance between dependency maintenance and new software development."
Snyk is a developer-first security company that helps software-driven businesses develop fast and stay secure. Snyk is the only solution that seamlessly and proactively finds and fixes vulnerabilities and license violations in open source dependencies and container images. Snyk's solution is built on a comprehensive, proprietary vulnerability database, maintained by an expert security research team in Israel and London. With tight integration into existing developer workflows, source control (including GitHub, Bitbucket, GitLab), and CI/CD pipelines, Snyk enables efficient security workflows and reduces mean-time-to-fix. For more information or to get started with Snyk for free today, visit https://snyk.io.
Neighbourhoodie offers different services and support in all areas around the use of Apache CouchDB. Developers at Neighbourhoodie have an extensive track record of Open Source work and community engagement. They support the developer community by starting and co-organising conferences and meetups like JSConf EU and Berlin.js. For more Information on Neighbourhoodie visit https://neighbourhood.ie/.