The list of presentations is subject to change without notice.
My wish List
Everything and everyone fails all of the time. Failure is always an option, it's how you respond that matters! Let's discover how failure can be an opportunity to learn and improve. Join me on a journey to know more about pain, happy little accidents, trial and error, adaptive capacity, failing safely, learning organizations, and resilience. It's time to start embracing failure!
JSON Web Tokens are everywhere - you are using a bunch of them right now. It's such a common technology, yet, it's very easy to get them wrong. In this session, we get to the nitty gritty of JWT's - what they are, how they work, and how to make sure that we haven't made an app that just waits to be hacked.
In this session, we'll unravel the hidden magic behind nullability syntax and annotations, unleashing the power of static analysis. But hold on, it's not as simple as a sprinkle of ? and ! here and there. We'll delve into the depths and discover that it's no silver bullet either.
Come along on a journey through the essentials of C# nullability, and let's explore techniques and approaches for integrating it into your existing code bases.
Discussing common anti-patterns preventing your systems from achieving an efficient level of reliability.
We will introduce reliability and then delve into common technical and organizational problems and how to prevent them.
Apache Kafka's an interesting beast. It solves many different data-processing problems by being part queue, part database, and part message bus. But it can be daunting to get started, and like many things, the only real way to understand Kafka is to build something with it. So let's do that!
Unlocking content first design and development
Plain language and semantic content structure should influence design decisions and lead to documented requirements for developers and testers.
In this talk, we will take a look at what CQRS (short for Command-Query Responsibility Segregation) is, how we can implement it in C# and how it can greatly help us improving code readability and testability.
In this talk, we will introduce a novel design pattern called "micro-mind-services," inspired by neural networks, which promises to revolutionize how we build applications, particularly in conjunction with AI programming assistants.
Join me to discover this potentially groundbreaking design pattern and explore how it can transform software development in the age of AI programming assistants.
Nobody complains when the database is quick. But when things slow down you try to speed things up by adding an index. Later you try a second index and now things are slower than ever. Indexes can make things faster but you need to know what type of index to use, how to test query performance, and how to maintain them. This session will cover when and how to add an index plus detail how to test their performance.
In this session, the evolution of non-blocking code strategies will be explored, highlighting how they can enhance application throughput. Beginning with Java's concurrency model's inception, the discussion will cover Future/Callable, CompletableFuture, a glimpse into reactive programming, and conclude with Project Loom's introduction in Java 21.
The talk will shed light on the various approaches to writing non-blocking code.
Opérer un logiciel basé sur du machine learning peut impliquer de gérer un parc de modèles conséquent. Expérimentations, modèles spécifiques ou pipelines de traitement à plusieurs étapes, peuvent rendre les phases de déploiement complexes. Comment aider les data scientists à réduire cette complexité et diminuer le temps passé à ces activités de déploiement ?
Voyons comment gérer les artefacts, configurations & leurs versions avec TorchServe!
Cette présentation va élaborer la puissance des mécanismes de cache de HTTP dans Varnish Cache, ainsi que des cas d’usage d'accélération API pour implémenter une mise en cache intelligente avec le langage de programmation VCL intégré dans Varnish.
Avec VCL on peut influencer les décisions de mise en cache, se connecter à divers backends, décharger l'authentification et même créer une expérience de mise en cache personnalisée pour vos API.
You've deployed a neat little function to a serverless service. That worked fine enough, few clicks through the UI, an uploaded zip and you're all set. Adding a few more functions? No big deal. Adding a few hundreds? Uh-oh. In this talk, I'll show you how to build adaptive scale-to-zero serverless solutions using AWS Chalice allowing you to get started quickly, iterate fast and leverage the benefits of serverless compute with minimal compromises.
Cette présentation est destinée aux personnes curieuses d'en savoir plus sur le terme de GitOps : nous prendrons le temps de bien comprendre les bases de cette philosophie puis de découvrir les bonnes pratiques suivant la nature de votre projet. Connaitre et utiliser Kubernetes rendra la présentation plus intuitive mais ce n'est pas requis : je vous expliquerai le nécessaire. Vous serez ainsi prêt(e)s à vous lancer dans l'aventure GitOps!
This talk delves into the present and future of AI in SQL and data analytics. It shows how AI boosts SQL-based analytics for quicker, more precise insights. We'll tackle challenges like data quality, interpretability, and privacy, exploring ongoing research in explainable AI and privacy preservation. Future advances involve automated query optimization, smart data visualization, and integration with emerging database architectures.
Explore bio-inspired algorithms like Firefly and Ant Colony optimization. In this talk we'll delve into the application of these and other algorithms devised by nature herself, analyzing their pros and cons, and optimal usage. Well also see the power of these algorithms by using one to train a machine-learning model. You'll leave with the tools you need to implement these algorithms in your preferred language.
Working with APIs? Great! Did you have to solve surprisingly similar issues in different projects? Did project complexity force you to break the established guidelines for structure, filtering, validation, or pagination? How often have your endpoints, versioning, and evolution stood the test of time? Let's talk about the real examples of solutions I implemented in various APIs. Smile at changing requirements thinking - I've got it!
Have you ever wondered what options are available in the Spring ecosystem to help developers define and build APIs?
In this talk, we will go over what options are available to Spring Developers to build APIs. We will cover traditional HTTP APIs as well as alternative protocols for messaging and streaming APIs. We will introduce other projects from the Spring portfolio that can enhance developer productivity in creating and consuming APIs.
Rector is a CLI tool that handles automated refactoring and instant upgrades of PHP and Laravel. You've heard about it, but never used it before? You're in the right place.
We'll look at practical examples on:
* how to add Rector to your Laravel project,
* how to handle PHP upgrades automatically, e.g. from PHP 7.4 to PHP 8.2 an
* how to increase type coverage
Merging the worlds of behavioral economics and UX design has become crucial for crafting truly engaging digital experiences. In this exploration, uncover the nuances of behavioral science that shape modern UX. From the intricacies of choice architecture and feedback mechanisms to the subtle art of behavioral nudges, see how a user-centric design infused with behavioral insights can revolutionize engagement and drive meaningful behavior change.
No matter if you are a carpenter or a developer, using the right tools can make the difference between doing the job correctly, sometimes even painfully, or absolutely mastering your art. It is the same for DevOps engineers and GitOps practitioners: you can be more productive, agile, and truly take ownership of your Kubernetes journey. This talk will present, and demonstrate the most useful, and powerful open source utilities available out there.
