Making Good Choices & Untangling the Yarn Ball Of Open Source Java Dependencies

Allô, nous recevons Theresa Mammarella de Toronto une présentation en anglais,

Abstract: Let’s face it, Java has a complicated relationship with dependencies. We even have a term for it: dependency hell.

Visualizing a dependency tree is hard, making good choices in upgrading existing dependencies is difficult, and nowadays effectively choosing new open source libraries is a challenge. So much so that last year 69% of dependency upgrades made by organizations were suboptimal. The implications of these decisions in terms of technical debt and security risk are potentially huge.
We can do better. In this talk learn about new tools and successful practices for choosing open source dependencies and avoiding the suboptimal.

Name: Theresa Mammarella
Bio: Theresa is a developer advocate, computer engineer, and open source contributor with a background in JVM and compiler projects. She currently works at Sonatype, educating developers on cybersecurity and code quality. Offscreen, she devotes her time to animal rescue initiatives including fostering and training dogs and cats and loves to hike.