The list of presentations is subject to change without notice.
My wish List
Il est naturel de programmer un Microcontrôleur en C++ ou même en Python. Mais saviez-vous qu'il est aussi possible de le faire en C# en utilisant le .Net nanoFramework? Nous verrons les avantages et inconvénients de le faire et, à l'aide d'un contrôleur ESP32, nous verrons des exemples de ce qu'il est possible de faire à l'aide de ce language de programmation plus moderne.
Is your environment acting the way you intended it to be, as in do your users see what you wanted them to see? Is your app breaking under stress or even worse going down when components are acting up (or down in this case)?
In this session you will be guided though all the options you have today lining out all the testing capabilities you have in the Microsoft Coding Universe.
Websockets became very popular over the last few years, regular security tools are not catching a lot of the security issues related to websockets. Most popular tools are more suited to the HTTP protocol. This talk will outline the various gaps in existing tooling available to test applications that use websockets. It will also demonstrate a new opensource tool which was designed specifically for testing websockets.
Accessibility might seem like a blocker to creative design, a complicated technical solution, or a problem left for your testers to solve.
On the contrary, accessibility is an opportunity to create an innovative experience for your clients and customers.
This talk explores inclusive design as a way to create innovative solutions for everyone.
When adding observability to existing production apps, there are a number of tradeoffs in approaches.
We added observability to open source NGINX MARA, addressing challenges while keeping to open source solutions whenever possible. Learn from our experience in observability in production class apps.
Come learn from our experience in dealing with OpenTelemetry and related tools.
When building out the front end for an application with strong real-time requirements, there are many considerations. How do we get initial data? How do we get subsequent updates? What happens if they lose connectivity? Web components provide an excellent model for progressively enhancing initial markup. Workers allow us to move rendering off the main thread. In this talk, we'll demonstrate an architecture that scales down to any device with a sp
Have you ever peeked behind the curtain on Java? Beyond Java 8, there's a lot of cool stuff to be discovered. We talk about the "fun and shiny" features you may not even know about. See how the JDK, JVM, and the Java language have all evolved and improved—now making you more productive and forcing you to write more secure code. This session is jam-packed with fun and shiny areas to accelerate your developer productivity.
Malgré vos dizaines de tests et votre couverture de code à 100%, votre application crashe toujours en prod sur des cas que vous n'aviez pas prévu?
Les tests des propriétés sont là pour vous sauver de cette situation! En prenant comme exemple la librairie fast-check de TypeScript, nous verrons comment écrire des centaines tests en quelques lignes, et augmenter ainsi votre confiance dans le fait que votre code fonctionne.
2022 brought us Java 19 and Java 20, and Java 21 is nearly here! Let's face it, it is sometimes hard to keep up with the new features added to Java.
This session will give an overview of some recent key Java features. We will discuss Virtual Threads and the new Structured Concurrency model. We will look at some new language features such as Pattern Matching. We will conclude by looking at the Foreign Function & Memory API, and the Vector API.
We love heated discussions about what is RESTful and laugh at SOAP and other ancient RPC protocols while glorifying GraphQL... Forget the buzzwords and let's explore the true meaning of Application Programming Interfaces, from mere variables and functions, through network connections, to connecting large software systems. Thinking in terms of APIs can improve the way we approach software design on so many levels!
What did you always wanted to know about Python core development, Python security, global Python community, or open source development in general? You get a chance to have your questions answered by a long-time Python core developer and professional open source developer. You'll be able to pre-submit questions sli.do and upvote questions from others. I'll also take questions during the talk.
Your script is constantly waiting. For the database, the e-mail server, the HTTP server of any service, a file from the disk or even for the RAM. And with it the customers wait.
I want to show how with an asynchronous architecture, RabbitMQ and ReactPHP the waiting time is significantly shortened and that sometimes you do not have to wait.
OpenSwoole is a PHP extension that allows to build high-performance, async multi-tasking web services with PHP. It offers a very lightweight Coroutine API to that allows to create thousands coroutines within one Linux process.
It offers a range of multi-threaded I/O modules (HTTP Server, WebSockets, TaskWorkers, Process Pools) out of the box and support for popular PHP clients like PDO and CURL.
One of the first steps organizations take when adopting DevOps principles is to use automated testing of application code.
In this session, we'll see how to use Pester to integrate automated testing into the infrastructure lifecycle.
At the end of this session, you will have all the elements in hand to start testing your infrastructures! :)
Are you considering switching to GraphQL? We adopted it 4 years ago and quickly ran into performance issues in Apollo. Learn about the concepts of GraphQL, the pitfalls that lurk beneath their attractive flexibility, and the techniques we've devised to limit their impact.
Security testing is an important part of the development process. Understanding the security posture in your live production environment and measuring real threats is equally important. Should you perform testing on production? In this talk we will share the perspective of an experienced pen-tester, who has seen what happens when things don't go to plan. We will then help devise the best testing strategies for maximum payoff and minimum risk.
Découvrez comment nous avons bâti un système pour gérer les stats d’un système e-commerce. La solution est capable d’ingérer et de calculer les stats, de manière scalable. Découvrez pourquoi nous avons choisi Elasticsearch et comment nous l’utilisons. Vous découvrirez aussi les problèmes que nous avons vécus et comment nous les avons contournés.
In the modern application development process, testing is not only an addition. A great example of a proper testing suite revolution is Behat system from the open-source eCommerce project Sylius, which has been entirely rebuilt some time ago.
I will present the bigges problems which we had in previous UI tests and the conclusions we’ve deduced from them. I will also show the way, how we’ve rewritten the test system and what we learned from it.
