La liste des présentations est sujette à changement sans préavis.
The Internet of Things is increasingly driven by sensor data, with devices taking measured actions based on everything from wind speed and direction, vital body functions, illumination intensity, and temperature.
In this session, we will showcase how to build a fully functional sample IoT monitoring application built on InfluxDB — with functions such as visualization and creating alerts from uploaded sensor data in a custom user experience.
Why are most of us a little afraid of touching YAML files and don't even dare to look at build scripts? Much of this is because C# developers are spoiled with a great language, and they don't like missing their buddy for code-completion, ease of debugging, refactoring, and code formatting. Let's dive into NUKE and bring build automation to an even level with every other .NET project.
Production problems are tricky to troubleshoot if proper diagnostic information isn’t captured. In this session, we will share with you 16 important artifacts that you need to capture. We will also discuss effective tools that you can use to analyze those artifacts.
Kubernetes is great, but sometimes can be hard too. What about making it easy and productive at the same time? And what if we would spark joy while coding Kubernetes-Native Java applications?
Look no further! Join us on this talk and learn how to have loads of fun with millisecond application restarts, experience tons of productivity, and how to make the job of deploying on Kubernetes a matter of a few keystrokes. With Live Demos!
Let's take a deep dive into the world of perspective and movement, and learn to harness the power of CSS to add depth to our elements and spice up our design with animated 3D buttons, menus, info cards, and more.
Comment être plus productif et qualitatif ou bien rentable et stable ?
Accelerate (la science derrière DevOps) est une recherche de 4 ans qui a défini les pratiques informatiques pour améliorer sa performance organisationnelle: productivité, rentabilité et être plus concurrentiel.
La force d'Accelerate est que c'est applicable à toutes les entreprises (note inscrite dans la recherche) et aide aux choix stratégiques dans son entreprise.
The quality of user experience is a game-changer for the success of any online platform. This means, developing web applications with user needs in mind; interaction, widgets and coding dynamic content. In this session, developers will learn accessibility techniques to implement and common mistakes to avoid in order to ensure compliance with the Web Accessibility Guidelines (WCAG 2.1 AA).
The power AI is providing for the IoT deployment has become a game-changer, being one of the drivers of IoT. Offering a multitude of advantages based on the capacity to automate services, management, and maintenance of IoT devices, but current centralized solutions present certain vulnerabilities such as, security, data processing, and real-time data to information. To solve it we will present a decentralized AI data to information refinement.
AI enabled IoT creates intelligent machines that simulate smart behavior and supports in decision making with little or no human interference. Attend this session to learn about using machine learning to train custom object detection model, use Azure Percept to collect data, deploy model and manage edge device.
How does history repeat? If Free Software and Open Source made history, what kind of history was it and what future does it presage? In this talk, we’ll examine the past, present, and future of information technology and freedom, stopping along the way to visit ancient god-kings, hacker heretics, long-dead muftis, and ourselves in the year 2007.
Domain-Driven Design (DDD) is an architectural approach that strongly focuses on materializing the business domain in enterprise software through disciplined object-oriented analysis. This session demonstrates first-hand how DDD can be elegantly implemented using Jakarta EE via an open source project named Cargo Tracker.
Cargo Tracker maps DDD concepts like entities, value objects, aggregates and repositories to Jakarta EE code examples.
Tests are great. But every once in a while we just wish they’d never been written. Have you wanted to alter functionality slightly but in doing so half the test suite goes from green to red?
This talk will investigate why this happens. In particular it looks at the coupling between tests and the code under test. We’ll investigate ways we can reduce this coupling and make out test suites more resilient to change.
Astro is the hot new static site builder for creating user-centric websites with “islands” of interactivity ...and the coolest part: You can even use React, Vue or Svelte components to build your site, or a combination of them, it doesn’t matter, it’s whatever you prefer.
So come learn about the Islands Architecture, the features of Astro and how you can build full featured interactive websites
If you listen to the 3 biggest players in public cloud, they will all try and convince you that they are the "best choice" for moving to the cloud. However, they all have their idiosyncrasies and those may be the determining factor in deciding which provider makes the most sense for you and your systems. In this session we will go over those idiosyncrasies, what they mean to potential customers, and how they may affect onboarding and operations.
You have analyzed your code with your favorite quality inspection tool. You have seen the metrics. Some of them are clear, some are not. Now what? What are the next steps? What’s the best way to tackle Technical Debt? In this session, I will discuss all the above based on my 10-years experience
Are you fed up with having to manage Azure infrastructure through the portal? Not to worry, we now have Azure Bicep, an Azure native approach to Infrastructure as Code!
In this session, Henry Been will give you a tour of Bicep templates. Together, we will explore how to set up an infrastructure that is ready for deployment of your application code. We will touch upon syntax, nesting, loops, manual deployment, and deployment from a pipeline.
How Serverless technologies can be used to build a real-time pizza tracker?
In this talk we will dive into serverless-applied design-patterns with a live-demo session to answer the following question :
why and how a serverless architecture can be a great fit for realtime and highly scalable use cases?
Blazor brings C# to the browser. Azure Functions lets your back-end scale. But how do you get started? In this talk, we will walk through the complete development process, from writing and debugging our Blazor WebAssembly app, to spinning up an Azure Function, to creating a CI/CD pipeline, and more.
Come to this talk when you want to improve your development process with the best tooling and focus on the business value of your projects!