Are you intrigued by the possibilities of running your very own large language model? Join me as we delve into the hardware requirements, step-by-step processes, and limitations of openly available LLMs. From crafting your home Jarvis to building your office librarian.
Learn the essential tools, key definitions, and see practical code examples. Unleash the potential of AI while keeping your data secure.
Exception management is a nuanced art. In this session, we will delve into the realm of error handling in PHP, examining best practices and strategies to craft a resilient and coherent exception system. Exception handling is pivotal in software development, where errors can disrupt your application's flow. This encompasses custom and native exceptions, as well as addressing unnecessary, forgotten or over-protective try/catch blocks.
We’ll walk through considerations for making your web application accessible to more of your customers including maintaining application state with URLs and page titles; keeping assistive technology informed of content changes; managing focus when elements are removed from the DOM; providing a navigable and semantic structure for assistive technology and other accessibility requirements from the Web Content Accessibility Guidelines.
Creating cohesive user experiences across various platforms and devices is paramount in today's fast-paced digital landscape. Design systems are the key to achieving this goal, as they provide a systematic approach to design, code, and documentation. In this session, we will explore the core concepts of design systems and how web components, a powerful technology, can streamline the process of building and maintaining design systems.
Kafka Streams is a client library for building applications and microservices, where the input and output data are stored in Kafka clusters. It combines the simplicity of writing and deploying standard Java applications on the client side with the benefits of Kafka's server-side cluster technology.
In this session, you will learn about:
DSL and Processor APIs
Demo on how to build a data streaming pipe
Project Valhalla is set to revolutionize how Java handles data objects in memory and significantly boost performance. This talk offers an exploration of Valhalla's objectives, progress, and its potential impact on the Java ecosystem with examples throughout. Come discover how Project Valhalla is on the verge of reshaping the landscape of Java, paving the way for a more efficient and high-performing future.
Dealing with time can be challenging: The reliance on the system's clock - a barely controlled global state - hampers accurate testing - or makes it impossible. Instead of leaving these aspects untested, in this talk, we'll explore alternative approaches. Including the intriguing concept of "time travel", to finally have reliable tests! Join us to conquer the challenges of time in software development and ensure your code stands the test of time.
Microservices are widely adopted, but many companies struggle to maximize their benefits. The misconception is that all parts must be deployed constantly. In reality, some require frequent updates while others remain stable.
In an upcoming talk, I'll elaborate on these insights, highlighting one can use Serverless to pragmatically design a system that allows deploying as often as you need.
The Cloud and Open Source relationship is intricate! In this talk, we'll explore how Cloud impacted Open Source over the years, the current state, and advocate for using Cloud as a Commodity Infrastructure Provider for Open Source Software. Consider Kubernetes as your go-to API, available across major cloud providers and private vendors. Though less mature than proprietary options, this ecosystem evolves quickly to meet various needs.
Le nombre de développeurs augmente sans cesse dans le monde et le besoin est criant pour trouver gens qui peuvent guider les autres. Toutefois, comme développeur, il n'y a pas de chemin clair pour devenir Tech Lead. Si c'est un rôle qui vous intéresse, ne manquez pas la chance de découvrir ce qu'est ce rôle et les trucs pour y parvenir.
Apprenez à fine tuned un pre trained model open source Llama2 pour lui apprendre à réaliser un quiz de plusieurs questions à partir d’un PDF!
Les thèmes couverts sont:
- Génération de données synthétiques
- Fine tune de Llama2
- Déploiement via RunPod dans le Cloud
Modern type systems have come a long way since C. They’re no longer just about pleasing the compiler. These days they form a sub-language that helps us express ideas about software clearly & succinctly. A true design language.
So let’s take a look at how a modern type system supports talking about software. How it highlights problems, clarifies designs, and supports reuse. Most importantly, see how types can help you talk to your colleagues.
Avez-vous déjà songé à mettre en place un chatbot sur votre base de connaissances (KB) ? Je vous propose de découvrir une solution simple pour le réaliser en utilisant le langage Python, les capacités d'un Large Language Model (LLM) tel que GPT-3 pour la partie discussion en langage naturel, l'API d'Open Al GPT-3 via la librairie LangChain, ainsi que le framework Web Python Streamlit pour l'interface graphique Web.
Countless hours (and days) are lost on day zero, the first day a dev wants to contribute to a new project. There's services to install, library versions to contend with, and obscure error messages to Google. Running everything locally is a terrible way to manage dev environments.
Containerize your environment to free yourself! Let's explore how to create dev containers so you, and your team, can start writing code without the headache.
Prompts play a crucial role in communicating and directing the behavior of Large Language Models (LLMs) AI. Semantic Kernel is like a mixologist who looks at available ingredients and crafts new cocktail recipes. Semantic Kernel looks at different plugins, prompts, and memory stores to create an execution plan. Attend the presentation to learn about Semantic Kernel and build an AI Mixologist creative enough to suggest new cocktails. Cheers!
A number of AWS services charge by the hour but most services needed for development or testing are only needed during work hours. If it's only needed for 40 hours a week, why pay for the extra 128 hours? At the same time, maybe you'd rather keep the number of people in AWS to a minimum. In this talk, we'll create a Slack bot that automatically turns off AWS services at the end of the day but allows employees to turn them on or off from Slack.
Learn how to create a Bard-like chatbot with Google’s latest Generative AI using MakerSuite, PaLM API and Angular. MakerSuite is a tool to design prompts and experiment with LLMs for Generative AI apps. PaLM API provides Text and Chat features for the chatbot. We will also add a rich-text-editor, natural voices, and rich media rendering for markdown, code, diagrams and more!
In this session, I’ll introduce you to Data Science using the popular Kotlin language that runs on the JVM. We'll also touch on how you can use Java if you want. We’ll do this using an interactive platform called Apache Zeppelin - similar to Jupyter Notebooks, Zeppelin allows you to write code, formatted text, and use a myriad of plugins to process, analyze, and display data.
In this practical and demo-driven approach, we will explore invaluable tips and tricks of the debugger tools available in JetBrains Rider, such as smart step-into, dependent breakpoints, the immediate window, and more. You will also learn new ways to use the IDE's debugger in your everyday work. Don't miss this opportunity to enhance your bug hunting skills and take your software debugging journey to the next level!