Tim Peters created TimSort, a sorting algorithm for Python, and it’s so fast in the real world most programming languages have now copied it. This all-audiences talk shows how Timsort works, how it spread to other programming languages, and how I beat TimSort (at least in one use case).
Insights from building a real life, high-load REST API
Implementing a REST API is not only about designing correct resource URLs. I will talk about the software and system engineering part it takes to build a data API. I will show concrete examples from a project where we gather data from dozens of different services and systems and build a real-time capable data API. The main technology stack is Symfony, Elasticsearch and Varnish.
The C# nullability features help you minimize the likelihood of encountering that dreaded System.NullReferenceException.
Introducing explicit nullability into an existing code bases is a Herculean effort. In this talk, we'll see some techniques and approaches that worked for me, and explore how you can migrate an existing code base to use the full potential of C# nullability.
We are in an age of technological revolution. The technologies that we read about in fiction and watched on tv shows as children are being built now, all around the world.
This is a time to be excited and hopeful about the benefits that technology can bring to all aspects of our lives and society but also a time to be mindful of the risks we face.
In this talk, we discuss this exciting future and how we can work together to secure it.
The popularity of Python as a language for web development is undoubtedly . Itnd with it is also the set of tools and frameworks available to create and document REST APIs.
In this presentation, we will provide a subtle introduction to the FastAPI framework while enumerating its main features and advantages for building RESTful APIs.
Slack is a popular messaging app used by over 750,000 companies including 65% of the Fortune 100 companies. Did you know you can do more than just send text messages with the odd image or emoji? It's possible to create a rich interactive UI using Slack's Block Kit UI framework. In this session we'll build a simple hot-desk booking bot with Node.js where you'll learn how to respond to events from your controls and adjust the displayed message.
Learn building ASP.NET Core APIs delivered in its latest version of the Microsoft Framework: .NET 7 and C# 11. You will discover the best way of developing WebAPIs with ASP.NET Core 7 and minimal APIs based on RFCs. HTTP protocol, REST principles and ASP.NET Core 7 will no longer be a secret for you. But that's not all! You will also learn how to architecture your API with the best practices, including unit testing and integration testing.
Rust has been characterized as a systems language. In this talk, I wanted to make a case for Rust as a business language. With the support of its macro system and expressive trait system, Rust can often be as expressive as Ruby while having the performance characteristics of C++. I will walkthrough some Rust libraries like Axum and SQLX and how you can quickly build your web service with Rust.
Companies need to build quickly,and keep their costs under control. They need to make sure that every dollar that flows out is being turned into value for the business,and they need to maximise that value. By following the Well-Architected Framework’s Cost Optimization pillar,they can ensure they have the guard rails in place to move forward with confidence and focus on building their business,without having to look over their shoulder constantly
Kafka Streams is a client library for building applications and microservices, where the input and output data are stored in Kafka clusters. It combines the simplicity of writing and deploying standard Java applications on the client side with the benefits of Kafka's server-side cluster technology.
In this session, you will learn about:
DSL and Processor APIs
Demo on how to build a data streaming pipe
What to test and how to test? These two questions are still a challenge after a long time of successful implementation of a properly tested big project. After many years of being a part of one, I come up with the conclusion: that what needs to be covered with tests are business requirements.
I will present how to approach testing different user interfaces (Twig-based UI and API Platform-based API), while still focusing on the business value
Caching data is a pattern used by any application that needs to serve high traffic and finds itself with latency requirements being incompatible with the selected persistence choice. While simple at first, creating and maintaining a cache has aspects often overlooked. In this session I will cover some of the challenges with caching, the typical solutions used and present the notion of using CQRS to eliminate the need to have one
We often accept a "best practice" simply because it sounds reasonable. In this session, the presenter examines "best practices" that may include:
* Code comments
* Test coverage
* Monoliths/distributed systems
* Issue tracking
* Native code, VM/GC
* "Move fast & break things"
* Cattle, pets
* Cloud-based IDEs
* Self hosting, public cloud
* JSON, XML
Challenge everything! (Except for that last statement, perhaps)
Dapr is a runtime that facilitates the development of distributed and event-driven applications often associated to microservices architectures. Through its building blocks and components, it allows developers to externalize several elements of complexity and works with any language. You won't have to worry about retry loops, proprietary SDKs and protocols, and observability.
Data Collections play an essential role in our applications. How we manage our data can be crucial to their overall performance.
In this presentation, we want to introduce DynamicData, a library that allows developers to bring the power of Reactive Extensions (Rx) to collections.
We will also show how we can leverage DynamicData in our .NET applications.
Le Traitement Automatique du Langage (TAL) alimente de nombreuses technologies modernes telles que les chatbots ou la détection de spam. À la base du TAL se trouve le besoin de comprendre du texte—les octets bruts ne permettent pas d'extraire un réel sens. Cela justifie alors l'utilisation de représentations sophistiquées que nous introduisons ici: comptage (ex. TFIDF), vecteurs statiques (ex. word2vec) et réseaux de neurones (ex. Transformers).
Les JWT sont très pratiques pour faire transiter des données de manière fiable. Ils sont souvent utilisés pour assurer l'authentication auprès de micro-services ou de SSO dans le cadre d'OIDC. De plus, on voit beaucoup de JWS (des jetons signés), mais ce n'est pas la seule implémentation qui existe. JWT est plus vaste que ce que l'on peut penser. Je vous propose de découvrir des aspects de JWT moins connus que l'utilisation classique.
What's that in the sky? Is it a plane? Is it WCF? No it's better. It's gRPC that's now natively supported in ASP.NET Core. It's more efficient than any API technique you've ever used and it's is way, way faster. That makes it very suitable for communication between microservices.
