While we are diligently crafting the program for 2024, explore the WeAreDevelopers World Congress 2023 program below.
WeAreDevelopers World Congress is the best place to get a complete overview of recent insights and future trends in modern software development. Take the opportunity to gain new and grow your knowledge to create incredible software and products.
Over the decades, C++ has evolved from a few key ideas to a comprehensive set of facilities supported by multiple compilers, tools for a wide range of uses, and thousands of libraries. It is available on essentially all platforms and used in essentially every country and industry. What are the key ideas and design principles sustaining C++? How did the original ideas evolve and survive 40 years of development and 30 years of attention from a 300+ member standards committee?The current ISO standard, C++20, offers major new features (such as modules, concepts, coroutines) and improved support for compile-time programming and concurrency.
Jakarta EE 9 lowered the barriers of entry and established a foundation for future innovation paving the way for Jakarta EE 10.With Jakarta EE 10, we introduced Jakarta EE Core Profile which targets smaller runtimes suitable for microservices.The Jakarta EE Core Profile also aims to be an even better fit for compiling to native images.But it does not stop there. Both Jakarta EE Web Profile and Jakarta EE Platform is moving forward as well with updates to almost all the individual specifications.Join this session for the latest updates on the progress with Jakarta EE 10. I will go through what Jakarta EE 10 brings to the table, and what to expect when the specifications are moving forward.The session will also give you a clear understanding of how to migrate from previous versions of Jakarta EE and Java EE as well as show how to leverage Java SE 17 and newer features with Jakarta EE.
The concept of “not breaking the web” is one of its oldest and most foundational. When we build a web page, we do it knowing that it could theoretically last as long as the internet itself. The CSS we write today is, or should be, future-proof. But how will your CSS hold up in 10, 50, or even 100 years? In this talk, we’ll cover how to write CSS that stands the test of time. From progressive enhancement techniques to accessibility considerations, we’ll learn how to write CSS for 100 years in the future (and, of course, today).
MoneyBank Inc is a fintech enterprise that recently made the jump to K8s and GitOpsto cope with the shift of demands from cranking out features towards stability and scalability. Yet, even with a fully automated CICD and shiny new microservices, features still take weeks to be released. As teams keep waiting on each other, frustrations, resentment and mistrust grow.MoneyBank’s situation is typical for organisations with enterprise processes and startup mindsets. When faced with problems, the urge is often to move fast and automate them away. However, the cultural and regulatory structures to support these changes are not in the scope of said automation. One more piece is missing to address the needs of non-technical stakeholders within the ever changing CICD landscape.In this talk, we will attempt to automate the non-automatable with ReleaseOps: GitOps for the people.
Have you ever wondered how full-text search engines such as ElasticSearch or Algolia works? Let's find out!In this talk, we will build a RESTful full-text search engine from scratch, understanding how to choose the right algorithms and data structures for accomplishing such a task.By the end of the talk, you will see how to maintain incredibly high performances while working with a massive amount of data and understand why it is so important to choose the right algorithm or data structure for accomplishing such tasks.
Async-await and Task don't need to be so scary and mysterious!In this session you will learn what is asynchronous, multithreading and parallel programming and how it can help you to improve performance of your code, when used correctly, using newest best practices. It's easy to misuse those concepts without proper knowledge, and hurt performance.This talk focuses on .NET Core / .NET but most of the content applies to .NET Framework, too.All of it (and more) is covered in my book "Asynchroniczność i wielowątkowość w C#".
In only a few years, the number of options available to run containers in the Cloud has literally exploded. Each provider now offers tens of “slightly different” services, each with its own minor trade-offs. Furthermore, running your applications in 2022 is definitely not like doing it in 2019: some of the new serverless options offer unique value propositions that shouldn’t be missed. It’s easy to get overwhelmed!This talk will categorize the various options available on AWS, Azure & GCP, focusing on what is state-of-the-art in 2022. We’ll look at Kubernetes and its evolution. Finally, we’ll explain the trade-offs between different categories from a technical and organizational standpoint. We’ll then do a deep dive with a demo on some of the new services that have been recently launched and that are quickly evolving to change the game: GCP Cloud Run, Azure Container Instances, and AWS Fargate.
No piece of software is perfect. Everyone of us has experience his or her own personal "How the hell could this happen?" moment. Some bugs and their consequences even make it to the headlines of big newspapers.This talk will present some of these "all stars" as it's always nice to hear about the mishaps of others. But we will also go one step further and ask ourselves what we can learn from them. What decisions and actions lead to these bugs and look for lessons learned that will help us in our daily work to avoid running into the same pitfalls.
In this session, you'll learn to write C# code that executes faster and allocates less. This session is packed with practical examples and demos of where the latest high-performance APIs and language features can be applied.We'll apply types such as Span and Memory to efficiently process data and to parse strings. We'll examine System.IO.Pipelines, offering high-performance I/O and we'll utilise ArrayPool to reduce GC allocations. We'll discuss when and why performance matters and you'll learn how to measure your code, using a data-driven approach to focus your optimisations.These features can seem complicated, unapproachable and difficult to apply. In this session, Steve introduces high-performance newcomers to the features, showing you how they work, where they can be applied and how to measure performance improvements in your code.This talk is for developers, who like Steve, are ready to begin their journey towards writing faster .NET code, which allocates less.