Traditional software development occurs in phases, where QA, security and other roles act as gatekeepers to production. This leads to silos, delays and doesn’t scale.
So, instead of waiting for a human to decide what is and isn’t valid, learn how to use automation to continuously enforce standards in your software. Let’s turn gatekeepers into build breakers!
API Platform is a Symfony add-on that helps you automate the creation and personalization of a REST API. In this talk, you'll learn how to get started with API Platform. From a Doctrine data model, we'll generate a full featured series of CRUD API endpoints to read & write your model. We'll also cover more advanced use cases such as search filters, serialization contexts, authentication & authorizations, custom API endpoints, and extension points
In this session we'll be leveraging Varnish, the popular HTTP caching software, to build our own CDN. The goal is to build a multi-tier CDN with multiple Points of Presence. The various tiers take care of origin shielding, storage, request routing and decision-making on the edge.
The Varnish Configuration Language, Varnish's built-in programming language, will play a big part and will allow you to tailor the behavior of the CDN to your needs.
For an engineering team to thrive and evolve, it has to stand on clear core values and principles. Often times, these are implicit and shared only organically. This can be a problem as the team grows.
In this presentation, we’ll take a look at a few principles on which engineering teams can lean on to achieve excellence in building amazing software while developing themselves and scale at the same time.
Nobody questions building back ends with NodeJS anymore. It has proven itself and is widely accepted as an excellent platform for web servers. But have you ever thought of building CLI tools with NodeJS? It turns out that NodeJS is also great at that. Using just a few simple built-in modules, you can create powerful tools that can be used in terminals in all operating systems. In this talk, the attendees will learn how to use those modules.
How to build a testing strategy for a grocery e-Commerce website hosted in the cloud.
Why are performance tests needed?
Step by step approach on how to build the test plan.
How to reproduce human behavior in scripts to get as close to reality as possible.
Virtual users or traffic generators - what should I know?
Types of tests and how to define a successful test.
How to present the results.
Everything fails all of the time. Failure happens, failure is inevitable. It’s how you respond that matters.
For a lot of people, failure has a negative connotation. I don’t see failure as being the opposite of success. I think failure is an opportunity!
Join me on a journey to discover more about pain, happy little accidents, trial and error, learning opportunities and resilience.
It's time to start embracing failure!
We will create an optical character recognition (OCR) application using Angular and the Azure Computer Vision Cognitive Service. Computer Vision is an AI service that analyzes content in images. We will use the OCR feature of Computer Vision to detect the printed text in an image. The application will extract the text from the image and detects the language of the text. This app will support 25 different languages.
While a relative newcomer, Svelte has gained quite a bit of popularity as a front-end web framework. Developers can quickly create apps using a syntax which feels natural. In this session we'll explore what makes the framework unique and how to create a Svelte project. We'll see how to create components, and work with properties, events and state.
The importance of sustainable computing currently is paramount due to the necessity of IoT deployments at a global scale. A situation where centralized solutions are having immense problems performing at sustainable computing levels because of the exponential energy consumption required to drive IoT devices worldwide. In our presentation, we will be exposing how clustered edge computing provides sustainable computing.
While many messages tell us graphs are easier to understand, writing and structuring graph queries is often different than our current skills. Join us as we dive into the structure of a graph database and understand how queries operate. We will cover tips and tricks, as well as pitfalls, to help us avoid future problems. Come to this session to see how to navigate graph data with confidence to retrieve accurate and performant results!
In today's event driven world, asynchronous background processing is a given. But using a rather traditional approach of periodically running scripts causes unnecessary delays and other problems. On the other hand, long running background processes are not exactly known to be a strong hold of PHP.
Is that still true for modern PHP? If not, how could such a process look like? Could we make it scale? Good questions, this talk has the answers!
How much can we do with Kafka in a lunch break? Let's find out.
When building an application on top of a relational database, it's very easy to fall into antipatterns that can cause the application to perform poorly as it scales… or when you first turn it on! The scope of this talk is talking about the most common ways in which applications abuse databases, and how to address them early in development so you are not struggling later. We'll use PostgreSQL for examples, but the information isn't exclusive to it
Databases! Every developer comes across them in their careers. Just like me, I started my career as a PHP backend developer on a typical LAMP stack. In our organisation we did not have a MySQL DBA so I started to learn about how we could make our database as reliable as possible. I will show you ways for making your database more HA, how to make service discovery easy and seamless to the applications and I will talk about backups and monitoring!
In September 2021 the old root CA of Let’s Encrypt expired, which caused connection issues all over the world. In my talk you will learn how to debug, understand, and avoid problems with TLS connections and certificates. I will introduce you to various techniques and tools like scanners, packet analyzer, and command line tools for investigating problems.
Likely some terms starting with the word "event" are invading your professional space. "Event-driven" is already a buzzword in IT marketing and sales. The tech terms list is much longer. It includes "event streaming", "event storming", "event sourcing", "event store", "event modeling", ... Getting dizzy already? Don't worry. This talk is an “event-dizziness” cure. It'll walk you through the entire "event land" and explain what is what.
Many developers are stuck in the comfortable world of IPv4, but allocations have already run dry. Broadband and 5G mobile networks are expanding IPv6 availability, and IoT loves it! Migrating to IPv6 is a big change. This talk helps you learn what IPv6 is, what you need to do to get your services working on IPv6 (it's not as scary as you might think) and related changes you need to make in your applications and databases to accommodate IPv6.