In this session I'm talking about what gRPC is but also how you can implement it right away in any ASP.NET Core application.
In software development, change is pretty much the only constant factor. In fact, embracing change is one of the twelve principles behind the Agile Manifesto. However, changing event sourced applications can be very challenging.
In this talk, we’ll explore how to deal with projection updates, event updates and versioning, and existing privacy legislation (such as the GDPR).
In this presentation, we will explore this seemingly simple aspect of working with database in details. We will talk about how to group queries together in the meaningful way so you’re not overwhelmed with amount of details but find the right queries to focus on. When you should focus on tuning specific queries or when it is better to focus on tuning the database. We will also look at other ways to minimize user facing response time.
One of the perks of joining Microsoft's Azure SQL team is being granted the opportunity to learn about inner workings of SQL Server.
Frankly, not only did I learn them, but I'm happy to share them!
We will talk about Pages, Extents, Indexes, Transactions and how it all works under the hood.
Oh, and did I mention that lots of it is true for other Relational DBs as well?
If you want to learn how to escape or not even enter dependency hell, come to this talk.
You will gain an understanding of the principles behind dependency management we use with Gradle.
A single incorrect dependency can break existing code, introduce a vulnerability or simply prevent your project from building.
Whatever your approach, your sources and dependencies are central to productivity by reusing artifacts and ensuring a quality build.
The process of replacing your code with a new version can be tricky. In this talk, I will present strategies to deploy your code without interrupting the application, including how to handle database schema changes without breaking running code.
Developing domain specific web applications often rhymes with domain entities having a inner state that moves from one to another when some event or action occurs. One way to constraint, validate and ensure the consistency of an object state within its lifecycle is to setup a state machine. In this talk, you’ll learn how to use the Symfony Workflow component to build a complete and full featured state machine for your PHP domain objects.
Developer likes to build productivity tools. It is a common reflex to automate manual build or deployment steps, but have you ever though about developing a browser extension? In this presentation, I will show you how easy it is to build your first extension. We will be cover the manifest configuration, the components, the build option and more. With the numerous examples given, it should inspire you to write your own extension.
8 ans après la première release de Spring Boot il était temps pour une mise à jour. Spring Boot 3 sorti en 2022 est la nouvelle mouture du framework le plus utilisé par les développeurs Java. Qu'apporte la version 3 ? La réponse de Spring Boot est-elle à la hauteur des concurrents Quarkus et Micronaut? Nous le verrons lors de cette présentation ?
A picture is worth a thousand words, they say - but unfortunately it is not always the case. If done right, diagrams are a treasure - but we've all seen and suffered from spaghetti diagrams and ones bringing confusion rather than clarity and added value.
Let's see what makes a diagram effective, what are the techniques and principles for creating good diagrams - and how everyone can get better at using this powerful communication tool.
I once wrote a program to demonstrate the performance of different Java collections to my students. The differences between the collections were what I expected but the values changed significantly for each run. Then I discovered the Java Microbenchmark Harness or JMH. Think of it as unit testing for performance rather than correctness. In this presentation I will talk about the original performance program and the enhanced version using JMH.
Get ready for the new technological turn! Discover gRPC-web the alternative to JSON APIs! Using the latest ASP.NET Core 7 framework, I will show you how to build performant web application with Blazor (C#) and Angular (TypeScript) without using any JSON APIs!
k6 can run distributed tests and can be controlled remotely through a CLI and API.
Les bases de données savent gérer des colonnes JSON depuis des années déjà, et
ces colonnes permettent d'accélérer le développement en simplifiant le code, les
migrations, et la maintenance.
À travers cette présentation, nous allons voir comment étendre Doctrine pour
avoir le meilleur des deux mondes : des colonnes en JSON, et des objets PHP
You and your team have been working on some web apps and APIs for a few sprints now, and you may or may not already have a version running in production, when out of the blue, the client announces that a security company will do an assessment of your project. If your initial reaction to this news is either being scared or concerned, you're probably right. And you should probably attend this session to be better prepared for what comes next!
Deploying microservices in the cloud requires efficiency in data sharing and separation of functionality. Having multiple microservices, written in various programming languages, is a challenging task, not only for deployment but also for management in terms of performance, reliability and fault tolerance. This talk will address those challenges and provide solutions using the Hazelcast open source platform.
In 1989, Nintendo released their first handheld console with cartridges, the Game Boy, which sold over 100 million of units. This device has been the inspiration for game developers around the world to start creating games.
Enter the world of emulation, where the Game Boy is now available as a .NET 6 project. Want to know more about how to emulate a CPU, graphical unit and more? Let's dive into dusty hardware manuals and C# code!
The never-ending stream of new things to learn makes it difficult to stay relevant in the market. We know there are no silver bullets, but what about a way to gain a deeper understanding and knowledge which does not expire? Forget about just writing code - enter the world of equational reasoning, where things are represented by functions and transformations. There is a reason this industry is called Information Technology.
In this talk, we'll see what Event Sourcing is and we'll see how it can be combined with Domain Driven Design in a practical scenario. We'll also see different implementations using on-premise and cloud infrastructure
After a review of the improvements embraced in Software testing, finally we will talk about integration of Machine Learning. Lets see how we can use ML and optimize software testing processes.
We will study the enhancements under basic headlines: (1) Waterfall to Agile, (2) Manual to Automated Testing, (3) Big Releases to Continuous Testing and (4) Leveraging ML in Testing (in all stages: Definition, Implementation, Execution, Maintenance).