Are you still not sure about using C# 10 in your new projects? Have you not found any time yet to look into the new features? C# 10 together with .NET 6 includes a lot of new features that makes working with C# easier for a developer every single day. In this session I will show you 5 of them which you can use for every project you’re working on. Does this sound interesting to you? Join me and get yourself back up to date in the world of .NET and make your code cleaner and better with these new features.
Making sites load fast with current tech is out of reach for most. Builder.io is reinventing server-side generation and front-end frameworks by prioritizing time-to-interactive.This radical approach is going to change how developers and frameworks approach the problem of initial interaction. The result is not only the highest Google PageSpeed Insight scores but also a user experience previously thought impossible.In this session, you will see how this is achieved, and gain a peek into the future of the Qwik + Partytown framework.
Have you ever wondered about how it comes to security incidents? I mean the really big ones like someone accessing a remote host, or executing some nice scripts inside your browser?In this session I want to show some of the most common pitfalls into which especially junior developers fall. Specifically, I want to cover the following frequent mistakes, and more:* Missing Input Data Validation: Certainly a big one, since depending on the environment, this could lead to for example remote-code-execution (RCE) on your backend, or the execution of scripts in your browser, known under the term XSS* Improper Usage of Data Types: One of my favorites, since it highlights how careless we sometimes use data types without reasoning about the consequences of our choices.* Revocation processes: Unfortunately, as developers we build a system to run in a happy world, most of the time. But how do you deal with the revocation of a malicious entity?* Denial-of-Service through service crashes
By the time this talk is over, someone will have invented a new JS framework. Thankfully it's probably not gained much popularity yet. In the meantime, Express.js is no longer the most used framework, Next.js recently took the top spot in the StateOfJS survey with several others following closely.So, in this session we'll compare the big frameworks of today, check out their features, what they are missing and consider their different use-cases. By the end of the talk, there might be a new framework, but at least you'll know when and where to use the existing ones.
When you publish your first HTTP API, you’re more focused on short-term issues than planning for the future. However, chances are you’ll be successful, and you’ll “hit the wall”. How do you evolve your API without breaking the contract with your existing users?In this talk, I’ll first show you some tips and tricks to achieve that: moving your endpoints, deprecating them, monitoring who’s using them, and letting users know about the new endpoints. The talk is demo-based, and I’ll use the Apache APISIX project for it.
Edward Tufte's beautiful books were an inspiration for creating CSS in 1994. Now, almost 30 years later, CSS has grown to the point where we are able to recreate his designs on screen and in print. Challenges still remain when scaling documents to fit small screens. How to you show a sidenote on a mobile phone? Should we still care about bandwidth? Are paper-based books still relevant? If so, what tools does CSS provide for positioning figures, footnotes and page numbers? This presentation will describe the roots of CSS, and how it has evolved to create beautiful books.
Giant AI models have conquered the world of text, vision and multimodality with surprising fidelity. However, these models lack agency and values making them incredibly dependent on slight changes in the prompts with sometime unexpected outcomes. This has been addressed by fine-tuning with some success but fundamentally limit the usability to beyond simple problems. Will the next breakthrough come with even bigger sizes? Or are we missing an essential feature compared to human behavior? Together with some state-of-the-art examples of how to use the current generation we will look at an AI that acts deliberately – and is much more reliable that way.
Developers who approach Rust from the viewpoint of other OO languages like TypeScript, C#, or Java frequently misinterpret Rust's traits as interfaces. That might be true to a certain extent, but on closer examination traits are much more powerful than you might think. In this demo-only session, Rainer Stropek starts by introducing you to the fundamentals of Rust Traits. You will see how to create your own ones, how to manually implement system traits, and how to auto-implement them. Once we covered those basics, Rainer dives deeper into unique features of traits. We will look at default implementations, trait parameters, trait objects, and trait bounds for generics.
In this talk, we will explore the journey you embark on when moving from Java to Kotlin. Based on real-world experience, code statistics, and many code samples, light will be shed on questions like ‘What were the benefits and drawbacks?’, ‘How did we approach it?’ …and most of all: ‘Was it worth it and why?’ At the end of this talk, you know in detail the differences between Java and Kotlin. You have learned what to expect when embracing Kotlin and which best practices you can apply, providing you with the information and tools to evaluate whether Kotlin is worth a try.
Spring is all about helping developers get to production quickly and safely. These days, "production" is all but guaranteed to mean Kubernetes, and Spring has you covered. Join me, Spring Developer Advocate Josh Long (@starbuxman), and we'll look at how Spring Boot makes writing blisteringly fast, cloud-native, and scalable services more effortless than ever. We'll look at topics like service orchestration and composition, reactive programming, containerization, GraalVM native images, GraphQL, and more
Great technologies, programming languages and tools are used when building software. That is good and right. But unfortunately, it is often lost sight of the fact that the decisive factor is not the technology, but the *business domain*. If we do not map the domain language and the business processes in the software, then it will not help our users in their work. No technology in the world can protect us from this. In this talk, I'll show you how you can identify problems in an existing legacy system that could be solved with Domain-Driven Design. We will see problems such as: large entities that are used all over the system, how we could divide them into smaller entities according to the business domain and how we should cut the source code into bounded contexts. All this will be done with many examples from analysis tools that help us to see the system on the level above the source code.
