Zoran Horvat

Zoran Horvat

Principal consultant at Coding Helmet s.p.r.l.

Zoran is Principal consultant at Coding Helmet Consultancy, speaker and author of 100+ articles, and independent trainer on .NET technology stack. He can often be found speaking at conferences and user groups, promoting object-oriented development style and clean coding practices and techniques that improve longevity of complex business applications.

Current sessions

There and Back Again of Software Architecture: Monoliths vs. Microservices

Any mention of monolithic applications would raise an eyebrow or two today - and with a good reason. Our accumulated experience is teaching us that monolithic applications bring many issues, not least important them being hard to maintain. On the other end of the specter we find microservices, the preferred design in the eyes of many. And there are myriads of designs and architectures in between these two extremes. Who's right there?
In this presentation, we will analyze common design problems, starting from monolithic designs, paying extra attention to pathological coupling, violating transactional consistency and unclear data ownership.
By the end of this presentation, you will learn that, from perspective of design, there is no substantial difference between multitier monoliths and microservices - assuming each of them is done right. And more, you will learn that a proper, maintainable monolith can easily be morphed into microservices, and vice versa.

This talk was presented two times so far at conferences (not recorded).
You can view the slide deck here: https://www.slideshare.net/secret/gjBI8gvaENp09C
Some slides are not entirely in English - I would fix and improve them if this session is accepted.


Securing Multitenant Databases with Entity Framework Core

Entity Framework (and other ORMs) are simplifying correspondence with relational databases, saving us from having to type enormous amounts of code. Still, we should not feel too confident about simplification offered by ORMs - not least relax about security.
In this demonstration, you will see one common pitfall where custom code is delegating all database-related work to Entity Framework, forgetting to constrain queries to only access objects to which authenticated user possesses permission. In the rest of the demonstration, we shall come to one coding pattern which ensures that every call into Entity Framework will always be secure out of the box.

This content was first displayed in a live coding demo at https://youtu.be/Hpazn6WlfoQ
The brushed-up version was presented as a 45-minute talk at Sinergija conference (Belgrade, November 2020). In Serbian, with no recording (as far as I was informed).
There is also a 60-minute version of this talk prepared, which was never presented. If this talk is accepted, it would therefore be the third, improved version of the example.


Speak the Language - The Domain Language!

To develop software is to write code. Yet, code is not software. There is more in it than just code: There is structure; there are protocols; there are loads and volumes. And yet, even there, one vital ingredient is missing.
Through a series of illustrative code samples, you will learn that developing software is more about speaking the language than about any of its technical aspects. Your code will be a software if it speaks the language of the business it is modeling - that is the thesis we will try to outline in this talk.

This talk was presented at ITKonekt virtual conference during 2020 lockdown. An unlisted recording can be seen at address https://youtu.be/sIcJ7BTOVQI
Please do not share this link - ITKonekt allowed me to share it with other conference organizers, but not with general public.


Keeping Secrets in Azure for .NET Developers

Configuring applications, especially handing over access keys and similar secrets, has always been a special kind of challenge in software development. With the invent of distributed source code repositories, distributed development teams and - lastly - deployment into cloud, the secret keeping mindset has become more important than ever. It is not only tools that count: Tools will change, and evolve. It is the mind shift that every developer had to make, so that their source code deals with secret data in such way that they are never jeopardized.
In this session, we shall demonstrate common practices applied in a common .NET project, deployed to Azure cloud service. You will learn how to detach development from cloud deployment, so that both are operational at all times, while all the true secrets are never stored on a development machine or, worse, in the source code repository.


Performance vs. Composability: Surviving Functional Design with C#

As C# specification continues to strengthen functional programming model, programmers are left to cope with its design side. Anyone who has ever tried functional modeling would never trade its descriptiveness and flexibility for anything in the world. Except, maybe, for performance that has always been the trademark of good old object-oriented models. In this presentation, through a series of coding experiments, we will investigate the gray area between highly performant object models struggling with their innate rigidity, and wonderfully composable functional models that have a hard time to meet performance goals. We cannot promise clean success on either side of the fence, but at least it will be fun to experiment.

This session was presented at IT Konekt 2021 virtual conference.