Microfrontends are the "microservices" of the frontend world. They enable web apps to be divided into separate modules and thus scale to many developers. While the backend has consensus on how to architect microservices, the frontend is still in the experimentation phase. I will describe how Roundforest does microfrontends, in a way that translates microservices to a natural and logical frontend architecture that makes sense on the web.
Machine Learning is a paradigm shift from traditional programming because it allows software systems to program themselves through training and data. Today, we’ll explore how you can start integrating Machine Learning in your PHP projects using the open-source Rubix ML library. We’ll formulate the problem of customer churn, train a model to predict unhappy customers, and then use that model to identify the at-risk customers in our database.
In this talk I explain how to use Xdebug to get more productive writing PHP code, focussing on the improvements in Xdebug 3.1 and 3.2, to make the debugging experience better and easier to set-up.
Beyond that, this session also goes through a few complicated scenarios that are harder to debug, and shows solutions to these conundrums.
For all JVM builds - you will learn how to organize the construction of your software whether a mono repository or several repos. Build logic will be reusable, convention-based, and with code quality and testing.
We'll also see how Configuration Cache helps speed up local development by starting tasks running immediately. You will learn how it works and what constraints it imposes, in alignment with idiomatic recommendations.
I am a PHP core contributor and you can be too! You think you need to create a RFC for this or write and maintain a PHP extension or even write C code? Fear no more!
In this talk you will learn how you can become a PHP core contributor and give something back to the community by writing tests for PHP core without writing a single line of C code.
The idea of isolating services into containers revolutionized the IT world. And while containers are here to stay, most container images in use today are gigantic in size, contain unnecessary even dangerous components or generally are shipping a lot of bloat. And with that killing the very idea of containerization.
Shall we put our containers on a diet, avoid security problems, and, while doing so, even reduce build times? This talk shows how!
Now that the app is running in Kubernetes, how do we scale it to meet demand? What metric should we use? CPU? Requests? something else? Let's dig into why we auto-scale, and how we auto-scale with lots of examples. Finally we'll look at potential pitfalls and gotchas like how to scale to 0 and how to avoid scaling too big for your budget. Come learn how to scale with Kubernetes.
Have you ever worked on a project that didn't use any open source tools, libraries, or products? Using open source has been such an integral part of our daily work life that we don't even think about it. We just expect it to be available, secure, stable, and bug-free.
But how many of you are actually contributing back to an open source project? In this session, I will go through some aspects of being a responsible open source citizen.
Launched in 2019, McGill University’s revamped digital standards have become a cornerstone of our web governance framework, a key reference for web strategies and a resource that defines our shared understanding of what makes an exemplary site. Learn how we established a community of practice for digital standards compliance within our large, decentralized network of website managers. Get tips for securing buy-in and encouraging involvement.
Your tests may be good. But they could be better!
When production code has tests, they are often hard to read. They also get in your way when you want to refactor code. Sometimes, you have false positives. Often, they are flaky…
In this talk, we will show you real-world examples of tests that have been improved. We will cover a few techniques you can re-use at work to improve the quality of your own tests!
Architecting a perfect resilient Kubernetes based Kafka deployment requires careful consideration of several edge case scenarios.
In this session, you will learn about :
Successful disaster recovery strategies in Kafka ecosystem like Active-active, Active-passive replication, multi regional stretched clusters etc.,
* How some of these DR techniques evolve, when Kubernetes is the chosen deployment platform
* Related Automation or CI/CD tools
With the recent Sylius release v1.11, we've introduced a brand new feature - catalog promotions. As this feature may require processing a significant amount of data(the whole product catalog), we had to decide on async processing by default. But it does not mean that we can waste resources and not optimize the processing algorithm! We had to improve it and to do that we've been using Blackfire.
Let's dive into the browser's run-time render process, examine each frame, understand what's a repaint, what causes a reflow, and how (and why) to avoid them. Learn how CSS properties affect the render process, and how to harness the GPU and run clear 60 fps animations (2D and 3D) using hardware acceleration.
There are lots of caching solutions out there, each with their own specific features and implementation.
However, HTTP already has conventional caching mechanisms that are built into the protocol.
We'll talk about TTL control, cache variations, conditional requests, stale data, revalidation, error handling, surrogate control, HTTP placeholders, range requests and many other performance techniques that will make your website go faster.
There's a lot of fuss these days about the new (level 2) transforms, specifically about individual transforms. In this session we'll see some of the great quick wins and cool new things we can now do (the good), understand the limits and constraints of individual transforms with live examples, reviewing cases where you shouldn't use them, or just can't (the bad), and talk about the syntex (the ugly).
Most data security vaults are purpose-built for specific use cases like PCI compliance, and have rigid classifications that make them useless for any other practical application. What if you could store sensitive data values as universal, configurable tokens that can be masked, aliased, or searched, with attributes that you get to define? With Basis Theory, you can. Learn how to quickly tokenize any data record for security and compliance.
Vitess (vitess.io) is a framework built on top of MySQL for horizontally scaling MySQL. It was designed at Google for scaling YouTube through hyper-growth and has since then been release to Cloud Native Compute Foundation (CNCF) were it is considered a "graduated project".
I will guide you through the basic architecture and the most important components and features.
Beer brewing can be fun, but combining brewing with IoT device hacking is even more fun. It is possible to connect and collect data about almost anything, including the fermentation process inside a closed fermenter using open source technologies. In this presentation, the speaker will introduce basic concepts of IoT devices, how to collect the data efficiently and how to use various tools to store, extract and manipulate that data.
Like testing is an essential part of software development lifecycle, automation is an non-negligible part of testing. It has great benefits and sounds like it is a silver bullet. But is it? I will discuss the most common pitfalls of test automation, by giving rel life examples for each of them.