Chaos engineering, popularised by Netflix, is an approach to building scalable, resilient systems through destructive experiments, but what other impacts does it have? How can adopting chaos engineering change organisational culture? This talk explores the parallels between modern distributed architectures and the unpredictable challenges of the modern world, and how approaches like chaos engineering help organisations deal with both.We will deep dive into the practices needed to make chaos engineering a success in your organisation and uncover how they help beyond just chaos engineering experiments. We will also explore the nature of complex, socio-technical systems and why new approaches are needed to deal with them.
I'm the lead architect in central engineering of Microsoft Azure's messaging and eventing services fleet and one observation we keep making is that developers don't know about queues and what to do with them. This session is a 101 basic introduction into what a message queue is, what solution patterns it helps with, and what to do with features like dead-lettering and expiry. This session isn't about what's new, it's about the whole concept. The talk is not product specific and applies to anyone's product's and services, even though I'll certainly mention our own.
Everyone is excited about Quarkus, the Kubernetes Native Java stack that lets you create Java applications with a small memory footprint and amazingly fast boot time (just some milliseconds) offering near-instant scale-up and high-density memory utilization in container orchestration platforms like Kubernetes and a perfect match for serverless. But these capabilities are useful at runtime, but what does Quarkus offer to developers to use at development time?As developers, we want to improve our performance, we want to spend as much time as possible coding and not recompiling/repackaging the application every time we want to check if the application is working or not, running the full test suite when only one small part of the code has been modified or preparing external dependencies such as a database or a Kafka broker.If you are willing to boost your performance as a developer, come to this session and learn how Quarkus can help you, yes you, the developer.
Serverless applications are event-driven and take advantage of modern cloud computing capabilities and abstractions to allow developers to shift focus to writing business logic while not dealing with the complexity of the infrastructure their code runs on.After an introduction to Serverless, and the Serverless runtime Knative, this session will teach you how to implement your serverless applications and compile them to GraalVM native images with the robust collection of related functionality the Spring Framework ecosystem provides to get the full potential out of Serverless and reduce costs.
One of the reasons we love visiting conferences is to hear and learn something new, right? So, why not learn something brand new? Why not learn a bit or two about ... R language?R is most widely used for statistics and machine learning. And yet, I think that's a pity. It's a pity because language is beautiful, has amazing set of packages and libraries and is built as purely functional language (although you can use OOP if you want).Additionally, one beautiful thing about learning new languages is that you, usually, get inspired. You get inspired to try something new in your language of choice and, who knows, we might end up with something revolutionary, can't we?
During this session, we’ll take a look at the proactivity tools that can be used to improve our development experience on Azure. We’ll talk about tools from multiple areas like storage, computation, automation, cleaning and many more. All of them are free to use, build by the Azure community or Microsoft to improve the cloud experience. The impact on our day to day life can be improved drastically when we use the right tools. We coved tools that can be used for storage, computation and real-time monitoring and debugging.
A smart person learns from their own mistakes, but a truly wise person learns from the mistakes of others. When launching our product, we wanted to learn as much as possible about typical pains in our ecosystem, and did so by reviewing many post-mortems (100+!) to discover the recurring patterns, anti-patterns, and root causes of typical outages in Kubernetes-based systems. In this talk we have aggregated for you the insights we gathered, and in particular will review the most obvious DON'Ts and some less obvious ones, that may help you prevent your next production outage by learning from others' real world (horror) stories.
Building web apps is a complicated mess. You need to know Python, JS, HTML, CSS, SQL, Flask, Bootstrap, SQLAlchemy, Webpack...the list goes on. What if you could do it all in Python?That's what we built: an open-source framework with Python in the browser, Python on the server - even a Python UI toolkit. And then we built an online IDE, drag'n'drop designer and hosting platform for it - all available for free.In this talk, I'm going to discuss the current web landscape, why we built Anvil the way we did - then take a deep dive into how it works, including a live demo. How do you run Python in the browser? How do you build an autocompleter that knows about everything from your UI layout to your database schema? And what does it mean for a programming tool to be "accessible"?No web development knowledge required & no paid features of Anvil are showcased in this talk.
Machine Learning and Artificial Intelligence are surely some of the most headline-catching topics in IT, achieving stunning technological progress within the last decades. One of their various applications, creating fake images, not only creates societal discussions and political issues, but also leads to an interesting question: How is it actually made and how easy can you do it by yourself?You will be guided through the basic math required for this field of computer science (without previous knowledge above high school level required), learn about how Generative Adversarial Networks are designed in concept and see how to implement different GANs on your own using standard libraries. Based on different papers, the presented applications range from generating fake celebrities to creating stunning vistas from your hand-drawn sketches.
We are all well aware of it : the current trend of climate change is not looking great. We can already feel some of its consequences and it is very likely to only become worse.Tech is driving the world though, and us developers can surely help make an impact to bend the curve. So let's dive into the topic together and see how we can debug it!In this talk, we will look into the current situation, globally but also in the tech space. We will dive into the impact that we can make on our applications as developers.We will start by talking about our technical stack and what we can do to improve it, from reactive architectures to web performance. We will run the numbers and see the kind of improvements we can reach there.But we will also look into the larger perspective of things, and look closer at our own personal footprint.The future may look uncertain, but we can all start making a difference today and look at things in a positive way. So let's debug!