The Symfony Security component has recently been totally reworked in order to make it simpler to use and extend. In this talk we’ll make a deep dive into the component and dissect all the many concepts of its architecture such as authentication, passport, badges, authorizations, voters, etc. You’ll also discover how to create custom authenticators, make password less authentication with magic links and login throttling mechanisms.
Symbolic techniques perform explainable predictions and the models are essentially immune to hallucinations. But, they require significant manual effort to scale (languages, frameworks, analysis & ruleset). Neural techniques are a promising new venture, however, their capabilities to discover bugs in code are limited by hallucinations and in the end are not significantly better than guessing. Let's combine them to overcome the shortcomings.
In this talk we'll have a comprehensive look at the most common security risks that affect mobile applications according to the Open Web Application Security Project, with interesting code samples in C#, as well as some tips and tricks on how to prepare our app to walk around each potential security risk.
As a Java developer, I heard a lot about Python and I thought to give it a try.
This presentation is about Fast API and how it’s revolutionizing API creation with speed and simplicity.
Micronaut is a modern, JVM-based, full stack Java framework designed for building modular, easily testable JVM applications. Developed since 2018 by the creators of the Grails framework, Micronaut takes inspiration from lessons learnt over more than 10 years building frameworks and developer tools. In this talk, Micronaut committer Álvaro Sánchez-Mariscal, will demonstrate with a live coding session the developer experience of a Micronaut user
Accessibility is more than the acronyms POUR or WCAG.
Understand when and how to use WCAG as a resource to support inclusive content design and developer best practices.
The website content accessibility guidelines (WCAG) are, well, guidelines. Understanding when to use the guidelines and when to trust your instincts can be tricky.
In the era of big data and real-time analytics, businesses require powerful database solutions that can handle massive workloads while delivering high-performance query processing. This session aims to introduce participants to the MySQL HeatWave Database Service, a cutting-edge technology offered in Oracle Cloud Infrastructure (OCI) that addresses these requirements.
Join this session to learn about the new features added like Machine Learning.
GraphQL is a declarative query language that simplifies retrieving data from an application's back end. It provides a clear and comprehensive description of the data in your API, giving you the ability to request only what you need. This makes it easy to evolve APIs over time and enables powerful developer tools.
We'll discuss the fundamentals of browser extensions (Chromium browsers & Firefox), explore the current options available for end-to-end testing, and dive in to some live coding to see it in action.
By the end of this presentation, you'll have the knowledge and skills to implement end-to-end testing for your own browser extension.
In this talk, we'll delve into the world of Symfony 7, the latest iteration of the high-performance PHP framework used for modern web application development. Through a comprehensive overview, we will unravel the new features, improvements, and the upgrade path, focusing on how Symfony 7 and its community empower developers to build scalable, high-performance, and modular applications.
Addressing poor performance can be an intimidating challenge, but it doesn't have to be. In this session you'll learn to hold people accountable, from setting clear expectations, to addressing violations of trust, to measuring productivity (yuck!), all the way to ending the employment relationship. Once you see how an accountability process can be both effective and respectful, you'll be ready to confidently manage your unreliable developers.
??Debuggers are indispensable tools for Java developers, empowering them to conquer bugs and unravel complex systems. But have you ever wondered how they work? Curious about the implementation of features like conditional breakpoints and remote debugging? Join me for a deep dive into debuggers, unlocking their secrets to maximize their potential. Gain invaluable insights and elevate your debugging game in this illuminating talk.
Commercial monitoring solutions can be complex and costly. Learn to create your own simple, cost-effective, and fast monitoring system with open-source tools like ClickHouse and Grafana. We'll cover key components: data ingestion, querying, and visualization. Through an example system, discover efficient data storage, query construction, and operational dashboard creation. Any developer can do it—join us to learn how!
Feature Flags. Feature Toggles. Canaries. A/B Testing. ...
Many a talk at ConFoo and less well fed conferences will refer to using feature flags as a way to enable seamless integration into a very aggressive release schedule.
Feature Flags are an extremely simple yet powerful tool to streamline integration of complex features.
We'll cover many a known implementation strategies for feature flags so you can become an advocate too.
Static analysis is for life, not just for christmas. While finding bugs before execution a staple, static analysis provide tools to go even further. It scans the code to offer suggestions, training unususpecting developers into using modern code. It provides inventories, linking remote parts of the code by their value and process, and bringing more consistency across the code base. Finally, it can document the code base, and keep it real-time.
Fresh is a web framework based on Web standards built to run on the edge anywhere you can run Deno.
Fresh takes inspiration from existing frameworks to provide features like file-based routing, Islands architecture, server-side rendering and Typescript.
We’ll go through the features and architecture so that you can get up and running with Fresh today.
Faced with the challenge of developing a desktop application, a web developer may feel like a fish out of water. However, with Electron, the transition can be seamless. Originating as GitHub’s shell for the Atom editor, Electron offers a fertile ground for web developers to apply their existing skills to create cross-platform desktop applications. Depart with the foundational knowledge to leverage your web skills in the desktop realm.
Ever wondered how far we can push MAUI? How about porting Doom into a .NET cross-plaform version?
It all started with: "hey I'm porting Doom to C#, want to have a go at getting it to run on MAUI?".
Couple of months later and Doom was running on my phone as a fully playable game!
In this session I'll explain the limits I've run into, the workarounds, and how much code we can share between the WPF and MAUI versions of Doom.
Get ready for a game-changing shift in application development!
Node.js is shaking things up by reducing external dependencies and embracing core capabilities. Say goodbye to costly libraries because Node.js teams have been working tirelessly to introduce native tests, watch mode, and loader to the ecosystem, all without relying on external libraries.
Discover how you can revolutionize your workflow with Node.js's core-driven approach
Join us for a whirlwind tour of 30 advanced tips to supercharge your .NET expertise. It is guaranteed to have something for .NET newbies and even old pros. Let's learn together!
ZGC, Serial, Parallel, CMS, G1GC, C4, LXR, Shenandoah, OH MY!
There’s many options for a Garbage Collector in the JVM today. With more Java apps already on, or moving to the cloud, what is the best GC to use? The answer: it depends!
In this session, we’ll quickly review GC and memory usage in the JVM, then dive into scenarios where certain GC’s would be better than others. Along the way, we’ll talk about the experimental GC called LXR.