We will see 10 difficulties along with 10 solutions against them. I will share what kind of challenges I encountered and how coped with them.
Email has been around forever and is taken for granted – but it has become more complicated recently. New features like SPF, DKIM, and DMARC are misunderstood and many get even simple things wrong. Email is radically different to most other protocols, and attempts to treat it like HTTP are doomed to failure.
So we'll go back to basics, review how email works, avoid common mistakes, take advantage of new features, and stay out of the spam folder.
Jakarta EE 10 is packed with new features for simple development of modern, lightweight enterprise Java applications for the Cloud. The new Jakarta EE Core Profile enables developers to develop microservices with Jakarta EE technologies with runtimes smaller than ever.
In this session, we will explore the new features of Jakarta EE 10 in an interactive way packed with live code demos. We will take a peek at what to expect from Jakarta EE 11.
Project Loom introduces virtual threads, lightweight threads that aim to dramatically reduce the effort of writing, maintaining, and monitoring high-throughput concurrent applications on the Java platform.
This talk will explore what virtual threads are, how they are implemented,. how they solve our modern problems, and what, if any, shortcomings there may be.
There are certain Java APIs that we use in our everyday programming. However, we may not be aware of their notorious performance side effects. In this session, we are going to discuss a few common Java APIs and their performance impact on your application.
Kubernetes makes it easy and reliable to deploy and run your services. But just deploying your web application is not enough in order to run it in a highly available and reliable way. You also need to care about databases, backups, monitoring, alerting, tracing, log management, security, DNS, load-balancing, TLS certificates, CI/CD pipelines, deployment strategies.
In this talk I'll show live, how you can set all of this up within 60 minutes.
On ne croit pas si bien dire quand on parle de Spring comme étant de la magie. En effet, tout comme un tour de magie, dès qu'on connaît le truc, l'illusion s'efface et on comprend mieux ce que nos yeux voient. Dans cette présentation, je tâcherai de démystifier le fonctionnement du Spring Framework et de Spring Boot en abordant des éléments comme : Bean Lifecycle, ApplicationContext, BeanFactory, BeanPostProcessor, proxying et autoconfiguration.
Cette conférence traite des outils et des meilleures pratiques pour comprendre et améliorer sa qualité de vie au travail et celle de son équipe. Pourquoi? Les organisations qui privilégient la qualité de vie au travail réalisent des bénéfices jusqu’à 2,5 fois supérieurs. Elles améliorent la satisfaction de leur personnel, leur attractivité, leur taux de rétention et de mobilisation de leur personnel et diminuent l'absentéisme.
Jest, Mocha, Ava, and other Node test runners long dominated the unit testing. Now Node.js has released its own experimental unit testing framework. Learn how it compares to other test runners, which interesting features it provides, and if you should rewrite your tests to switch to the built-in "test" module.
When developers see Cypress component testing, their eyes light up. You see the component running right in your browser, you have all your debugging tools, and you can gain full confidence in how the component is working. In this talk, I will show how component tests can verify that a React Sudoku application is implemented correctly. The same testing approach can also work for Angular, Vue, and Svelte component testing.
Chez Mirego, nous avons débuté le développement Web3 il y a un peu plus d'un an sur un projet de finance décentralisée. Sous une forme de récit, d'humour et de code, vous apprendrez comment structurer votre architecture de système, comment connecter votre backend sur le blockchain, comment maintenir et faire évoluer un écosystème de smart contract dans un cycle de développement et bien plus.
In this session, the presenter examines what makes an ideal function. The presenter then leads attendees on a Live Coding Adventure(TM) demonstrating how to create candidate functions using Spring Cloud Function and deploy these open source functions via Azure Functions, integrating everything in the cloud to reveal some potentially very welcome discoveries. Come to this session to learn how to incorporate functions into your critical systems.
In this live-coding session we'll build a full stack, reactive sales dashboard from scratch and see how you:
- Set up a Kafka Consumer with Python.
- Build out a WebSocket server to broadcast live data to your users.
- Create a basic React app to visualise data in a way anyone can access.
By the end, you'll have all the foundational pieces of a dashboard that could serve KPIs to everyone in your organisation.
Open source is an amazing phenomenon, but it's hard on maintainers who have to deal with perpetual demands from a sometimes hostile and even abusive user base.
What can maintainers do to help manage this? How can users make it easier for maintainers to help them, and how can they contribute to the open source ecosystem?
We'll talk about tools, techniques, and strategies for reducing maintainer stress, and raising incentives to keep delivering.
One of the reasons we love visiting conferences is to hear and learn something new. So, why not learn something brand new? Why not learn a bit or two about ... R language?
R makes Data Science and Machine learning a breeze! And it has a loving community built around it.
This talk will make you fall in love with it! Guaranteed!
The environmental cost of ML has been increasing in recent years, due to its ever-increasing adoption in many software applications, as well as their size and complexity. Many parameters impact the carbon cost of a python program, such as the hardware used and the location of its execution. In this talk, we present the internals of Code Carbon, a library developed to better estimate the impact of ML projects, throughout their global life cycle.
It's not just stock market charts that have patterns. Your application memory also has patterns. In this session, you are going to learn 6 unique memory patterns. Using these patterns, you can *predict* application outages well in advance and also optimize the application's performance.
Last year Webpack introduced module federation which can help you slice up your UI into multiple applications using the micro-frontend architecture, but should you use it?
Come to learn about when the micro frontend architecture should be leveraged and how module federation can help you with your implementation. Along the way, you will hear about the lessons learned from having it in production for more than one year at AppDirect.