Micro Frontends are not the only solution, nor are they suitable in all scenarios. In this session, I will present an alternative architecture approach that we have used successfully in numerous projects over the last few years: the Frontend Modulith.We discuss dividing your application into manageable parts, mapping your business domains, categorizing libraries, and then defining access restrictions to enforce your intended front-end architecture. You also see how you can drastically improve the performance of your CI process with incremental builds and tests as well as with local and distributed build caches. The examples use Nx, a tool created by former Google employees to help with building structured enterprise applications using Angular, React, Vue, and other frameworks.By the end, you will know if frontend moduliths are the right approach for you and how to build your Angular applications with them.
Version 1.0 of Dart was released back in November 2013. Since then, it has always been very quiet around this language and it never really became successful. But now that Dart is the programming language behind the more than successful cross-platform framework Flutter, it is gaining more and more popularity.Dart comes with some very interesting and unique features. For instance, it is possible to compile not only "just in time" (JIT) and "ahead of time" (AOT) but also Dart code to Java Script.Using various examples and live coding, I will give you an insight into the programming language Dart and show you different features.Let me take you into the world of Dart and get inspired!
This talk is a follow-up to my talk "New language features in Java since JDK11". In that talk, I walked you through all the awesome new stuff. Today I’ll show you actual usages of these new features so that you can start using them in your project too. Come and see real-world usage for constructs like records, switch functions, sealed classes, and pattern matching to name a few. This is even more important if you consider that the upcoming releases of extremely popular and widely used frameworks such as Spring (v6) and Spring-Boot (v3) will use JDK17 as the minimum baseline for development. Don't get left behind and let me show you how to use all the new language features from JDK11 up to JDK17 in these frameworks.
A progressive web app is a way to bring a native app experience into the browser, therefore the idea is to have a progressive enhancement of your app but during our development process, we have to keep in mind a few factors in order to make it. During this talk, we are going to discuss how to read and test our PWA performance, check some metrics that are useful to keep in mind like Cumulative Layout Shift and which are the tools that can help us to deliver web apps that are fast and progressive (for real!).
You had to wait a long time - now Go (finally) supports generics. This makes generic programming in Go possible. The talk will give an introduction to generic programming with Go. Using an example project, the basics will be explained and pitfalls will be pointed out. At the beginning the basic principle of generics will be explained and first the Go constraints will be discussed. Afterwards the usage of generics in Go will be shown by examples. The lecture will be concluded with notes on generic programming in Go.
The most loved frontend-framework Svelte has gained good TypeScript support over the last years and is capable to deliver a great developer experience - also within buisness applications. Unfortunately it is not that easy to find good documentation about all the TypeScript features Svelte offers.In my talk I want to show how to get started and go over some code examples. At the end I will reference a repository where more examples are available to dig deeper into this topic. Along the way I will also give some general TypeScript tipps that enable even stronger static type checks than probably most developers currently know.
While the new advances in AI research are exciting, startups and companies are still struggling with the adoption of machine learning. The operationalisation of machine learning remains a key challenge for startups and bigger companies. Fortunately, in recent years there has been a lot of development and movement around the practices, methodologies and tooling that are addressing the needs to build reliable machine learning systems. This new field is called Machine Learning Operations (in short MLOps). It’s a multidisciplinary field that combines data science, software engineering and devops. In other words MLOps bridges the gap to apply machine learning in the real world. Through this talk we explore MLOps and unveil the challenges it solves and why it makes sense for companies to jump on the MLOps train.
Graph Neural Networks (GNNs) are AI models designed to derive insights from unstructured data described by graphs. For different segments and industries, GNNs find suitable applications such as molecular analysis, drug discovery, prediction of developments in stock market, thermodynamics analysis, and even modelling of human brain. Unlike conventional CNNs, GNNs address the challenge of working with data in irregular domains. In this talk, I will provide an introductory overview of the theory behind GNNs, take a closer look at the types of problems that GNNs are well suited for, and discuss several approaches to model unstructured problems as classification or regression at various levels.
With machine learning becoming more and more an engineering problem the need to track, work together and easily deploy ML experiments with integrated CI/CD tooling is becoming more relevant then ever.In this session we take a deep-dive into Azure Machine Learning, a cloud service that you can use to track as you build, train, deploy, and manage models. We use the Azure Machine Learning Python SDK to manage the complete life cycle of a PyTorch model, from managing the data, to train the model and finally run it into a production Kubernetes cluster.At the end of this session you have a good grasp of the technological building blocks of Azure machine learning services and train a PyTorch model on scale.
For anyone in software development, there is no way around Kubernetes. Containerization has changed the way software is developed, deployed and operated. Microservices is the new paradigm. Many teams around the world discuss just now: What does containerization and Kubernetes mean to security and how to fit this technology into our existing architectures and processes?In this talk we will dissect the various components of Kubernetes and explain how they work technically under the hood. We will discuss common pitfalls and how they could be exploited by attackers to compromise the whole cluster. There will be a demo of kernel exploits and their risks to container isolation mechanisms.But not all is bad: With the right approach, Kubernetes environments can even lead to security improvements. This talk will provide the key principles for designing secure Kubernetes architectures.
