If Log4Shell, Spring4Shell, etc. have taught us anything, it’s that we need to keep our dependencies up to date. But updating our applications can take a lot of time. How do we stay on top of that, while also continuing to deliver business value?
Luckily, there are plenty of tools that can help us with this, from package managers to bots that can automatically create changes on our repositories. Let’s go over some of the different options, so we can make informed choices about what’s best for us in a particular situation.
Links
- Selecting dependencies (blog)
- Keeping dependencies up to date with Maven (blog)
- IntelliJ IDEA: Viewing Dependencies (video)
- Viewing dependencies in IntelliJ IDEA (blog)
- IntelliJ IDEA: Managing Dependencies (video)
- Managing dependencies in IntelliJ IDEA (blog)
- IntelliJ IDEA Ultimate: Package Checker (video)
- Package Checker: Find and fix vulnerabilities inside IntelliJ IDEA Ultimate (blog)
- IntelliJ IDEA: Analyzing Dependencies (video)
- Analyzing dependencies in IntelliJ IDEA (blog)
- Find vulnerable API usage in IntelliJ IDEA (documentation)
- OpenRewrite support in IntelliJ IDEA (documentation)
- JetBrains Qodana (website)
- Qodana Code Analysis: From the IDE to Quality Gates (video)
- Using bots to keep our dependencies up to date (blog)
- Bart E. featuring Dr. Pom – Renovate Will Fix Your Code (With All the New Versions) by Nils Breunese & Bart Enkelaar (video)
- How To Approach Dependency Management in Java – Marco Behler (video)
- Collaborating on Open Source Software; or How I started contributing to Open Source and why you should too (talk)
- AskAppSec – Dependency Updates by Lisi Hocke (blog)
Presentations
| Date | Event | Location | Media |
| June 27, 2024 | KCDC | Kansas City, USA | slides |
| June 19, 2024 | Devoxx PL | Kraków, Poland | video slides |
| Apr 16, 2024 | Volksbank | Den Bosch, the Netherlands | slides |
| Dec 19, 2023 | Rabobank Ignite | Utrecht, the Netherlands | slides |
| Nov 7, 2023 | All Day DevOps on Tour: Malmö Edition | Malmö, Sweden | slides event page |
| Oct 26, 2023 | All Day DevOps | online | slides speaker page |
| Oct 24, 2023 | AccentoDev | Karlsruhe, Germany | slides talk page speaker page |
| Oct 2, 2023 | GOTO Copenhagen | Copenhagen, Denmark | video slides speaker page |
| Sept 6, 2023 | JavaZone | Oslo, Norway | video slides talk page |
| June 20, 2023 | JCON | Cologne, Germany | video slides talk page speaker page |
| June 7, 2023 | Full Stack Conference | Nieuwegein, the Netherlands | slides schedule |
| May 10, 2023 | DevOxx UK | London, UK | video slides talk page |
| Mar 16, 2023 | Voxxed Days Zürich | Zürich, Switserland | video slides talk page speaker page |
| Mar 7, 2023 | BrabantJUG | Veldhoven, the Netherlands | slides event page |
| Feb 5, 2023 | FOSDEM | Brussels, Belgium | video slides talk page |
| Nov 3, 2022 | JFall | Ede, the Netherlands | video slides |
| Oct 24, 2022 | GeeCon Prague | Prague, Czech Republic | video slides |
| Oct 13, 2022 | DevOxx | Antwerp, Belgium | video slides |
| Sept 26, 2022 | JoziJUG | online | video slides |
| Sept 21, 2022 | RotterdamJUG | Rotterdam, the Netherlands | slides |