In the pre-container era, the most common way of running PHP applications was with Nginx + PHP-FPM, with containers this is harder as you need two processes: Nginx and PHP-FPM.
S6 Overlay can help to manage multi-process applications in a container - it takes the burden of security aspects, signal handling, configuration and log management off your shoulders & make your code more readable!
Database mistakes are easy to make. Join us and learn from mine! From poor schema design to lock contention and botched migrations, you'll learn about database traps and how not to fall into them. You'll learn where databases are the best choice and where they aren't and how to fix mistakes early so they don't haunt you forever. Whether you're a beginner or an experienced DBA, hearing about my missteps will help keep you on the safe path.
Backups are important! Everyone makes mistakes, bugs are easily overlooked, hardware will fail eventually. If you don't want to lose data when disaster strikes, your backups will be your saviour. In this talk I will guide you through some of the most common backup techniques for MySQL that we use in 2022. I will explain the strengths and weaknesses of each solution.
In this session, we discuss storing JSON in our database and how the tools in MySQL can make that task a bit easier. We will start with a discussion of why you might want to store data as JSON. We will then demonstrate how you can store/update/retrieve JSON data stored in a relational database table. Lastly, we talk about how we can use relational data as JSON and vice versa.
Vous livrez des bugs dès que vous touchez au code? Vous êtes stressés lorsque vous livrez en production? Vous subissez certainement votre dette technique. Mais qu'est-ce que la dette technique? Quels en sont les impacts? Comment l'éviter et minimiser le temps à investir dessus? Vous découvrirez des clefs pour mieux gérer votre dette technique. Avec notamment des outils comme Renovate ou Openrewrite.
2022 was an exciting year in the open source database industry, with more choice, more cloud, and key changes in the industry. We will dive into the key developments over 2022 and new ones of 2023, including the most important open-source database software releases in general, the significance of cloud-native solutions in a multi-vendor, multi-cloud world, the new criticality of security challenges, and the evolution of the open source industry.
Open source projects are often driven by the need to scratch a software itch. But while innovative, exciting and available, they may not be ready for prime-time, especially in your applications. You should consider the impact of using just any project in your code or environment. That’s where tools such as maturity models can help you understand the risk/reward of projects from different dimensions like stability, activity and support.
PHP propulse une grande partie du web mondial depuis 20 ans. Il est même le principal langage de beaucoup d'entreprises de la French Tech. Nous allons nous intéresser à sa dualité : capable de créer facilement une page web dynamique mais aussi construire une application complexe avec des enjeux de performances et de fiabilités. Je vous propose un tour d'horizon du langage, de son évolution, de ses principaux frameworks et de son écosystème.
in this talk, we'll see some of the common patterns used to address distributed transactions. We will address the pros and cons and learn some of their frequent use cases.
What's the best way to make two apps communicate? How do you split one big app into two smaller ones? How do you switch from a single app to a constellation of services? Event streaming provides the most robust answer. Simple but powerful Kafka streams unlock a world of capabilities with their durability and consistency, but integrating with applications poses challenges. Join us and learn the streaming data patterns you need for your system.
Struggling to get your website to load in less than 5 seconds on a mobile phone? Switching pages are a little sluggish? You’re not alone! Most web developers can build a responsive site, but fail to meet performance requirements for mobile. Using the latest PRPL pattern and Progressive Web API’s, you can provide a compelling alternative to native apps, as long as performance remains your top feature.
While PostgreSQL is a mature database, it packs a punch when it comes to features. This is a talk to talk about various features of PostgreSQL like.
* Crosstab queries (Pivot Table)
* Window functions
* JSON operations
* Full text search queries
* Row level security
Predicting the future is not easy! Forecasting peak operating conditions and avoiding unexpected equipment breakdown is possible, that's the goal of Predictive Maintenance. Attend this session and learn how to train a machine learning model in Visual Studio with ML.NET Model Builder, and build an app that uses the model. Fair warning - I cannot predict how live demos would go. I will do my best.
Remember when everyone told you to use async/await so code could run concurrently? That’s still good advice, except it may not be the concurrency you are trying to achieve: sequential async/await calls are still sequential!
In this talk, we'll have a look at System.Threading.Channels, and how it can help you run code faster and with added concurrency, by tapping into its producer/consumer approach.
The developers' productivity has a big impact on all aspects of their professional life and career and even on their happiness. But what does productivity really mean? How can you keep getting more productive in your lifelong developer's journey - and keep coming closer to the mythical "10x developer"?
In this session, you will learn a bunch of experience-based techniques, tools, and tips in five different areas for improving your productivity.
Everyone does Azure (or cloud in general) Unfortunately most of the projects encountered are not using the resilience or HA design features they need or can be provided by Cloud Platforms. This session provides guidance on resilient approaches, patterns & practices and discusses design for failure, specifically targeted at the Microsoft Azure Cloud Platform (but applicable to other cloud platforms as well )
Do you know what the functional properties of your system are? Do you know how to verify them? In this presentation, we'll show how Property-Based Testing can augment unit tests by offering a much wider coverage of possible inputs. We'll also demonstrate how fast-check, a framework for TypeScript, helps us guarantee that our main business objects remain in a predictable state.
Kubernetes makes it easy to deploy, manage and monitor your cloud native applications. Security can be a challenge in such a dynamic, containerised environment, though. Ensuring that your containers are not containing vulnerabilities is vital throughout the complete supply chain, from development and CI through deployment and admission controls to security at runtime.
In this talk you will see how you can secure you containers.
