DEV Community

Discussion on: GitHub acquires Dependabot

Collapse
 
ben profile image
Ben Halpern

This is awesome for developers short term because having this fully integrated will be really nice.

Longterm, it centralizes more power to Microsoft and weakens the ecosystem/platform concept a bit. I think it's always important to root for alternative options to remain relevant.

Collapse
 
abraham profile image
Abraham Williams

Agreed. Renovate is fantastic though and will give GH a run for their money.

Collapse
 
coreyja profile image
Corey Alexander

One thing about the centralization is that Dependabots core functionality is open source! And the blog post about the aquisition said it was the plan to keep it that way!

I hope this open core model might help fight some of this centralization by giving motivated individuals the ability to host their own alternative version

Collapse
 
ben profile image
Ben Halpern

Great point

Collapse
 
sunnysingh profile image
Sunny Singh

Agree, actually I haven't used or even heard of Dependabot until now but I've always added snyk.io to my Node.js projects. Will likely stick with them unless there's major benefits to GitHub's offering.