La sécurité des applications consiste aussi à ne pas exposer d'informations sensibles dans le code (ex. Mots de passe ou clés d'API dans les fichiers de configuration applicatifs).?
Durant cette session, nous verrons comment éviter cela et ainsi renforcer la sécurité de nos applications.
What makes a good API? What makes people *want* to use yours? It doesn't matter if it's REST, RPC, or something else - the API design should start with purpose. Let's talk about API evolution, verifiable consistency, clear description, runnable documentation, implementation architecture, and other techniques to minimize the development effort and ease the integration for our clients. Let's also dispel a few myths about HTTP, while we're at it.
With Microfrontends, we can break this monolith into smaller independent, maintainable apps.
Sounds good? Let’s see how in this talk.
Concurrency is one of the most attractive yet super simple features of Go. It comes in different flavors and levels of power to ensure that we can get the best out of it with minimum coding. In this talk, I'm going to cover the following topics :
- Mutex Locking
The purpose of the talk is to get the audience familiar with all these concepts
Many people pin the quality of their test suite on code coverage yet at best this is a flawed metric. In this talk I will show you why relying on code coverage alone will not guarantee the quality of your test suite. Along the way we'll delve into engineering practices and techniques that speak directly to the usefulness of your test suite. By the end of this talk you will be able to really ensure your tests are helping you deliver quality code.
Embedded mobile data persistence has always been a complicated topic. For long, SQLite has been the only viable embedded database. We offer an alternative that's easier to learn, strongly typed, simpler to use, more flexible, and more in line with mobile application development architectures.
When you publish your first API, you’re more focused on short-term issues than planning for the future. However, if you are successful, you’ll “hit the wall”. How do you evolve your API without breaking the contract with your existing users? In this talk, I’ll show you some tips and tricks to achieve that: moving endpoints, deprecating them, monitoring who’s using them, and letting users know about the new endpoints.
TypeScript est devenu très populaire auprès des développeurs, mais de nombreux projets n'exploitent pas au maximum les avantages de ce langage.
Cette présentation sera l'occasion de voir un ensemble de trucs, astuces et bonnes pratiques pour les développeurs qui veulent aller plus loin que "juste" mettre des annotations de type.
Chaotic classpaths can be be source of constant unexpected problems in development and production. All too often everything including the kitchen sink is dumped onto the classpath to make an app work. Who has time to look or figure-out research conflicts or troubleshoot transient errors? In this session I cover some of the bizarre issues I've had to troubleshoot (in production!) along with tools I've created to to identify and resolve problems.
Have you ever found yourself constantly editing the same three files? Maybe there's a test that fails every time you change something?
These are the results of brittle code. In this talk, we will put on our Sherlock Holmes cap and use the power of
git in combination with graph analysis to find out where the brittleness hides and to quantise its severity.
Learn how to simplify building event driven, serverless microservices architectures with Azure Event Grid.
In this session Sam will show you how you can use Azure related events published in Azure Event Grid, that your applications and services can react to. You’ll learn how to react to events by using event handlers, how to publish customer events from your application. Sam will also explain the concepts Event Topics and Event Subscriptions.
Already, PHP 8.1 is upon us, and it is bringing a truckload of new features and modernizations. Enumeration, readonly properties, new initializers, intersection types : we are in for a treat !
This session present all the upcoming incompatibilities, the exciting new features and how to get your code ready for them !
A lightweight HTTP API can use the ASP.NET Core Middleware, such as routing, authentication and authorization. But using all of the MVC framework is just overkill!
Dropping MVC means you will have to handle some things yourself. ASP.NET Core 6.0 introduces the missing link!
We will explore what minimal APIs are, and what they are not, and how/where your applications can benefit from this lightweight model to building HTTP applications.
Working with keyframes can be difficult, even if you only have one animation, but the real problems begin when you have 3 objects with 5 animations, each with different keyframes, a different duration, different timing-function - and yet they all need to be in perfect sync. So how do we do that?!
Join me while I break down my thought process and share my method for creating compound animations, plus tips and ideas from my personal experience.
Since MySQL 5.7 InnoDB Cluster saw the light. Back then it was not as popular because it was considered too new technology. As with any new product, there were numerous bug reports. With MySQL 8.0 the solution has matured a lot, many of the problems have been addressed and so it has became a full scale high availability solution for MySQL.
Life is filled with tradeoffs, but life is better when you know the tradeoffs *before* making important decisions, and this session demonstrates some of those. As both a Java Champion and Kotlin Developer Expert, the presenter loves both children equally, but not in the same ways. Come to this session to see several places in which your choice of language could result in either promise or pitfall. All examples will be coded live & in real-time!
Most applications only know the present. Their state is updated on every change, effectively losing information that existed in the past. Can that be a limitation? Missed opportunity? What if your application could remember its entire history? Would that be helpful, or is it a worthless effort? This talk will help you make mental models of the Event Sourcing, DDD, and CQRS concepts and implement them in Java.
Understanding the inner workings of a GraphQL server can be a daunting experience. This talk will touch everything from defining schemas and implementing resolvers to federating multiple schemas together, with examples using ApolloServer in NodeJS.
TLS encryption is a vital component of a secure internet; The basics are simple, but the practical realities are a confusing forest of acronyms. This talk gives you a breadcrumb trail through the backwoods of TLS, OCSP, ECDHE, HTTP/2, HSTS, and more – the problems it solves, how it works, its component pieces, how to test it, tools and resources to help you keep your data safe, and a glimpse of the future with QUIC and HTTP/3.