Over the years, we've seen countless shifts in how applications are built. New languages and frameworks have streamlined development. Visual and no/low-code have empowered many to create apps. And now we have AI tools to develop code "for us." With these changes, where does this leave our developers? Is writing code obsolete?
Let's talk about where we are, where we're going, and how to get the most out of this new tool.
If you have been creating Notebooks to do data science and haven't had a chance to explore OpenAI for code generation this session is for you. Code to open CSV files, cleaning up Nulls and punctuation is very predictable and repetitive which makes it a great candidate for code generation. I'll walk you through taking a CSV file and generating code to get you up and running and if we are lucky we might even see Python hallucinations!
Stop what you are doing right now, and let me help you in your Kubernetes journey by introducing you to GitOps. This talk will set you on the path to success for implementing Continuous Deployment (CD) for cloud native applications. You’ll learn what the hell is GitOps, and how it will help you better collaborate with your team, deploy & iterate faster within a more secure environment, while saving some costs on the road.
In an increasingly interconnected world, creating applications with global appeal necessitates a deep understanding and implementation of internationalization. This talk delves into leveraging ASP.NET 8’s advanced services and middleware to localize applications across diverse languages and cultures, thereby widening your app’s reach beyond English-speaking users.
Both Golang (Go) and Python are popular programming languages, each with its own set of advantages and disadvantages. Python is by far the easiest one to setup and use to validate the model. This rapid prototyping and flexibility of Python are highly shadowed by the performance of the model when compared to Golang. Let’s look at how we deployed object detection model with OpenCV on those two programming languages.
Unraveling the mystery of embeddings from Large Language Models, this talk explores their mathematical foundations and applications. It goes beyond chat and analytics, demonstrating their operational use in C#. Tools like Cosine similarity and clustering are used for comparison. This talk is ideal for developers, but also valuable for data scientists, and those curious about the math behind machine learning and natural language processing.
How can we deal with concurrent transactions in MySQL without compromising data integrity and performance? In this talk, we’ll answer this question by looking at MySQL’s InnoDB storage engine and by exploring aspects such as Multi-Version Concurrency Control (MVCC), read phenomena, and transaction isolation levels. Through live examples, we’ll see how each of these core concepts can help guarantee your data’s integrity in the face of concurrency.
How can a tiny vulnerability in a web application lead to to a take over of your complete Kubernetes cluster and cloud provider account? In this talk, I'll show you on a live system, how a hacker could end up doing exactly that. You will learn about different attack vectors, and how you can protect yourself against each one of them with a multi-layered security strategy. And all of this with the help of open-source tools.
In this session, I dissect how we built an edge computing device into a conference badge, while enabling it to reliably report metrics on the (badge) wearer to a health check and monitoring system.
The talk focuses on the software challenges of edge computing. I specifically look at "noisy environments", network isolation, and trust barriers to illustrate what goes into the "dos" and "do nots" of building reliable workload orchestration.
Node.js is not the best way to handle heavy computation on the server side, but with Node-API you can now use and enjoy the power of 'the old' C++ and the shiny Rust in your favorite web server.
Let's dive together in a world of performance!
I have given over 250 interviews at Google and was deeply involved in hiring and promotions. In this talk, I will share some key insights about interviewing with software companies. I will explain what companies are looking for beyond core algorithmic knowledge and explain the merits of the illustrious system design interviews. I am also happy to share with managers and startup founders how to actually conduct and organize interviewing.
Architecting a perfect resilient Kubernetes based Kafka deployment requires careful consideration of several edge case scenarios.
In this session, you will learn about :
Successful disaster recovery strategies in Kafka ecosystem like Active-active, Active-passive replication, multi regional stretched clusters etc.,
* How some of these DR techniques evolve, when Kubernetes is the chosen deployment platform
* Related Automation or CI/CD tools
Elevate your Spring Boot application performances! Join me for an insightful presentation on performance enhancement tips. Don't miss this opportunity to optimize your Spring Boot apps for peak performance. Reserve your spot today!
Galileo, Thomas Edison and Steve Jobs each changed the world, but the traits that made them exceptional also made them difficult to work with. This session will discuss how idealism, iconoclasm and technology obsession can drive people to great heights, and also lead to friction. You'll leave with a new perspective on your brilliant colleagues (and maybe yourself), as well as practical ideas on how to work with them more effectively.
Regular expressions allow for fast and accurate pattern matching and manipulation, but it's easy to view them as dense, dark magic, but they don't have to be!
In this talk for all skill levels and platforms, we'll examine some regexp fundamentals, but also the most important tools for beautiful, reusable regexps, including comments, meaningful whitespace, pattern naming, live debugging, and testing. Your regexps can be beautiful and readable!
After a decade sacrificing HTML on the altar of JS frameworks, we've become blind to its raw power. We keep reinventing the wheel with megabytes of JS/CSS, throwing accessibility under the bus as we go.
And yet, HTML5 is enormously powerful in itself, especially when it comes to form controls and dialogs, which most folks are sadly unaware of.
How about digging into this, so we can slim down our bundles and become more accessible to boot?
This year, I completed all 8 Advents of Code in One Go. After 34,281 lines of code written (tests not included), I'm sharing my whole experience: from struggling for days on a single problem to rediscovering the beauty of algorithmic.
Danger, Will Robinson! Don’t deploy on Friday! Maybe your team's or company's policy?
Join me as I share from my experience. Using examples from my work on multiple real world projects, I’ll discuss resilience and operability, deployment strategies, pipelines and continuous testing. Discover the details of trunk based development, feature toggles, pair programming and other best practices and gain the confidence to deploy any day of the week!
Test coverage is a metric often used to quantify the maturity of a project's testing.
Whilst low numbers indicate a lack of tests on the project, high coverage doesn't account for the quality of the tests being run.
And most testing frameworks have quirks and pitfalls.
Have you tested that your project's tests actually fail when they should?
Mutation Testing does that so you know which tests are trustworthy and which ones need work.
Pandas is an extremely efficient tool to do data manipulation in Python, but many find it unintuitive. We'll cover how to think about Pandas Dataframes and how to perform useful operations on your data. You'll leave this talk able to create and combine different Dataframes, handle null data, perform calculations, and graph your results.
AWS Lambda is a compute service that lets you run code without provisioning or managing servers. You can invoke your Lambda functions using the Lambda API, or Lambda can run your functions in response to events from other AWS services. In this presentation, we will give an introduction to AWS Lambda and Serverless Computing, how to trigger functions, and we will demo how to integrate an app with Lambda to turn it into a powerful microservice.
