YoVDO

Keep Your Dependencies in Check

Offered By: GOTO Conferences via YouTube

Tags

GOTO Conferences Courses IntelliJ IDEA Courses Gradle Courses Log4j Courses Software Composition Analysis Courses Dependabot Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore strategies for managing and updating software dependencies in this 38-minute conference talk from GOTO Copenhagen 2023. Learn about the importance of keeping dependencies up-to-date, referencing recent vulnerabilities like Log4Shell and Spring4Shell. Discover tools and techniques for selecting, maintaining, and analyzing dependencies, including package managers, IDEs, and automated bots. Examine the pros and cons of various approaches, from Maven and Gradle to Dependabot and Renovate. Gain insights into software composition analysis, migration tools like Error Prone and OpenRewrite, and best practices for balancing dependency management with delivering business value. Equip yourself with the knowledge to make informed decisions about dependency management in your software projects.

Syllabus

Intro
Open source software
Log4j
Spring4Shell
Do we need this dependency?
Selecting dependencies
Dependency information
Maintain dependencies
Maven
Gradle
Demo
IntelliJ IDEA
Pros & cons
Software composition analysis
Dependabot
Renovate
Snyk open source
Bots: Pros & cons
Migration tools
Error Prone
OpenRewrite
Conclusion
Outro


Taught by

GOTO Conferences

Related Courses

Addressing Algorithmic Bias
GOTO Conferences via YouTube Empowering Consumers - Evolution of Software in the Future
GOTO Conferences via YouTube Why Static Typing Came Back
GOTO Conferences via YouTube Higher Kinded Types in a Lower Kinded Language - Functional Programming in Kotlin
GOTO Conferences via YouTube It's Not Hard to Test Smart - Delivering Customer Value Faster
GOTO Conferences via YouTube