It’s no secret that engaging with your users will help you retain them, have more sales, & increase the user experience(UX). One of the most popular ways to engage your users is via push notifications. In this talk, you will learn about the benefits of push notifications, how to integrate them into your Web applications, and some of the most common scenarios of engagement with push notifications to take your customer engagement to the next level.
The wind is now turning around and it appears we are now going into an endemic. Prior to the pandemic, we had a vibrant ecosystem of usergroup. Join community leaders and members of the old guard who help build the community as they discuss they explore the path to a brighter future.
Many organizations struggle with building a reliable set of automated tests for their web applications. Yet a set of manual test plans is not an answer; testing without automation is slow, gives low confidence, and the test results provide little actionable feedback to the developers. In this presentation, I describe how a large company has built a comprehensive automated set of end-to-end test suites after two previous failed attempts.
Chances are your code already uses one of the HTTP PSRs in some way. In this 'no slides, just code' session we'll take a hands on look at how HTTP Messages (PSR-7) and HTTP Handlers (PSR-15) work, and how they can be properly leveraged.
Take a guided tour through both PSRs, and find out how you can use them effectively in your current codebase.
Hypermedia is not so much API clients crawling REST APIs, and more about applying concepts work for navigation of the web to our APIs.
In this session, we’ll consider the benefits of avoiding client-side path construction. We’ll also take a look at how applying some simple hypermedia concepts to our request/response design can open up significant potential for improvement, and greatly simplify the code consumers of our API have to write.
In this session you will learn how Neural networks are used to make predictions by predicting what type of pie will be created with different ingredients. But watch out! whenever you train data models you have to watch out for bias, and we'll look at Indigenous cooking practices from Chef David Wolfman to see if our Neural Network is inclusive! This workshop uses a drag and drop web interface, no coding experience required.
We will learn how to make an Angular app available in different languages using Internationalization(i18n). This talk will walk you through the process of Angular i18n by using their built-in I18n module.
For the purposes of this session, we will create a sample Angular application and serve it in three different languages – English, French, and German. We will also deploy this app on Firebase to see how i18n works in the production environment.
Clickhouse is a high performance, time-series database that allows storage of massive amounts of rapidly queriable data. In this session, we'll do a brief introduction to how clickhouse works, its optimal use cases, some neat features that make a huge difference when gathering statistics, and the different ways you can interact with it from PHP.
Monitoring solutions have multiplied in the past years, resulting in a wide array of tools and software incompatible with each other. In this session you will learn about OpenTelemetry, an observability standard covering traces, metrics and logs. The presenter will show a live demo instrumenting an application and then explore the traces and metrics collected.
Unlike JSON Web Tokens (JWT), which gives developers more than enough rope with which to hang themselves, Paseto only allows secure operations. JWT gives you "algorithm agility", Paseto gives you "versioned protocols". It's incredibly unlikely that you'll be able to use Paseto in an insecure way.
The first worm was benign, and designed to highlight security issues, but was so prolific it inadvertently took the Internet down for days. Nowadays, malicious attacks know no bounds. We hear stories of them targeting elections and even entire democracies!
Join me, as we explore why this is a challenge we can overcome and how YOU are part of the solution.
Become the Queen of the commits!
A talk to understand basic and more advanced concepts of git.
From a simple commit to how to get back from more complicated situations, come learn with fun!
This back to basics talk might be useful for everyone, even for more advanced programmers.
Jakarta EE 9 will have a major impact upon the Java ecosystem whether you directly use it or NOT. Do not assume you aren't impacted! The change will have a ripple effect on many open source libraries and frameworks, including Spring! In this presentation I will cover what has changed and how to assess and mitigate its impact upon your application(s).
Java a la réputation d'être lent mais GraalVM permet de changer ça sans changer vos habitudes de développement.
Lors de cette présentation, venez découvrir différentes alternatives (Quarkus, Spring Boot, Micronaut, ...) pour faire du Java natif avec GraalVM.
Vous verrez le développement d'un endpoint dans l'alternative choisie lors de la présentation (live coding).
Après cette présentation, vous ne regarderez plus Java comme avant.
Il y a quelques années, nous avons choisi d'adopter Kotlin Multiplatform pour notre développement multiplateforme. Depuis, nous avons mis en production plusieurs produits qui sont utilisés par des dizaines de milliers d'utilisateurs. Cette présentation couvrira les bases techniques du partage de code avec KMP, les forces, les faiblesses et les prochains jalons. Le tout, présenté sous forme d'un récit léger accompagné d’humour.
Tout le monde aime les beaux graphiques et les stats, même les utilisateurs de votre application. Voyons ensemble un moyen d'intégrer des analyses dans votre app, en utilisant une architecture de données et des technologies émergentes qui épousent les bonnes pratiques du développement logiciel. Vous apprendrez comment utiliser Snowflake, dbt, Looker, et plus, pour construire un pipeline de données robuste et intégrer vos analyses où vous voulez!
Si vous, votre entreprise ou vos clients avez adopté le cloud, vous savez que l'automatisation des infrastructures (IaC) y joue un rôle crucial.
Grâce à Pulumi, même les développeurs peuvent faire de l'infrastructure as Code (IaC) avec leur langage de programmation favori !
Durant cette session, nous découvrirons ensemble ce qu'est Pulumi et comment l'utiliser pour automatiser la création de nos infrastructures Azure.