Imagine you have a web application and you want anyone in the company, or a 3rd party contractor, to be able to quickly prototype new view layouts or different UI frameworks. You want them to be able to get up and running quickly. You don't want them cloning the source code, setting up databases, working with configuration files, and so on. In this talk, you'll hear how Docker is being used by Dovico to speed up development of Timesheet.
Redis sait faire bien plus que du stockage clé/valeur simple.
Grâce à des structures de données évoluées et a ses performances hors du commun,
il devient un allié très puissant à ajouter dans sa stack préférée.
A travers une série d'exemples, des trucs & astuces, nous verrons comment
DNS is one of the few systems that we, developers, use everyday, regardless of our technical stack. On the other hand, it is probably one of the most widespread systems of which we only know the surface.
In this talk, we’ll dive into DNS core principles using tools that allow us to explore and learn about how it *really* works. We’ll also take a look at a few implementations and use cases for DNS that have become popular in the latest years.
Aussi commun que cela puisse paraître, presque chaque entreprise met en œuvre l'authentification d'une manière différente (souvent complexe). Dans cette session, nous aurons un aperçu des multiples méthodes classiques d'authentification et verrons comment nous pouvons la moderniser en utilisant un projet open source.
Since almost 25 years, Cross-site scripting (XSS) is one of the most common risks for web application. Yet today, there are many ways to protect a web application from the attack: browser features, HTTP headers, and special APIs. This talk first discusses why XSS is dangerous at all and then covers countermeasures: Content Security Policy, Trusted Types API, and protection in SPA frameworks. After this talk, there's (almost) no excuse to get XSS.
How we look at incidents, risks & safety is changing, both in- and outside our industry. And there is a lot of exciting research done in the field of safety science.
This talk will give an introductory overview of topics like Safety I & Safety II, systems thinking, human error & human factors, resilience engineering and adaptive organizations, as well as a series of literature tips to continue your learning journey.
Saviez-vous qu’au Canada, 58 % de la nourriture produite est gaspillée ou perdue? Pourtant, des technologies comme l’intelligence artificielle pourraient permettre de nettement réduire ces pertes. Découvrez comment Patates Dolbec a utilisé un modèle de classification PyTorch pour déterminer la qualité de leurs pommes de terre, évitant ainsi le gaspillage de plus de 500 000 livres de patates par année!
Deploying real-time machine learning models has its own challenges: such as complexity, scalability and performance. In this seminar, Fawaz will address those challenges and demonstrate the best practices for real-time machine learning models, written in Python, Java or using remote services, from training to inference and deployment with ultra-low latency at scale and at speed, using the Hazelcast platform.
Hacks and data leaks of Personally Identifiable Information (PII) happen almost daily. Too much of that data was unencrypted at rest, giving hackers complete access to that information in plain text.
Tokenization can reference and use encrypted data without decrypting it. And you don’t need to form a DAO and mint tokens to use it – it’s much easier than that!
In this talk you’ll learn how tokens can strengthen your app’s data security.
This session explores how to think about security from the front to the back of a typical serverless application. How do you configure AWS serverless services to provide least-privileged access while ensuring functionality? How should you think about managing IAM policies for your AWS Lambda functions? We cover all this and more, leaving you with concrete examples applicable to almost any workload.
Boite à outils complète pour implémenter des processus d'authentification fluides et sécurisés, Keycloak permet de gérer simplement les identités et l'accès à vos applications de bout en bout.
En quelques actions, vos applications supporteront le SSO, l'authentification multifacteur, la fédération d'identités, la gestion de compte et même le consentement utilisateur.
A tous ceux qui souhaitent améliorer la sécurité et l'UX : rejoignez-nous !
- "I don't use AWS Lambda because it's hard to test"
- "I'm mocking S3 so it's not a real test"
- "The feedback loop is terrible, the developer experience is awful"
Well well well, that's not true!
In this presentation, we will address those common beliefs by providing production ready examples.
We're going to take the practical path. I'll show you how to build a React app step by step. In that way I'm covering all you need to know to get started. At the end of the session you'll be the judge if you should React.
Web Components are excellent for building framework-agnostic reusable elements that must be shared publicly or reused across multiple projects. However, developers run into common issues, including the dreaded flash of unstyled content (FOUC) or Shadow DOM breaking native forms. In this talk, I'll describe how to solve these issues by avoiding common Web Component pitfalls while server-side rendering.
Last year we have build an application for web and mobile using as much code sharing as possible between Xamarin Forms and Blazor. Come learn about our successes, our failures and how different things would've been if MAUI had been released a year earlier.
Our natural approach to microservice testing is with all services integrated during the testing phase. This mindset is opposed to the essence of microservices, independently deployable units.
During this presentation, we will go through an emerging testing technique that reduces our need to integrate service before deploying into production, contract testing with a collaboration flow between teams.
With 2 major web technology advancements, container queries and the decoupling of module federation from webpack, Micro Frontends architecture about to become as ubiquitous and mainstream as microservices. So what do you need to know? What are the pitfalls and tradeoffs, and what can you do to introduce Micro Frontends to your web application architecture?
Docker made containerization popular and lead the way to what many see as modern DevOps. But today Docker is far from the only or even best means to run your containers! This talk will introduce you to podman, the Docker alternative that does not require you to sacrifice security, offers best in class Systemd integration and even plays nicely with kubernetes. Are you ready to have a look?
Applying AI to real world problems in a supervised fashion requires large set of data covering all aspects of the problem we are solving. In reality, it’s impossible to build such dataset thus giving our model limited understanding of the problem leading to absurd predictions. The solution is Contrastive Learning which learns similarities and differences by contrasting samples against each other therefore limiting the need for human supervision.
