Anthony Dahanne
Software Engineer at HeroDevs
Développeur logiciel chez HeroDevs
Montréal, Canada
Actions
Software Developer for 20 years, my favorite topics are containerization (Docker and Kubernetes), building tools, Continuous Integration, security and, of course, core Java development.
Having recently joined HeroDevs, I work on patching and releasing EOL OSS Java and Spring projects.
I'm also a maintainer of the Paketo Java buildpacks.
In my spare time, I work on various open source projects : from Mastodon bots written in NodeJS or Go, to Android apps!
Développeur logiciel depuis 20 ans, mes sujets préférés sont la containeurisation (Docker, Kubernetes), les outils pour développeurs, l’intégration continue, la sécurité et bien sûr, le développement en Java.
J'ai rejoint récemment HeroDevs où je maintiens des librairies OSS qui ne sont plus supportées car en fin de vie (EOL) - je suis aussi maintainer du projet Paketo Java Buildpacks.
Dans mon temps libre, il m'arrive de travailler sur des projets personnels comme des bots Mastodon, des calendrier d'événements tech, etc. en Go, Java, et même Android.
Je suis l'actuel président du MontréalJUG et Devoxx4Kids Québec.
Area of Expertise
Topics
Paketo Buildpacks: the Spring Boot way to build images, and more!
Buildpacks have been around for 15 years!
First they were used to detect and build an app before deploying it to a couple of PaaS.
Then we could create Docker (OCI) images with their latest generation, Cloud Native Buildpacks (CNCF incubating).
Are they a good alternative to the Dockerfile?
What are Paketo buildpacks ? Which community is supporting them and how?
What is the Spring Boot integration? Can it help with performance?
Come and find out during this session that will feature demos along the way!
From Vulnerability to Victory: Mastering the CVE Lifecycle for Java Developers
This session demystifies the CVE lifecycle for Java developers.
We'll explore how vulnerabilities are discovered, scored via CVSS, and disclosed through responsible processes.
You'll learn about major vulnerability databases (NVD, GitHub Advisory, OSS Index), their differences, and which security tools rely on each source.
The practical half equips you with remediation strategies using automated tools like Dependabot, Renovate, and IDE integrations.
We'll tackle the challenge of transitive dependencies in Maven and Gradle with hands-on techniques for resolving conflicts.
Finally, we'll discuss framework (Spring, Quarkus, etc) End-of-Life situations with the different options available.
Walk away understanding the entire vulnerability ecosystem, implementing automated dependency updates in CI/CD pipelines, handling dependency conflict resolution, and developing pragmatic approaches to framework EOL scenarios.
This talk transforms security from a burden to a competitive advantage for intermediate developers, DevOps engineers, and technical leads working with Java applications.
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top