D'une simple instance MysQL à une haute-disponibilité multi-sites, voici ce que vous décrouvrirez dans cette présentation. Comment effectuer cette transition et quelles solutions conviennent les mieux aux évolutions des exigences commerciales (RPO, RTO). Récemment, MySQL a étendu les possibilités de déploiement aisé d'architecture avec des outils intégrés. Venez découvrir ces solution Open Source qui font partie de MySQL.
Au cours de la dernière décennie, les SPAs (React, Angular, Vue, Ember, etc.) se sont taillé une place de choix pour développer des applications Web modernes. Depuis quelques mois, l’utilisation de frameworks serveur spécialisés (Phoenix.LiveView, Livewire, StimulusReflex, etc.) a gagné en popularité et plusieurs équipes la considèrent de plus en plus comme alternative. Découvrez les avantages, les enjeux et les impacts des deux approches.
In early 2021, I took on the daunting task of moving my established 5-year-old Wordpress blog to Next.js. Why? I wanted those shiny all green Lighthouse scores. Something I heard was achievable with Next.js and Jamstack. I attained the coveted all green scores, and I learned a lot along the way. First impressions, Next.js is awesome. In this talk, you’ll learn about why Next.js is awesome, static site generation, and Jamstack.
Dans les 24 derniers mois, les communautés de développement logiciel ont été au coeur des changements que la société a dû mettre de l'avant pour s'adapter aux nouvelles réalités. Qu'allez-vous faire avec toutes ces nouvelles opportunités, ces vieilles façons de faire qui se sont mises de côté et des nouvelles technologies qui ont émergé?
Refactoring takes time. It's also risky. It's embarrassing to spend hours cleaning up some code, only to introduce a regression in prod your colleagues have to revert.
What if you could *safely* refactor the code with a simple keystroke?
In this session, let's have fun & build sample code snippets that can generate memory leak, thread leak, CPU spike, unresponsiveness, BLOCKED threads, Deadlocks, Heavy I/O activity. If you can understand what triggers these problems, diagnosing and solving them might become easier.
JSON Web Tokens, or JWTs for short, are all over the web. They can be used to track bits of information about a user in a very compact way and can be used in APIs for authorization purposes. Join me and learn what JWTs are, what problems it solves, how you can use JWTs, and how to be safer when using JWTs on your applications.
Spending too much time with CSS? It’s okay, you are not the only one. There’s good news, though: TailwindCSS is one of the most popular CSS frameworks that can help you increase the quality of your design system & CSS code in your Web apps. During this talk, you will learn how to integrate and use TailwindCSS so you spend more time on your business logic rather than your CSS.
Embracing DevOps entails more than just shipping changes to production faster and faster. You are also responsible for monitoring your software and detecting and troubleshooting issues.
Join Henry Been for a demo-heavy session, full of Azure Monitor, Log Analytics, and Application Insights, to build a monitoring solution from scratch. During this session, you will learn everything you need to know to start monitoring your solutions in Azure!
Description: Depuis 2015, Mirego mise sur GraphQL pour bâtir des API robustes, documentés et faciles d’utilisation pour tous les types de clients (mobiles et Web). Après tant d’années, certains patterns ont émergés dans nos projets. Cette présentation fait une liste exhaustive de bonnes pratiques, pièges à éviter et solutions à des problèmes courants de GraphQL.
Jupyter Notebook is an open-source web application that allows you to create and share documents that contain live code, equations, visualizations and narrative text. Attend this session and learn how you can write .NET code with Jupyter Notebooks running in Raspberry Pi; read sensor data, build dashboard and control an IoT device all from the browser.
Visual testing is extremely effective at confirming the application works and looks the way it did previously, and that the new commits have not accidentally broken it. In this presentation, I will show how to do visual testing using Cypress test runner, both at the end-to-end and at the individual component levels. We will also consider the trade-offs of doing image diffing ourselves vs paying for a 3rd party service.
Let's talk about OpenID Connect & OAuth 2.0 security best practices in a way that anyone can easily understand.
In this talk, I will cover the fundamentals of user authentication in modern web applications and websites. I will start OpenID Connect and OAuth 2.0, then proceed with exploring stateful (session-based) and stateless (token-based) auth and examine cookies, JWT, and client storage in close detail.
Dans le domaine de l'observabilité des applications, différentes catégories d'outils demeurent à notre disposition : analyseurs statiques de code, profileurs, APM, pour n'en nommer que quelques-uns. Comme n'importe quel bon outil, ces derniers ont un usage spécifique. Dans cette présentation, nous explorerons les différences entre ces différents outils, à qui ils sont dédiés, et nous observerons à quel point ils peuvent être complémentaires.
Since 2003, the Open Web Application Security Project curates a list of the top ten security risks for web applications. After several delays, the 2021 list was finally released in late September.
Time to have a look at what's new, what has changed, and to get an up-to-date refresh on how to create secure web applications and prevent the top ten issues from happening. We will also discuss whether the list is still relevant, and what is missing.
Have you heard about USE Method (Utilization - Saturation - Errors), RED (Rate - Errors - Duration) or Golden Signals (Latency - Traffic - Errors - Saturations)? In this presentation, we will talk briefly about these different, but similar “focuses” and discuss how we can apply them to the data infrastructure performance analysis troubleshooting and monitoring. We will use MySQL as an example but most of the talk will apply to other databases.
