Skip to content

Details

Just before everyone disappears for the holidays, let's get together for one more Java meetup!
This time we're joining forces with Spring User Group, and thanks to our friends at JetBrains, we'll be meeting at their office. We'll also have a raffle featuring WeAreDevelopers World Congress tickets and other prizes.
## 🎤 Alexei Zinoviev
Software Developer at JetBrains

### Kotlin and Spring Boot: From Messy Public Data to a Robust Application

Real applications rarely get clean input. Source pages change, fields are missing, text formats are inconsistent, parsers make assumptions, and external services such as geocoders can be slow, incomplete, or temporarily unavailable.
In this talk, we will use a small Berlin-focused Spring Boot application written in Kotlin. It reads public demonstration data, parses semi-structured HTML, converts raw rows into a typed domain model, applies classification rules, geocodes locations where possible, and exposes the result through a Spring MVC API, an interactive map, and a timeline.
The Kotlin part is not a rewrite pitch. Spring Boot stays the familiar foundation for controllers, services, scheduling, database access, and operational endpoints. Kotlin helps in the parts where enterprise code often becomes defensive and noisy: nullable input, parsing results, rejected rows, domain identifiers, explicit states, and readable transformation pipelines.
A central part of the example is a small Kotlin DSL for rules. The classifier is not AI and not a black box: rules are written as type-safe Kotlin code, close to configuration, readable in the IDE, and able to explain why a certain operational risk score was assigned to an event or route.
We will also look at what makes the application robust in practice: handling parser failures, conversion problems, missing coordinates, partial results, and unstable external services without turning every expected problem into a generic HTTP 500.
## 🎤 Dmitry Chuyko
Architect at BellSoft
### From Kitchen to Table: A Safe Software Journey with SBOMs
The EU's Cyber Resilience Act (CRA) is turning Software Bills of Materials (SBOMs) from a "nice to have" into a legal requirement for many software products. Managing your software supply chain is no longer optional—it's part of shipping software responsibly.
Think of your containerized Java (and Spring) application as a dish served to production. Every ingredient matters, and someone will eventually ask what's inside. SBOMs are the ingredient lists that security scanners, auditors, and regulators rely on.
In this practical session, we'll look at how Java and DevOps teams can make SBOMs part of their everyday workflow. We'll cover:

  • generating and managing SBOMs in CI/CD (GitHub Actions and GitLab CI)
  • verifying pre-built container images
  • enforcing supply-chain policies in Kubernetes with OPA and Ratify
  • navigating SPDX vs. CycloneDX
  • integrating SBOMs into existing toolchains without unnecessary complexity

Rather than treating SBOMs as compliance paperwork, you'll learn how to use them as actionable security artifacts that improve visibility, strengthen your software supply chain, and help meet regulatory requirements.
## Schedule
18:00 – Doors open
18:30 – Alexei Zinoviev
19:00 – Networking break
19:30 – Dmitry Chuyko — From Kitchen to Table: A Safe Software Journey with SBOMs
20:30 – Networking, refreshments, and the WeAreDevelopers World Congress ticket raffle

Related topics

Events in Berlin, DE
Computer Programming
Domain Driven Design

You may also like