Discover htmx! It's language-agnostic, giving you ultimate flexibility. Embrace the lean, simple, and power of hypertext!
We will delve into the intricacies of htmx: its core principles, operational mechanics, a comprehensive analysis of its advantages and limitations, and a step-by-step guide on crafting a basic project (go)
Effective request tracking in distributed systems is crucial, especially within distributed systems. Observability relies on three key components: logging, metrics, and tracing. OpenTelemetry aims to establish an open standard for these elements, with Jaeger and Zipkin aligning with this initiative. I'll to provide a detailed explanation and showcase a demo of OpenTelemetry integration in a small but distributed architecture.
In this presentation, we take a look at writing PHP extensions. Using step-by-step examples, we'll take a function written in PHP and convert it into a loadable extension using C. We'll then test both versions and compare the results. After seeing the size and scope of the benefits that can be realized, you'll want to try it out for yourself. You'll also understand why we start with simple things, and not try to rewrite all of Symfony in C.
En septembre 2023, la nouvelle version LTS, Java 21, est sortie. Elle constitue une énorme avancée sur la précédente LTS, Java 17. Le nouveau système de multifil virtuel (virtual threads) change complètement nos habitudes.
Venez me rencontrer afin de discuter des nouvelles fonctionnalités et rester à la fine pointe de votre Java.
While the industry has long been captivated by Apache Kafka, Apache Pulsar is emerging as a compelling alternative. Attendees will learn about Pulsar's features, like out of box multi-tenancy, native geo-replication, and why it is an all-in-one messaging and streaming platform. We'll compare the differences between both systems complemented by firsthand insights from managing real production loads exceeding 100k msg/s.
Kubernetes makes it easy and reliable to deploy and run your services. But just deploying your web application is not enough in order to run it in a highly available and reliable way. You also need to care about databases, backups, monitoring, alerting, tracing, log management, security, DNS, load-balancing, TLS certificates, CI/CD pipelines, deployment strategies.
In this talk I'll show live, how you can set all of this up within 60 minutes.
Au commencement, il y avait les fils d'exécution (threads) et la synchronisation. Java a lentement évolué vers des structures plus hauts niveaux. Des verrous, des executeurs, des acteurs jusqu'à fils d'exécution virtuel.
Nous allons traverser le temps et détailler toutes ces idiomes ayant pour but d'améliorer la performance de vos systèmes.
Les monolithes sont mauvais et les microservices sont le meilleur moyen d’atteindre un combo parfait de maintenabilité et d’évolutivité infinie, n'est-ce pas? Aucune décision architecturale n'est parfaite mais une conception basée sur la hype (ou les buzzwords) est probablement la pire option. Et pour votre app existante ou votre nouveau projet révolutionnaire? Découper un monolithe n'est peut-être pas la solution, et si on l'apprivoisait plutôt?
No seriously let's play with a robot! Programming and purchasing robot arms used to be limited to university science labs and assembly lines, but cobots aka collaborative robots are making this technology safer, more accessible, and easier to code. In this session we will take a look at a cobot, review some of the features that make it more practical than earlier robots and do a little coding as well
Warning! This won't be a passive talk – we're in this together!
In this session we will dive into an existing Go application to measure and improve performance. We will have a look at both CPU and memory as well as init allocations.
Let’s make it faster together!
In the past months, AI has disrupted everything. It changed the way we interact with computers, the way we work and it created a whole new set of opportunities.
But how can you take advantage of AI in your existing applications? With Azure AI services, you can easily integrate AI capabilities into your existing applications, taking them to the next level.
Join me in this session to see how we can do this.
Manually performing repetitive tasks like running tests, compiling assets and deploying software
to production are a serious waste of time. Not to mention annoying. So, best we just automate it away.
Using Gitlab CI, in this session we'll setup a pipeline from scratch to have the tests run, assets compiled as well as our software nicely packaged, containerized and deployed.
Impossible to do in less than 60 Minutes? Challenge accepted!
Web forms are the unsung heroes of user interaction. Whether it's signing up for a newsletter, making an online purchase, or submitting critical information, web forms are the gateways to countless online experiences. However, all too often, these forms frustrate users, leading to high abandonment rates and missed opportunities.
Join Rowdy for an enlightening talk as we delve into the art and science of creating better web forms.
For a decade, I thrived in Symfony's realm. But then, Laravel called. Dive into a journey beyond a mere framework switch—it's about relearning and rediscovery. Join as I share hesitations, revelations, and insights Laravel gifted me. Whether you're a
Symfony aficionado or simply framework-curious, witness my evolution from Symfony sage to Laravel novice. Celebrate the art of adaptability and the thrill of the new.
In the whirlwind journey of co-founding and eventually selling a startup over six years, navigating the maze of tech decisions was one of our most critical tasks. This talk delves into the choices we made, striking a balance between the latest tech trends and our own experiences. Curious about how product-market-fit relates to your tech stack, or wondering if you should chase the latest hyped technology?
No one wants their app to be slow! Yet, we all may end up with not optimal solutions that may slow down responses of API Platform-based applications. During this speech, together, we will discover typical pitfalls and how to spot them and address them.
This presentation will focus on the application-level things we may change to improve our response times.
Server-side WebAssembly (Wasm) may prove to be a more efficient method to deliver truly portable applications. With a move to the server side, we must be concerned with interactions with the web environment.
Open Source NGINX Unit is an application runtime for web apps and APIs, handling the HTTP(S) front end, request routing, and coupled to Wasm's linear memory byte streams. Find out how NGINX Unit is becoming the runtime platform for FaaS.
Do you always create a new Dockerfile for each new project?
Do you implement your own SSL certificate logic in this Dockerfile?
Do you forget to update your base image version?
Do you wonder how to generate a Bill Of Material to comply with your organization requirements?
Have you answered yes to any of those questions? Come and attend this talk to learn a new way to build your images, all use cases included - demos provided along the way!
In this forward-looking presentation, we will look into application observability using distributed tracing, metrics, correlated logs, exemplars and more. We will explore how the latest developments in the industry will give you a better understanding about what is going on inside of your applications using Spring Boot 3, OpenTelemetry, Grafana, Micrometer, OpenZipkin, Prometheus, OpenMetrics, and so on.