OAuth is one of the most important but most misunderstood frameworks out there. What you think it is, it isn’t. What it actually is, you haven’t considered. Regardless, when you consider the standards, specs, & practices, it’s impressive what you can accomplish with minimal effort.
In this session, we’ll explore through the most common RFCs that are combined to make powerful, robust, and secure solutions that drive modern software development.
Staff and line are names given to different types of functions in organizations in business literature. A staff engineer under this definition is not a title, but a developer who works in a supporting role. In this talk, I'll explain how the distinction between line and staff can help you understand promotions, skillset development, and help chart your career progression.
Every wondered why you are eager to fix some issues and some leave you cold. Every pondered how your brain can affect the security of the software you build? Then this is the talk for you.
In this talk we will look at 4 human behaviours, the psychology behind them and how they affect our ability to protect what matters most. Finally, giving you some tactics to trick your brain and improve security on the way.
.NET 7 is here! Together with .NET 6 it has been some very exciting releases. Let's dive into some C# 11 goodness, explore the breaking changes, new additions to LINQ, MAUI and much more!
Localization and Internationalization are two core concepts to create sites and applications for international users. But the underlying technical challenges and concepts are worth taking a closer look. Like those different locale-strings. Or the differences between language, countries and dialects. And how do they influence the way dates or numbers are formatted? Let's unravel those mysteries to build sites that can truly be international.
Coding with static types feels safe, the compiler has your back.
But today, you got a critical issue in prod: payments are failing! A quick check of the logs left you puzzled: TypeError: discount.toFixed is not a function. Wait... Isn't discount supposed to be a number here? How did that happen? Why didn't the compiler catch it before?! Worry no more.
I'll show you where your blind spots are, and a simple way for you to fix them.
I've been working with Python typing annotation in the last few years as part of our main product and I've always been curious about how it can be pushed to prevent errors.
Mypy quickly shows value by catching these unexpected `None`, but can we do even better? This presentation explores how advanced features of python typing can be used to prevent insecure use of API leading to common injection attacks.
Finite State Machines are a powerful tool used to fight complexity in software.
Accessibility is a nice to have feature. Accessibility is hard to implement. Accessibility benefits few people. Those are some of many myths out there about Web Accessibility. In this session, we will bust these myths, and more. I will share facts and examples to answers your questions and give you the info you might need to plan for an accessible and inclusive product.
Webhooks are a pillar of modern app development. They notify us of that new commit, an incoming text message, our email was delivered, and a payment was processed. Our systems can’t function without webhooks sending data seamlessly and securely across the internet.
In this session, we’ll delve into the 100+ implementations we explored to build webhooks.fyi to identify the best and worst patterns to protect our systems now and in the future.
Is it your technical skills, your expertise, your social soft skills or your teamwork that make you a great software engineer? The next decade might completely change the perspective considering all significant progress that has been made in the machine learning field. So will the future of software engineers depend on our ability to describe a problem for a machine? Does it mean that we need to think differently about our team and expertise?
The Python Web Server Gateway Interface, or WSGI, is the underlying core protocol that drives the majority of Python web development. Understanding how it works and being able to work with it can be a critical skill that you can apply to extending Flask and Django web applications. We'll dive into the specification just enough to build out a simple web application and then put one of the pieces into a Flask web app.
Sylius and API Platform integration is the project that we started in early 2020. Since then, we were working hard designing, delivering and adjusting our new API. We've learned a lot and during my presentation, I would like to share our findings. During my talk, you may expect answers to following questions: How to design more complicated flows in API? Why did we design our API this way? What were our heuristics and what did we achieve?
We all know that developing and training an artificial intelligence model is quite the challenge in itself, but when it comes to actually deploying it within a company, it seems to open the door to a whole new set of problems.
In this conference, Alexis Fortin-Côté wishes to demystify the different scenarios and obstacles that can be encountered when putting an AI model to use in specific contexts.
On November 8, 2022 .NET 7 was released. As a part of this new version with 1.5 years of support, the web frameworks ASP.NET Core and Blazor were updated. This session will showcase the major new features that were added, including many live demos. Especially when currently using .NET 6, an upgrade to .NET 7 is optional, so you should know whether the new possibilities are worth the migration.
In this presentation we'll have a look at the new features added in PHP 8.1 and 8.2.
We'll have a look at how the type system is strengthened with Enumerations and "never", Fibers, a new closure syntax, the First Class Callable Syntax, intersection and disjunctive normal form types, readonly classes, and other smaller features.
At the end you will have a good understanding about all the exciting new features that are new in PHP 8.1 and 8.2.
Python 3.11 is the latest release of the Python programming language with several improvements and new features. It’s also the first release with performance improvement from “Faster CPython” effort with speedups up to 10-60%. I’ll give you an overview of new features, how the performance improvements were implemented as well as a peek preview of new features in 3.12-dev.
… you might have asked the wrong question. In this session we will take a look at time and its oddities. And determine whether the all-time favourite "Use UTC" actually is a good option in each and every case. And if that should not be the case, what other options we have at hands to handle time in our code and in databases.
What if I told you that in just the last 2 years, AIs have learned to: write in Shakespeare's style; write code and refactor it; and generate any images you can imagine in just few seconds!
In this talk, I'll look at the milestones that allowed openAI to achieve such incredible results and what this new generation of AI is capable of
Moving your project to the latest Java can mean faster code, cheaper cloud bills, and many more. Up to 25% of heap memory can be saved just by using Java 11. Plus, if you write your code to the latest Java, it will become clearer, concise, and easy to read, which means less chance to produce bugs.
In this short talk, I will demonstrate a few small and easy steps to upgrade your knowledge and Java code to the latest version.