Dependabot is an open source service that allows users to automate dependency updates in their solutions. The tool has been integrated into GitHub for dev’s to use. The company says the new app searches dependencies in a project for security vulnerabilities and updates them automatically to newer versions. As mentioned, this is another example of GitHub expanding since Microsoft’s purchase. Another recent example was the introduction of GitHub Sponsors. This new program allows users to provide financial backing to open-source developers. Under the program, users will not be paying for services, but rather backing the projects and developers they want to support. It is a similar idea to Patreon, which allows people to back content creators.

Sponsors

GitHub has also announced a GitHub Sponsors Matching Fund, an accompanying program. Under this program, the company says it will match all user sponsor contributions up to a value of $5,000 during the first year of the Sponsors initiative. “Open source developers build tools for the rest of us. GitHub Sponsors is a new tool to help them succeed, too,” GitHub’s Devon Zuegel explains. GitHub Sponsor contributions will not come with any fees during the first year of the program. GitHub will cover all processing fees during this 12-month period. In other words, the developer will receive 100 percent of the donated funds.

GitHub Announces Acquisition of Dependabot Automated Update App - 59GitHub Announces Acquisition of Dependabot Automated Update App - 66GitHub Announces Acquisition of Dependabot Automated Update App - 16GitHub Announces Acquisition of Dependabot Automated Update App - 92GitHub Announces Acquisition of Dependabot Automated Update App - 23