Support for generics is high up many PHP developers’ wish lists.
This talk is a deep dive into generics, their benefits and how, with existing tools, we can get the power of generics today.
First, there was the TestListener interface for extending PHPUnit. But it was abused, because it allowed more than just listening. Then came the TestHook interfaces, but they were inconvenient to use. Now PHPUnit 10 introduces a new event system for developing extensions and for in-depth analysis of your testsuite, hoping to overcome the shortcomings of its predecessors while providing new insights to test execution - and more!
Apache Kafka is an event-streaming database that needs a different mental model to get the best out of it, and the best way to acquire new mental models is by building something!
In this talk we'll revisit a classic game - a Text-Based Adventure - and rebuild it as an event-based application.
Along the way we'll learn to think in streams, explore some design patterns, and see how Kakfa handles data-processing, state management and more.
You can’t anticipate an incident, so how do you ensure your team is prepared in the event of one? At Ambassador Labs we run controlled exercises every six weeks to simulate real incidents and practice our response to them. In this talk, we’ll highlight how we’ve used these exercises to continuously improve our products and processes. We’ll share our playbook for Game Days and offer tips to make you successful based on what we’ve learned so far.
Many of us have built applications for traditional data structures (like relational database tables), but is it different for graph data stores? In this session, we will cover a brief intro to graphs and build a typical Java application for a graph database. This will come alive through a live demo, as we see the results of our efforts. Join us to see how to amplify the power of connected data with applications!
Want to see how the Java ecosystem and the cloud opens new possibilities for developers? This session is for you! It shows how familiar players like IBM and Microsoft can collaborate around open technologies in ways you may not have expected just a few years ago.
In this fast-faced, demo-heavy and mostly slide-free session we will show first-hand how to run Open Liberty on Azure managed OpenShift.
Last year, I've had to deal with a worrying case of RSI, short for Repetitive Stress Injury, to the point that I thought my years slinging code behind a keyboard were over. Yes, it was *that* bad. It also affected my hobbies and my life outside of work. In this talk, we'll explore strategies, tips, and tricks you can employ to stay healthy as developers, so you can have a long, prosperous, and pain-free career doing the thing you love.
User privacy is key for your website’s reputation. Data breaches can be caused by the exploitation of an SQL injection or a malicious employee. However, design choices can also cause information leakages about your users. Those include third-party services usage, improper obfuscation or misconfiguration of APIs such as GraphQL. In this presentation, we will explore those weaknesses through examples found on well-known websites.
L'Internet des objets (IoT) est en plein essor mais son utilisation nécessite l'utilisation de microcontrôleurs, ce qui soulève inévitablement son lot de questions:
- Qu'est-ce qu'un microcontrôleur et comment le programmer?
- Comment interagir avec le monde physique?
- Où doit-on conserver les données recueillies?
- Qu'est-ce que MQTT et comment l'utiliser?
C'est à ces questions que nous tenterons de répondre lors de cette présentation.
People who have worked with PHP, are familiar with PHP-FPM as the process behind their web server doing the work to execute PHP code. However it also has a huge, understated capability as a very reliable worker engine for queuing systems, which brings all the advantages of opcode cache, persistent connections to databases and alike, etc... This session will outline through a proof of concept how this can work and the advantages of this approach.
Kotlin/Multiplatform is a complicated piece of tech! Because it chose to integrate inside native development tools & workflows, setting up a clean and shareable project can be complicated. Here's everything you need to set up a production ready architecture.
Indexes are one of the most essential components of relational databases, and one of the least well-understood by many application developers. They are critical for good database performance, but they are not a magic "go-faster" button. This talk goes over different kinds of indexes, how they help various specific types of queries, and when you shouldn't use indexes in the first place. The example database will be PostgreSQL.
Vous en avez marre de développer en Java?
Kotlin a maintenant plus de 10 ans et n'est pas seulement destiné à la plateforme Android.
Lors de cette présentation, venez découvrir comment développer et tester une API Kotlin avec Spring Boot.
Quelles sont les pièges à éviter?
Les bonnes pratiques à mettre en place.
You joined a project and the promised quality is... not there. The smallest change could make the project crumble under its own weight. Let's talk about such a project where we not only solved technical challenges, but also regained trust of the business, trained the team, prepared it for future requirements, and gained priceless experience in the process.
Dans mes journées, je fais énormément de refactoring. Je joue avec le code. L'améliore, le rend testable, lisible.
Je me rends compte que dans toute la panoplie d'outils à ma disposition, certains reviennent continuellement. Je vais donc vous faire une petit liste de ceux que j'utilise au quotidien.
It’s Tuesday and another device came out with entirely different aspect ratio & resolution specs. Is your app going to work on this new device? If not, how much will you need to do in order to get your app to behave on this new platform? Responsive Web Apps (RWA) adapt to screen ratios so users can use the devices they like, without you having to specifically code for each. In this talk, I’ll teach you the principles of RWA & how to build them.
When it comes to security, identity management, and access control, it is best to rely on trusted, tested, solid foundations instead of reinventing the wheel. Over the years, Keycloak established itself as the defacto platform supporting OAuth, social logins, and single sign-on. In this talk, we’ll share our recipe to customize, package, and operate Keycloak as we needed to extend it to fit the Ambassador Cloud platform business requirements.
Diversity has by now become a mainstream topic.