As developers, we usually work on fancy devices with super fast and stable internet connections, but most of your users aren’t.
With the incredible power of Service Workers, we can provide a fast and reliable experience for all our users.
In this talk, Rowdy will look at different caching strategies to boost the performance of your website and how to deal with offline situations using the Cache API and Fetch API.
Inheriting a legacy code can be a daunting challenge. However, taking control of a legacy codebase can be very empowering.
Let's delve into strategies and practical techniques that enable you to reclaim your power over legacy codebases. From understanding the codebase's history, identifying pain points, and formulating a plan of attack, we’ll explore methods for transforming the tangled mess into a well-structured, maintainable system.
L’accueil d’un nouvel arrivant est une étape charnière de son parcours dans une entreprise, et ironiquement, c’est aussi une des plus négligée. Découvrez comment et pourquoi investir dans l’onboarding pour soutenir la croissance de votre entreprise, solidifier l'équipe existante et former les champions de demain.
Dans la présentation «Open Api rendu facile grace à TypeSpec », nous nous penchons sur l’intégration d’Open API et de TypeSpec pour rationaliser la documentation de l’API. L’importance de l’API ouverte dans l’architecture logicielle contemporaine est soulignée, suivie par les défis de la documentation manuelle traditionnelle des API. TypeSpec apparaît comme une solution, automatisant la génération de spécifications et réduisant les écarts, assur
Les services et micro-services sont parmi nous depuis un moment déjà mais sont souvent perçus comme une solution magique à tous les problèmes. Tout n’est pas rose au pays des licornes et créer un nouveau micro-service peut être un exercice demandant. Découvrez les défis que présente de composer avec un monolithe comportant plusieurs interdépendances, du refactor de celui-ci à l’ajustement des tests en passant par les protocoles de communication.
MySQL might be the most popular database on the internet but PostgreSQL is the only top database in the DB Engine Rankings gaining market share. The good news is that if you know MySQL then you have a good base from which to explore PostgreSQL. We will start with a simple installation, account creation, loading data, and some simple queries. Then we will explore the very cool differences and how to exploit them. Expand your skills in this talk!
Elixir est un langage moderne, dynamique et fonctionnel, bâti sur une plateforme robuste qui a été éprouvée depuis plusieurs décennies. Je vous invite sur un tour d'horizon pour voir ce que ce langage a à vous offrir. Développement web, Machine Learning, IoT, et ce dans tous les domaines d'application.
This talk wants to provide you with a boilerplate knowledge on encryption and how to encrypt and decrypt data in PHP with public and private keys. It will be demonstrated with live code for attendees to follow.
Not everything happening in your app has to be processed immediately. Messages and notifications can wait, statistics can be calculated in the background, even that very important cronjob you run every night for all your clients doesn’t need to be synchronous. Whether your app is big or small, cloud-based or on premises, there are plenty of ways to make it seem faster and scale better without breaking the bank or re-architecturing it.
WebAssembly (Wasm) is a binary instruction format that programming languages can use as a compilation target for deployment on the web. This talk covers the basics of Web Assembly and how to run Golang and Rust programs in the browser and through NodeJS.
I’ll also introduce slEDGEhammer, a research project that explores Web Assembly execution in Varnish Cache through a Wasm module, allowing users to run Wasm programs on the edge.
Back in 2015, Progressive Web Apps started as a way to upgrade websites to be installable and live next to native apps. Modern PWAs are much more than just offline website shortcuts for phones; they're reliable, installable, and capable on any device. Explore the history of PWAs from the earliest building blocks to modern capabilities, what success looks like for companies that start down this journey, and look forward to what their future holds.
In recent years, the ways that we can deliver HTTP has improved in occasional leaps, from 1.0, 1.1, a big step to 2.0, and now 3.0. One of the biggest obstacles has been TCP, which isn't a great fit for HTTP, but we are stuck with it – or are we? QUIC is a reimagining of TCP that runs over "the other protocol", UDP, giving us yet another step up in performance and security. Discover how it works, and how you can deploy it today.
You’ve got a new mission ahead of you: to develop new functionalities for this old project that nobody has known about for 4 years! Obviously, there’s no documentation and no idea of which dependencies to install. Let’s see how Docker can simplify our lives:
- Docker Compose for quick access to external deps
- Try to find a version of our DB that is compatible and simply upgrade it
- Pack the project with docker init like a pro
Large Language Models (LLMs) are powerful. However, they don't have the most up to date information. In this session, Shao Hang He will show you how to feed external data to augment your LLM prompts using Python, LangChain and OpenAI. This includes setting up a Vector Database, converting data to embeddings and making queries. Also, we will go over several examples such as chatting with a PDF and smart search your messages in your email inbox.
Sagas are commonly used when you have a distributed system but need to handle its behavior in an atomic manner. However, it is easy to get lured and use it when it is not necessary and introduces unnecessary complexity.
In this session I will introduce the concept of a saga and guide the audience through a decision-making process to determine if it is the right choice for you, and what should be part of it.
Talking about money feels awkward and dirty. But it shouldn't! In this talk, we'll see some of the strategies to lessen these feelings and improve our chances to get what we want.
Unit tests? Integration tests? Mocks? Stubs? Fakes? How does this apply to the web? Let's look at all the ways you can test a web app and demo all the tools you'd use. We'll live-code most tests to show you exactly what makes a good testing strategy. You'll leave with a GitHub repo you can use to keep learning or fork and use in your own PWAs.
Secrets, they are widely used in all of our applications. Be it connectionstrings, credentials, API keys and so on. Obviously we don't want these in our source control systems. But where do we put them? How do we change them between environments?
In this session I will show the different approaches provided by .NET. We will take a look at options for your own machine, team shared or cloud-based.
Let's put an end to secrets in source control!
A new revolution is happening in React with Server Components. We can move some rendering logic on the server, enabling new patterns and redefining how we write powerful front-end for our applications. We'll explore use cases in which Server Components improve performance and maintainability, so that by the end of the talk, you’ll be ready to use Server Components to take your React experience to the next level.
Cross-Site Scripting (XSS) is still one of the most common vulnerabilities in web applications, despite well-known and effective countermeasures. Often neglected however are XSS issues when using a Single-Page Application (SPA) framework like Angular, React, or Vue.js. We will have a look at those systems, analyze the attack surface, and look for both specific weaknesses and specific countermeasures. A must-see session if you are using SPAs.