C++ is widely used in constrained and/or critical applications. How do we manage using a large multi-purpose language in such environments? How can we better use facilities from and techniques from modern C++ (C++11 … C++20)? The best answer is not “use only facilities available in C and C++ in 1985.”This talk focusses on a top-down approach to achieve safety, performance, and maintainability. It touches upon the C++ Core Guidelines, compile-time computation, type deduction, the span and chrono standard libraries, and error handling.
Machine learning algorithms require fixed-size feature vectors. It is why modern deep learning architectures deliver sensational results on audio, vision, and language but fail on relational data. The only way out is feature engineering. Unfortunately, manual feature engineering requires a lot of SQL code and takes up to 90% of a project's time.In this talk, I want to introduce you to the domain of relational learning. Attendees will learn how to build end-to-end prediction pipelines on relational data using algorithms for automated feature engineering.
Utilising the flexibility of most popular component libraries makes development easier and fun especially when we do not have to worry about what is happening under the hood. But as we progress in our career or as our apps grow bigger, we are likely going to find ourselves faced with the task of designing our own component libraries that can be reusable and highly configurable across all your applications in order to maintain consistency and also follow the DRY principle.This presentation will take you through that magical experience provided by the angular ng-magical directives in building clean and reusable components in Angular
Today, one way or another, organisations are leveraging cloud to gain speed and agility to achieve their business goals. A DevOps and Cloud-native mindset is nowadays intrrisecly part of modern software development. The vast majority of organisations are already there, or giving steps towards it. However, after adopting DevOps and becoming cloud-native, it’s hard to evaluate the organization maturity state and understand if it continues to evolute towards the right direction. In this talk, I share some real-world experiences, war stories and best practices for software engineers, engineering managers and technical leaders that want to drive their organisations towards engineering excellence - regardless on their organisational type (startup vs enterprise) and cloud strategy (single vs multi-cloud).
In this talk we will discuss about building the backend for a web-application using Python and FastAPI. FastAPI is a modern, fast (high-performance), web framework used for building APIs with Python. The session will highlight performing simple CRUD operations using the different endpoints of the API and testing them using pytest. It will focus not only on the concepts but also emphasise on some of the software engineering best practices (patterns and anti-patterns) required to excel in web-development.
Zaid Zaim 21 years old orginally from Syria. He came to Germany 2013 due the War.Today, as an Alumni of ReDI School Digital integration , Microsoft MVP and Mixed Reality Catalyst at Hololux brings Cultural Heritage of destroyed sites like the UNESCO city of Palmyra in Syria back to life with modern Mixed Reality technology. In this project, he wants to bring an inclusive dimension and promote more universal access to culture - Diverse volunteers contribute to this mission. In December Zaid realized with the Help of the Tech Community like Hololux and Microsoft to bring the Deutsche Bank celebration Party into the MetaVerse that got a appeal from the participants and audience.Following next was New Years Eve Celebration in the metaverse created by Zaid & fellow MVP Christian as our version of Avatar Pandora.World wide audience joined this Party with more than 250 Attendees.
We humans can become stuck in our heads through talking about the issue in front of us. I am sure you are familiar with the feeling: moving round and round the same problem again and again. How can we break a vicious circle? One way is to change "the language”. Instead of words let's use pictures! Words appeal mainly to the consciousness, instead pictures bring everything together into a much simpler way. Since the 1980s, usage of “metaphoric cards” - picture language - has been a well-known and widely used method in therapy and coaching. In my talk I will explain my take on this method and how you can use it individually or in groups. In the hands-on workshop we will dive deep into the picture world and I will share some ways how to use them to help to illustrate complex issues or to find new perspectives and approaches or simply to give feedback.For this workshop you need to have an open mindset and to be ready to be a fool and do foolish things.
The Swiss Cheese model is a risk avoidance strategy using often in the airline and healthcare industries. It assigns responsibility to different layers — with issues falling through the ‘holes’ of Swiss Cheese. While it allows companies in the airline and health industries to see which layer are succeeding, it can help tech companies think strategically about Quality, rather than only focusing only on test units being faster and more reliable.Expect to learn what the Swiss Cheese model is, how to apply it in the software industry, and what to do when bugs still fall through the holes (hint: it doesn’t involve your customer support team).
Anything that moves will be autonomous! With an ever-growing AI and data-centric world, robots will become more intelligent, flexible, and robust. However, with these new paradigms, some challenges arise:- AI Robots need data! Lots of different data! But acquiring real data can be costly and laborious;- AI Robots need training! Lots of training! But training in the real world is not scalable and getting representative scenarios covering hard edge cases might even be impossible;- AI Robots need testing! Lots of testing! But real testing cycles are time-consuming, possibly unsafe, and slow down development iterations.Sounds hard? No, it is really no boogeyman! In this session, we'll go over how Simulation can play a key role in enabling AI-based Robotics but also how to easily get started enhancing AI workflows with the NVIDIA Omniverse and Isaac platforms.
Web frontend projects tend to become larger and larger with multiple teams working on one application. The problem becomes even more severe with the requirement of including functionality from multiple domains - right now or at some point later on. To scale the development well the micro frontend architecture has been proven successful. But where to start here?In this talk micro frontend expert Florian Rappl will give you insights from dozens of successful micro frontend implementations. He will create a scalable solution on stage with you in the first row. Get to know the best practices and see how your next big frontend project can evolve without boundaries.