But for me Diversity is not only about gender. Diversity has something to do with different backgrounds. And on a global scale that suddenly becomes a political issue. Things that are possible in one country aren't in another one.
Let's have a look at how different perspectives shape different possibilities in a globally connected world.
Once upon a time, our development and communications teams had a somewhat strained relationship. Conversations went unresolved, collaborations were few, and mutual appreciation was…limited. Then we made a shared commitment to turning a new page. Some were skeptical of success, but that was then. Find out how our two teams came to work closely together to present a unified service and in turn foster a better web ecosystem for our entire community.
Modern applications depend on a multitude of Python, Node.js, Rust, or Go packages, which are maintained by strangers and downloaded from public repos. Supply chain can be attacked or fail for other reasons from API breakage to "leftpad", or typo-squatting. In my talk I'll cover techniques and best practices for a stable, secure supply chain as well as insight from a Python security team member and packager for Fedora and CentOS.
Learn how to leverage proven patterns & OSS to build a robust portfolio of services that provide a solid foundation for your dynamic & growing microservice architecture, then learn how to make the cloud do it for you with tools that support & enable those patterns. The presenter will demonstrate how to develop, deploy, and manage apps using Spring Cloud and Azure, but all concepts and constructs shown apply to various frameworks/cloud platforms.
Static code analysis can help you automate the boring parts of your code reviews. This talk is an overview of several tools and tips on how to use them in new and existing projects, featuring the following tools that can help you: Stop nit-picking your colleagues’ code style (Easy Coding Standard), keep up with best practices (Psalm, PHPStan, PHP Insights) and generate graphs visualising your dependencies (Deptrac, PhpMetrics).
Python language's evolution to modern, high level language continues with new features being added to language. One such feature is Structural pattern matching.
The structural pattern matching has the ability to make the code more compact, more readable, and avoid a lot of indirection that is usually done without this facility available in the language. We will look at the proposal of pattern matching submitting, it's evolution and examples.
A lot of companies think contributing to open source is hard, but is it? In this talk you will hear about how Ingewikkeld, a small Dutch development and consultancy company, has built a sustainable model for both making a profit and also doing solid contributions to open source projects.
I came to symfony (back then in lowercase) before the first stable version. We are now at version 5. Over all those years the framework has evolved massively. In this talk, I'll go through some of the lessons I learned from the evolution of the framework as well as the ecosystem around it, and how we can apply those lessons in our day-to-day work.
Routing is this thing about mapping URLs to controllers, right? But in fact, there is a lot going on. Understanding the routing process will enable you to write more flexible code and keep logic out of your controllers. In this talk, we will see how the Symfony routing actually works and then look at extension points like ParamConverters, custom request listeners and have a look at extending the route matching process.
When you are in the tech industry, you continually build your knowledge. There are always new frameworks, languages, and tools to be learned. What can you do with all of this learning? Share it, and share it well. Being able to share your learnings with fellow developers is crucial to the improvement of your product and your team. In this talk, you’ll learn strategies and techniques to become a better technical mentor.
As a very senior IC you are expected to lead and drive adoption of engineering best practices at a time when your daily interactions with code have never been less. How can you effectively deliver change when you don't control the code that is produced? This talk will show you techniques that allow you to be an effective change agent without being a dictator, allowing you to guide direction and build consensus without controlling every step.
Specflow est un framework .Net vous permettant d’écrire des tests d'acceptation automatisés et illustrer ces tests en langage naturel. En premier lieu, nous allons présenter les concepts du Behavior Driven Development, la syntaxe Gherkin ainsi que les tests d’acceptance. Par la suite, nous allons présenter comment vous pouvez automatiser ces tests à l’aide de Specflow à partir d’une démonstration et comment l'ajouter à votre intégration continue.
Do you doubt the value of adding CI/CD to your project because it’s too early to maintain a proper pipeline? Or do you have a mature project, but never got around to implementing continuous delivery and are now afraid of this huge and overwhelming task?
Do not fear! Let me share with you practical ways to implement CI/CD so that you can appreciate all its benefits, no matter the size of the project you're working on.
What's in the .git folder? How are commits stored? How do branches work? We'll dive deep into the objects folder, unpack commits, look at the types of DAG nodes, examine object content, and build a complete visualization of the stored content. We'll also quickly look through Git hooks, Git config, and ref logs. Come experience the zen of git.
Even though we use the latest methodology and technology most of us still struggle being effective.
Effective developers don't just write clean and robust code. They also have a strong understanding of the problem that needs to be solved and they take time to learn and play. Learn how those developers build effective coding habits, use automations whenever needed, reserve time for deep work, and much more.
If you listen to Microsoft, the future of .NET is rosy! Lets see! In this session we will take a deep dive into an independent study on the future of .NET that talked to colleges and universities and coding camps to understand the role .NET has in computer classes as well as discussions with .NET shops and consultancies about their plans Get a real understanding of the future, not some plush marketing spiel. Is there a future for .NET? Really?
The scalability of your application and your database is only as good as the database design you put behind it. Designing your schema, the database structures, and planning for the future need to happen early and needs to evolve over time. In today's rapid pace development cycles, the database design is often overlooked or even dismissed entirely. Databases and marketing teams tout "Schemaless Designs", database as a service, and new tech that
Need to improve user experience, but don't know where to start? Worried that UI/UX can only be done by right-brained artists? Take heart. Learn simple, yet powerful UX principles and UI tricks that will help you radically improve your digital products. These secrets are perfectly suited for logical, left-brain, development professionals. What’s more, you can put them into practice now. Esoteric mathematical equations included at no extra cost.