In a world where the three elements Time, Scope and Cost of an IT project are in eternal conflict, only the great ingenious will achieve the perfect balance on the top of the summit of Quality.
Jakarta EE 9 changed its package namespace from javax.* to jakarta.*. This may sound like a trivial change that mostly affects Jakarta EE. So, why should Spring developers care?
Attend this session to learn how to make this migration as smooth as possible. A live coding demo will take you through the steps involved, and point out where to pay special attention.
We will also briefly examine some of the changes planned for Jakarta EE 11
This presentation introduces some of the new and exciting features in Spring Boot 3.0 and beyond. One of the key highlights of Spring Boot 3.0 is the built-in AOT (Ahead of Time) support for GraalVM's native image. This groundbreaking addition revolutionizes your approach to application development and unlocks a multitude of unprecedented possibilities.
Creating accessible forms is the science of constructing form fields that provide the correct name, role, and state through the data entry experience. In this talk we examine creating and labeling form fields of different types; grouping related form fields, like radio buttons; marking form fields as required; handling input errors and verifying data integrity. Through testing with a screen reader, you’ll understand how it works semantically.
In this session, I dive into the process of building a secure workflow for infrastructure deployments, starting from a developer's machine to deploying protected workloads in "production".
I look at separation of concerns from a security and networking perspective and highlight the skills operations engineers may need to level up.
Attendees can expect to learn which design patterns matter, which don't, and how to implement them at scale.
The web development community must address the environmental impact. "Sustainable Web Development" highlights the importance of building green web apps. This talk will provide developers, designers, and techies with insights and actionable strategies to reduce the carbon footprint of web applications. Attendees will learn how to make responsible choices that benefit the environment and contribute to a more sustainable future for the Internet,
Have you ever worked with eCommerce? Have you never heard about Sylius? If your answer to both questions is true, this presentation is for you! The first version of it was released in 2017 and many things have changed since then. I will present you a new version of Sylius, a prominent member of the Symfony ecosystem and top-notch eCommerce framework for your custom eCommerce needs.
Mature software applications often need to perform tasks "behind the scenes," ranging from simple actions like sending emails to more complex operations such as processing files. What's the best way to implement background services in .NET? This talk aims to take you through several processes that allow you to do work in the background. We'll cover the pros and cons of different approaches and leave you with actionable advice on what to use.
Technical people are often terrible at writing, or English is often not their native language, and that's a recipe for dull, incomprehensible prose. From reviewing and editing hundreds of pentest reports from writers in many languages, I've developed some simple (and fun!) guidelines to sharpen your writing skills, helping make your reports easier to read, less boring, and more engaging.
Technical debt is only visible when it's too late. The developer who did the "work" is long gone. But you're here and you're here to stay. You'll be fixing the whole damn thing even if you have to do it all yourself. In this talk we'll discuss how to take those first critical steps in reducing technical debt, how to "sell" people on it and key technical advice to keep an even footing.
Attendees will uncover Pulumi's distinguishing strengths—like language flexibility and the powerful functionality of dynamic resource providers. I'll walk through real production struggles with Terraform and the nuances in deploying and managing infrastructure using both tools through tangible demonstrations. For those pondering a switch, this talk offers invaluable insights into the transition process.
Observability and OpenTelemetry have created awareness of distributed tracing. But what is it/ We'll investigate the distributed trace from the initial point via monitoring, dropping into RED. We'll deconstruct it across its parts, describing the importance of trace and spans. We'll discuss some of the potential data impacts that can leave false clues. You'll know why distributed tracing is important and what makes OpenTelemetry the right choice
Attackers write crafty code to compromise apps, steal data, and cover their tracks. To protect against them, you must understand them.
Learn from our real-world ecommerce breach investigations as we demonstrate weaknesses & exploit techniques.
See code used to create hidden persistent backdoors, covertly capture & exfiltrate credit card data, and hide evidence of attacks.
Leave with new protection strategies along with a top 10 cheat sheet.
Digital experiences are not just evolving; they're undergoing a revolution. Dive into the world of composable architectures that are redefining the digital landscape. Join us for an exclusive look into the modernization journey of one of North America's largest automotive car care companies. Discover how we helped them overcome challenges, harness the power of composable architecture to streamline their infrastructure to support their 15 brands.
In this talk we don't look at the syntax of Python; that's the easy part. In this talk we look at the culture. What libraries should we use for hosting a web api? For data access? For data science? For script automation? Where do I download these packages? We'll focus a lot on Jupyter, the interactive REPL for Python and more. Getting started with Python can be fun and rewarding, and open up a whole new set of skills and solutions.
The Evolution of a MySQL database, from a single instance to HA with Disaster Recovery.
In this session, we cover the different deployment possibilities of the MySQL architecture depending on the business requirements for the data. We deploy some architectures and see how to evolve to the next one. The attendees will learn how to migrate from single instance to High Availability with Data Recovery across Data Centers with the minimal downtime
In this session, we'll delve deep into the best ways to make unit testing for .NET applications a walk in the park, by implementing some simple tips and tricks that will allow you to write less code and cover more test cases.
Did it seem like software platforms used to be better in the past? That's not just nostalgia, they *were* better. Platforms were more intuitive, better suited for user-needs, less invasive of privacy, and easier to use.
In this talk we'll examine (with examples) the process of 'enshittification', a term coined by Cory Doctorow for platform decay—where services become progressively worse to maximise profit—and how to avoid it happening to you.
Back in 2021 we embarked in journey that many dream of, but few actually are able to attain. This is, the migration of a legacy system into a modern stack. In this presentation I would like to introduce the thought process and the different tools and milestones we have gone through to achieve our goal. How we were able to put together a mass migration tool compatible with strict SLAs and two ISO certifications, while still serving product.
Let's delve into the realm of online authentication. From traditional passwords to WebAuthn and Passkeys, we'll explore the history, security enhancements, and improved user experience.
Don't miss this insightful talk on the current state of authentication and the future of digital identity, as we examine whether passwords are on the brink of obsolescence or still have a role to play in our increasingly connected world.
WebAssembly has been available in all major browsers, and Node.js, since 2017. Since then, additional features have been added and its use has expanded outside the browser to places like edge and serverless computing, containers, and IoT. It's even possible to leverage it from within your code! In this talk, you'll learn how WebAssembly works and about the new capabilities that have been added.