Progressive Web Apps and the new powerful web APIs provided by Project Fugu allow developers to implement desktop-class productivity apps using web technologies. In this session, Thinktecture's Christian Liebel shows you the critical parts of how paint.js.org was made, a remake of the productivity app dinosaur Microsoft Paint. It runs great as a standalone application, and since it is based on Web Components, it can even be embedded into other applications. And since everything is web-based, it runs on all operating systems, desktop or mobile, not just Windows 95.
Cyber Hygiene vs Data Breaches- Introduction: Who am I to tell you about cyber security and cyber hygiene?- What is OSINT (open source intelligence): everyone is a cyber security expert- Type of data to analyze by OSINT, quick overview of the main tools to use to find and analyze the data- Using Studio 3T to protect data against a future breach- More in-depth description of tools and techniques used to identify vulnerabilities, PII and sensitive data online- IoT search engines and the ways they work, including Shodan, BinaryEdge, Censys, Zoomeye, Leakix, and even Google- Realworld case studies: discovering databases managed by criminals or malicious actors, and what to do about it
Developing good code is hard. It should be efficient, resilient, long-lived and understandable. On the top of that, it should be secured and respect data protection, which mean being compliant with the GDPR. Although it's a legal text, GDPR should be understandable by everyone as its requirements are applicable to all digital services. The CNIL collated all legal text related to GDPR into a single guide of 30 pages that targets developper, as an introduction to the exigences of the gdpr without undermining them. This guide is delivered it as a way to raise awareness on the power in hands of developer and to share good practices for developing a data protection culture when building new services.
Learn how to cover your web application with full-stack tests and automate the process to improve the quality and speed of your work. Understand the different perspectives of testing, like unit, integration, and end-to-end in the modern web, both on the front-end and the back-end side. Build automation pipelines with GitHub actions and set up quality gates to establish a robust Continuous Integration and Continuous Delivery workflow. Catch security bugs and code smells before they land in the production environment. Deploy your application with peace of mind with just one click.
At Spotify, we use data to make sure Discover Weekly has new music for you each Monday, and so that you can know what you’ve been listening to all year with Wrapped. With the abundance of data being generated across organizations, it is crucial that the data is of high quality, reliable and available when needed. We will explore how Spotify enables data quality and better troubleshooting through data observability tools, to make sure data pipelines are first class citizens in the software ecosystem. That includes monitoring, reliability metrics and alerting. The challenge and difference from traditional software observability being - an engineer typically maintains a handful of backend services but hundreds of data pipelines.
“Write useful feedback and keep your changes small” - the internet is full of these code review tips. What is often missed: the technical part. But knowing how to properly utilize git is key for efficient code reviews. This is harder than it sounds. Git offers nearly 150 commands and 80.000 lines of documentation. Who has time to read all of this?Save yourself the time and join our talk to get an overview of all the interesting bits. We will not only take a look at the basics you need for efficient code reviews. We'll also explore the hidden gems that you might not be aware of, even if you have been using git for years. Prepare yourself for a hands-on talk for beginners and experts that helps you improve your code review workflow.
Helm is a package manager for Kubernetes which simplifies deployments to Kubernetes.With Helm, applications are bundled into Charts which makes it easy to build, install, upgrade, and share complex Kubernetes applications.In this session we'll go over exactly what Helm is, the benefits it brings, and how to deploy applications to Kubernetes.Then we'll look at upgrading applications using Helm and then rolling back to a previous version. Once that's covered, we'll look at creating our own Helm Charts and storing them in a Chart Repository.To finish the session we'll then see how we can automate Helm Chart releases using Flux.This session is for anyone who has worked with Kubernetes and want to learn about Helm. Each topic covered in this session will be accompanied with live demos.
Ever heard about accessibility, and wondered if it some rocket science? Or maybe considered exploring it but abandoned due to overwhelming documentation? Let's debunk all the complexities and myths around web accessibility. We will together explore browser tools and extensions for analyzing and auditing accessibility while looking at how to fix those.Takeaway - You can directly use these tools and tips to access and fix the accessibility of your websites and web applications.Web accessibility won't feel as confusing or burdensome after the session.
CPU and GPU Shortage, energy crisis, and global warming. How can we contribute to the solution of these issues by creating highly performant software and using the resources on the computer in a more efficient way.In the beginning, the software industry was considered "green", since it contributed to eliminating the use of paper in the office. But is not as green as it used to be. Software is everywhere, and since it's everywhere, we can contribute to the challenges the world is facing by changing the way we work and the way we build products.
Why pair programming is the best usability testing tool for developer focused products? Have you done the pair programming session with your users? The amount of insights you get while doing pair programming sessions is enormous. In this talk, Anil will share lessons learned while doing pair programming sessions with the users for developer focused products/services in his recent role as a Technical Product Manager. Learn why pair programming with users is the best way to identify the developer's pain while using your product/service.
The workshop overviews key architecture principles, design patterns, and technologies used to build microservices in the Node.js stack. It covers the theory of the GRPC framework and protocol buffers mechanism, as well as techniques and specifics of building isolated services using the monorepo approach with lerna and yarn workspaces, TypeScript. The workshop includes a live practical assignment to create a currency converter application that follows microservices paradigms. The "Microservices in Node.js with GRPC" workshop fits the best developers who want to learn and practice GRPC microservices pattern with the Node.js platform.