In 2018 downtown Halifax became the stage for a unique production, part Pokemon Go, part performance art. In the years since, the same technology has been used to provide performance and expression opportunities even in the age of COVID.
This talk will explore the challenges and rewards of writing code (in Ruby on Rails and React Native) for live art performance, how to not get derailed by lockdowns, and the many ways reality can be augmented.
In this session Sam will walk you through the processing of time series data and he'll discuss some common roadblocks in time series analytics.
Not only will we focus on time series analytics and predictions for the future but you’ll also see which Azure services can be used and how they can be applied. We will tackle Time Series Insights, Azure Machine Learning and Azure Data Explorer and how they can be combined in data driven solutions.
Changer d'emploi est probablement parmi les décisions les plus difficiles dans la carrière d'un développeur; et pourtant çà fait partie des étapes incontournables (et souvent mal préparées...).
Explorons ensemble (à l'aide d'exemples) les points à ne pas rater:
* Est il nécessaire de changer ?
* Se préparer aux entretiens RH, techniques ( puzzles / coder en direct / travail à préparer / entrevue design, etc. )
* Évaluation de l'offre
La sophrologie consiste à traiter l'information reçue afin de supporter le mieux-être au travail, ça tombe bien : en tant que développeur (se), tu es un(e) pro des langages informatiques et du traitement de l'information !
Je vais te montrer un nouveau langage au concept innovant et ludique qui te permettra de renforcer tes capacités mentales et physiques. Tu vas découvrir des solutions pour mieux travailler et retrouver du plaisir dans ta job.
An enormous number of common programming errors arise from misuse or overuse of mutable state. To avoid this pitfall, many like to employ a more functional style of programming. Sadly, several of the most common Python data structures are mutable to their core!
But never fear: in this talk, we’ll show good idioms and data structures for avoiding mutability while maintaining efficiency and a readable style.
Symfony is not only a full stack framework, but also a collection of components that you can use stand alone in your projects to solve specific tasks. I will explain the ideas of the components and basic concepts, then look more specifically at the console component.
Self-contained vanilla web components can be included in any framework. You can use these techniques to build a dependency-free small app with almost no overhead, or to create cross-framework shared UI modules.
I will show you how these features to create a small standalone app: custom elements; shadow DOM; templates; CSS custom properties (variables); semantic HTML with aria; ES6 import/export; DOMParser.
Have you struggled to get TypeScript and Vue to play well together? Me too. Vue is a fantastic SPA framework, and TypeScript is a great way for catching errors faster. Together, they can boost your productivity. Join us as we peel back the layers of TypeScript and look at the tricks of the trade to get them playing well together. You'll leave with a solid methodology and code samples to get started with Vue + TypeScript.
Creating current time information in code is rather easy by calling time() or new DateTimeImmutable() directly when the information is necessary. But that then makes the code a nightmare to test.
In this session we will see how the new PSR-20 allows us to change that by still making it easy to generate current time information but also allowing one to test the code. And we will get some background info why it was designed in such a way.
In early 2020 a global pandemic set in motion events which none of us could predict. With anonymous data collected from 900k+ devs, 25K orgs, and 30m+ builds/mo we observed interesting insights into better DevOps practices. Since then, we've seen even more interesting activities happen, which shed new light on high-performing engineering teams. In this session, we will seek to uncover what this unique dataset can tell us.
Agile is still buzzing, even though I still honestly don't understand why. I've seen it happen, seen it develop, and seen how much of agile actually becomes politics; inner politics, and seen how it takes the responsibility away from managers and derides such roles as software architects, encourages people to think more short term and less long term on key issues, etc.
Waterfall model had it's flaws, so does agile. So what's wrong with Agile?
The space race was one of the great dramatic stories of the 20th century. For space nuts like me, this era is compelling. It’s also highly instructive for digital product developers. Engineers drove the innovation that pushed us beyond earth. The lessons they learned can help us today as we make apps, sites, and software. The Soviet side of the story is less understood, and a cautionary tale for dev teams and leaders.
On November 9, 2021, .NET 6 was released. As a part of this new LTS (long-term support) version, the web frameworks ASP.NET Core and Blazor 6 were updated. This session will showcase the major new features that were added, including many live demos. Especially when currently using .NET 5 (where support ends in May 2022), an upgrade to .NET 6 is feasible, so why not use some of the new possibilities that come with it?
Java now offers us, twice a year, a set of new features. This session will give you an overview of key functionalities recently added to the Java platform, including Java 18! We will cover new Java languages features such as the support for Pattern Matching, new APIs (ex. Vector API) but also JDK features (ex. security updates, tools such as the lightweight web server, etc). Attend this session to see what Java really looks like in 2022!
Immutability is an important feature to have in a programming language. Unfortunately C# hasn't been very good at it: UNTIL NOW! With Records and other language enhancements we can finally code using immutable types. In this session you'll learn why that is important and of course we'll zoom into the new Record type and see what makes it tick!
Opening keynote for ConFoo 2022. Details to come.
What if you could practice and learn Python by using it to compose a song remixing music clips from Indigenous Canadian artists to express your voice. Earsketch is an online tool created by Georgia Tech university which allows you to use Python code to produce a song. We've partnered with Indigenous artists to provide music clips or you can add your own. Find a new way to express your creativity and share your voice with code and music!