Are you looking to build robust and efficient event-driven services? In this talk, you will learn the key concepts and strategies for achieving this, including handling at-least-once message delivery, idempotent command handling, and the laws of event-driven physics. Learn how to use the laws of event-driven physics and build event-driven services that simultaneously handle large volumes of events, network failures, and multiple events.
Progressing in software security maturity, you're now at the phase of implementing or reorganizing a threat modeling practice organization wide.
This talk will explain at a high level what can be planned to achieve success in threat modeling. It will be presented as business capabilities related to governance, training and communication for the creation and effective utilization of threat models.
Écrire une fois lire souvent (Write once read many). Arrêter de redécouvrir ce que vous aviez déjà imaginé. Dans cette présentation nous allons vois 5 façons efficace et peu coûteuse d’améliorer votre code. Vous devriez vous attarder à rendre votre code plus facile à lire pour éviter que les prochains perdent leur temps à le comprendre. Vous sortirez de cette session avec des conseils utiles pour accomplir cette tâche.
By the time of the conference, .NET 8 will have been released. Just like each even version, the new release will be under a 3 year long term support, so many applications are expected to be upgraded. The presenter has worked with .NET 8 since the first pre-release version, with mostly joy, and sometimes minor frustration. In this session, we will take a look at the top new features: what has been missing for a long time and is now available.
You will learn about the most common security vulnerabilities in node.js and see how you can fix them with real life code examples. I'm going to bring my experience as Node.js core collaborator and member of the security working group, and we will go through some of the vulnerabilities that have been fixed in the past.
Do you know how to secure your APIs? Tokens alone are far from enough. Automated direct access to the application business logic allows whole new classes of attack vectors and vulnerabilities - data extraction, impersonation, rogue access, and more. You can deploy countermeasures like elevated access requirements, multi-factor auth, response limits, etc. Let's explore both sides of that coin to let you properly design security for your APIs.
Explore real-time analytics challenges with traditional SQL for large datasets. Dive into distributed systems for sub-second responses on petabytes of data. Learn techniques like atomic block inserts, parallelized aggregation, and immutable tables for cost-efficient, stable performance. See them in action with ClickHouse, a leading real-time analytic database. Join us on an exciting journey into fast, big-data analytics.
In this presentation, we'll dive into the world of type annotations and demonstrate how they empower developers to build robust and maintainable code. Discover the benefits of strong typing and gain practical insights into working with types, making your Python projects more reliable and easier to maintain.
In this talk, Micronaut committer Álvaro Sánchez-Mariscal, will demonstrate how you can quickly build optimised Microservices with Micronaut & GraalVM Native Image. Attendees will learn how the combination of GraalVM Native Image and Micronaut can lead to efficient, highly performant, and optimised applications that can be perfectly deployed to environments like Kubernetes or serverless platforms. There will be a live coding demo
useSignal() is a revolution in state management. It is a more reactive, performant, and scalable way to manage state than traditional methods. By learning how to use useSignal(), you can take your state management skills to the next level.
This conference will explore the useSignal() technique. I will discuss topics such as:
The benefits of using useSignal()
How to use useSignal() to build dynamic and interactive web applications
Clean architecture is the reference for decoupled and maintainable enterprise applications. But, it can be difficult to navigate code and to debug. Vertical Slice Architecture simplify code organization and meets the same goals. In this talk, the principals differences will be shown by looking at code samples.
OpenJDK with it’s Java Virtual Machine is great but there is not only one flavour but many. There is Oracle OpenJDK, Eclipse Temurin, IBM Semeru, Amazon Corretto, Azul Zulu, Alibaba Dragonwell, Huawei Bi Sheng, Tencent Kona and many more. Did you ever ask yourself which one is better, faster, free or something similar? Or do you want to know where the differences are in those distributions, well then this session might bring some answers to your
In a world where microservices are more and more a standard architecture for Java based applications running in the cloud, the JVM warmup time can become a limitation. Especially when you look at spinning up new instances of an app as response to changes in load, the warmup time can be a problem. Native images are one solution to solve these problems because their statically ahead of time compiled code simply doesn’t have to warmup and so has sho
During this presentation, we are going to look at the new features that were introduced in PHP 8.3, and some in earlier versions. Join me to have a look at how the type system is strengthened with Typed Class Constants, Readonly
Classes, Arbitrary Static Variable Initialisers, Overloaded Method Markers, and other new smaller features and clean-ups.
At the end you will have a good understanding about all the new and exciting PHP 8.3 features.
Yes, okay, ES2015 rules, and ES2017–2022 brought about a lot of cool things (most notably async/await, async iteration, optional chaining, private members), but a ton of cool stuff is expected to land in the next few years, too… and we can play with it already!
Christophe takes you through a whirlwind tour of the upcoming features he’s most excited about, due to become official in 2024, 2025… or 2026 ;-)
Have you wondered what has been done in the Spring ecosystem since Spring Framework 6 & Spring Boot 3 were released in 2022?
This talk will explore the new features across the Spring portfolio. We will talk about JDK 21 support, virtual threads, & RestClient from Spring Framework. From Spring Boot we will describe the new Docker & Testcontainers features. We will also discuss new additions such as Spring Modulith & Spring Cloud Gateway MVC.
Domain-driven design proponents champion aggregate roots and entity-bound logic. While suitable for complex models, the web realm differs: we often load a partial model, modify, and save. Attend this session for insights on crafting a domain model tailored to web needs within a hexagonal architecture framework.
The ascent of machine learning, especially large language models (LLMs), comes with exorbitant infrastructure costs, making it almost unfeasible for individuals to run such programs independently. Amazon, Azure, and Google Cloud dominate with over 60% market share. This concentration challenges the decentralized essence of the internet, potentially impacting innovation, quality, and freedom.
Profilers help to analyze performance bottlenecks of your application if you know how to use them. Getting to grips with profilers helps to understand how they work: Profilers aren't rocket science. A usable Java profiler can be written in 240 lines of pure Java code, allowing you to fix performance issues and add custom features quickly. This talk will give the fundamentals of Java profiling and an overview of existing open-source profilers.
I will break down writing effective unit tests into five best practices. I will use Python for these examples but the best practices are applicable to other languages as well. (1) Serving as documentation (2) Covering all edge cases (3) Avoiding testing implementation details (4) Contain as little logic as possible (5) Keeping a small scope