I will show how you can easily design and implement your own text language including a compiler CLI and editor support for VS Code. The key ingredient for this is an exciting new open source framework named Langium. We created Langium based on the experience that I and my team at TypeFox have gained about designing programming languages and domain-specific languages over many years. Now we are keen on lifting these proven concepts into a new level enabling a much wider audience to make use of them.We chose TypeScript and Node.js as platform because it's easy to build CLIs like compilers, transpilers and interpreters, and because it's the basis for VS Code extensions. By integrating with the Language Server Protocol, it's simple to provide the same editor support in other IDEs as well.You will learn about language design in general and how you can elegantly solve problems using special-purpose languages. I will demonstrate how to get started with Langium with a few steps.
Quality control in photonics requires detailed manual examination of microscopy images. In this project we aim to automate the inspection of wafers for diode lasers. To solve this we have been developing FasterRCNN object detection models to automate this process in pytorch. A single core architecture is used that is then fine tuned on each of the sub problems. The end result is a set of pipelines that can automatically locate and classify defects so that their severity can be estimated by a rule based post processing step.
With our complete software development process becoming more complex we also got a lot more security problems to deal with. What starts with code and ends with releasing/deploying software is also being referred at as the software-supply chain. The software supply-chain consists of a lot of moving parts. Each of them facing their own security risks starting from access to source code, compromised third-party libraries and tools, or even hacked build servers. For example with SolarWinds the compromised build server added malicious functionality to the end product used by their customers. And a tool called CodeCov had their upload script compromised which resulted in it stealing used access-keys. In this session we'll get hands-on with securing an application it's supply chain and look how we can limit the security risks in all the different area's. We're going to look into he concept of Software-Bill-Of-Materials (SBOM), Google's SLSA and tools like in-toto, cyclonedx and sigstore.
When was the last time you broke the production? Or if you haven't done that yet, the day will come. In this talk I'll go through the times when I broke the production, what I've learned from those incidents, who's fault is it, and especially the blame(less) culture in workplaces. I've worked as a full-stack developer for the past 15 years in multiple workplaces. Knowing how your employer reacts to these incidents can tell you a lot about that company as a workplace. Especially if a single developer can cause production issues, it's not the fault of that developer, but the company.
I will try to cover important topics about Garbage collectors in my talk. • 2 minutes about computer memory , Ram structure , data types ,heap vs stack and memory allocation mechanism . • 4 minutes Memory management , why do we need it, a comparison between manual and automated management. • 6 minutes about GC , History of GC , advantages and disadvantages , purpose of GC. • 3 minutes python GC algorithms, Reference counting and A cycle-detecting algorithm (circular references) • 3~ minutes Java GC algorithms, G1 and shenandoah . • 3 minutes Golang GC algorithm, all about tricolor algorithm which is my favorite topic . • 4 minutes comparing those algorithms advantages and disadvantages • 3 minute conclusion What are best practices on garbage collection? How can garbage collection be improved? • 2 minutes Q&A
In test-driven development (TDD), the Chicago and London Schools have dominated for many years. After the Munich School added a new point of view in 2018, Hamburg and St. Pauli School followed last year. These five (at least?) TDD schools differ fundamentally in their methodology. Nevertheless, they are not mutually exclusive. In this workshop, you will have the opportunity to get to know the different schools and learn which approach is best suited in which context.After a short introduction, we will try out the different approaches together in a mob and/or pair programming. This way you will not only learn the theoretical basics but also exercise the practical application.
Serverless is much more than simple HTTP triggered functions. You can run containers and whole apps serverlessly, group functions behind an API gateway, coordinate services with a central orchestrator or let them communicate indirectly via events. You can schedule services or make them more resilient with task queues. You can even combine serverless orchestration with serverful services. In this talk, we’ll look at the serverless landscape beyond simple functions and explore some patterns that help with serverless applications.
Slack (https://slack.com/) is a messaging app for business that connects people to the information they need. In this talk we’ll see how to extend Slack functionality by developing a travel approvals app. We’ll use Slack’s SDK for Node.js, Bolt.js (https://api.slack.com/tools/bolt).
Debugging is something most of us do daily yet we often treat it like taking out the garbage i.e. running holding our nose and trying to get rid of it quickly. As a result even seasoned developers are unaware of some basic debugging capabilities and tricks. In this talk we’ll shave the Yak properly.The session demonstrates practical debugging tips and tricks using IntelliJ/IDEA and Java but most of the ideas are universal and should be applicable to any language/IDE. Common tips include:* Using go to line* Variables are editable* Use conditions* Breakpoints don't have to "break"* Logging is debugging and you don't have to stop for that...* Field breakpoints are pretty darn usefuland more...
In this session I will get you started with real-time cloud native streaming programming with Python. We will start off with a gentle introduction to Apache Pulsar and setting up your first easy standalone cluster. We will then l show you how to produce and consume message to Pulsar using several different Python libraries including Python client, websockets, MQTT and even Kafka. We will walk through step-by-step building, deploying and testing applications that include real-time streaming events.After this session you will building real-time streaming and messaging applications with Python.
