WhiteSource’s GitHub integration allows users the ability to detect all open source components in their software with real time alerts and comprehensive reports

[Tel Aviv, Israel – June 27, 2016] – WhiteSource, the continuous open source components management solution, today announced a GitHub integration in order to provide users with a real-time overview of the software components in their repositories. The integration allows users to detect open source components in their software, receive real-time alerts whenever a problematic component is added to a project, or when a new security vulnerability or critical bug is discovered in a user’s open source components. Now users will be able to authorize WhiteSource and choose better code to begin with and will be able to fix component issues as they arise, instead of later on when they become more complicated and costly.

 

“We are delighted to be able to offer WhiteSource’s open source components management solution in a simple and easy to use integration for GitHub users,” said Rami Sass, CEO and Founder of WhiteSource. “At the core of WhiteSource’s product isn’t a sales pitch, but the developer experience. We’re a leader in what we do and the fact we’re built by developers for developers has produced a simple integration that both us and GitHub can be proud of.”

GitHub has over 15 million users and 38 million projects spanning from hobbyist websites to large corporations and even NASA projects. GitHub boasts one of the largest collections of open source software on the internet. With such a large amount of open source code and millions of users and projects depending on them security is a primary concern.

“GitHub allows developers to build great things and security is always a part of that equation.” Said Joe Wadcan, Head of Business Development at GitHub “We are delighted that WhiteSource offers an integration, as it provides valuable information within a developer's existing workflow on GitHub."

WhiteSource can integrate with CI servers, build tools, third-party repositories or GitHub accounts to detect all open source components in software, including all dependencies, within minutes.