Are all software developers the same? Do all software developers make the same choices? Or are some of them having more worries or just think in a unique way? Yes! of course. There is a group of software developers who are autistic. It can be people with an ASD (Autism Spectrum Disorder) diagnose. But there also a lot of people with autism missing an official diagnose. Some people are just fighting more than others for getting things done.In this talk, I try to cover how the tech world is for me, as a person with autism. I am in tech for about 10 years. In fact, sometimes I feel differences between me and other people in tech. Besides my tech roll in life, I am responsible for a self – a support group of people with autism.
PowerMock is often used to bend the Object-(Dis)Orientation for inflated code-coverage numbers, but it incubates the actual design ailment, which grows as your codebase grows. **Ports & Adapters** is the *Hard* way to treat it. But Ports & Adapters come with a lot of ceremony, creating adapters, fakes etc increasing the friction making it less deadline friendly. Let's discuss this architectural pattern and how **Loki** (a companion toolkit for this pattern) can aid with the *Hard* part, so you can have the cake and eat it too.
Caching is one of the most effective ways to achieve fast performance, probably the main one, but in a GraphQL context it’s not that easy: once we get to caching GraphQL queries in order to speed up our application backend, we also need to refresh the cache.How can we do that? What are the strategies we can apply to keep our dynamic data ready to use and up to date at the same time?How can we invalidate the cache efficiently?Time based invalidation is widely used but not very precise, so let's introduce event based invalidation, with node.js, fastify and mercurius!
Building a SaaS product is different now compared to 10 or even just 5 years ago. Authentication, authorization, payments, emailing, billing, notifications, media handling, or other features were either a headache or boring to develop every time. And it took a long time. There's no need to reinvent the wheel anymore with all of the modern platforms on the market. In this workshop, we will build an online course SaaS to sell pre-recorded video courses with downloadables, progress tracking, and a subscription system.
As one of the significant trends in today’s IT world, the Internet-of-Things is the subject of discussion by many IT professionals. The possibility of fast data delivery from a vast number of sensors represents an incredible potential for developing solutions that we could only dream of so far. Since this data is a data stream, an architecture template called a lambda pattern is used to analyze it, consisting of a cold layer (also known as a batch layer) and a hot layer (also known as a speed layer). Today’s world of technology gives us various options for implementing this kind of architecture. This lecture will present the most popular among them (e.g., Kafka, Spark, Storm…) and give instructions on choosing the technology in each element of this architecture. We’ll also examine three major cloud players and their offerings in this space.
In this talk, I provide compiled thoughts about non-violent communication in a work-day with an agile team, where I point moments, situations, and ways to improve the team's accountability by creating a safe environment.Also, give a "tool" to be used for everyone. This talk is about connecting people around only one goal, solving the problems in an effective way, removing assumptions, understanding the intentions behind our requests, and a build a clear path to express our message to the whole team.
I'll talk about how we build a preorder service for Billa PLUS (part of REWE group) as a team of nine, from 4 countries, in 8 weeks (https://vorbestellservice.billa.at/).The main focus will be on how we build out the Frontend with SvelteKit and tailwind. We connected the frontend to a .NET 5 backend running inside of docker.As a team we really enjoyed the freedom of working with a fast dev environment (powered by vite), coupled with the rapid style development (JIT compilation of tailwind) and all of the tools (e.g. animations) baked into svelte, while maintaining a small bundle size shipped to the client.I'll also mention the deployment to Azure static web app and how the api driven static site approach worked for us.I'll close with some of the challenges we faced, specifically around stale data and team communication, before I'll show some code examples.
Gone are the days when breaches were rare and security could safely be put low on the priority list; product security is now a customer demand and cyber crime has reached epic proportions. Our idolization of hackers, penetration testing and ‘breaking’ has not resulted in secure software for our industry, only egos, stereotypes and unaffordable security models. Modern application security approaches need to address both offensive (red team) and defensive (blue team) approaches, as well as continuous learning and advocacy for developers. This means Purple Team. This talk will explore how to combine defence, offence, automation, empathy and continuous learning, all without the requirement of ever wearing a hoodie. The future of security is PURPLE.
The goal of this live debugging session is to better understand how to work with a failing Kubernetes Operator and get used to some helpful Kubernetes commands.Each of the three examples follows the same structure:* Apply an invalid YAML manifest.* Figure out what is wrong and how to fix it.* Hints that may help solve the problem.A detailed walkthrough to understand and solve the problem. Also we'll look at some handy command-line tools and how to connect them for your everyday work with Kubernetes.
The story about Rimac M2M began back in the days of Concept_One development, when we figured out that creating our own telemetry system would be useful, but also, quite cool at the same time. From an internal side-project to bespoke monitoring, analytics and software update management engineering tool for automotive OEMs. How do our users make use of several thousand tracked signals, manage sw update packages, what tech stack powers the system, and how did we reinvent the classic fleet management - find out in this talk.
It’s no secret that most people don’t read technical documentation for pleasure. Users often come to your docs when they are frustrated with your software, disappointed that they haven't been able to solve the problem on their own and generally feeling pretty low. This is sad, sure, but being aware of these feelings is key for developers and technical writers alike. These emotions frame the reader’s perspective and therefore, should shape the mood of our docs.In this talk, we’ll discuss how the language we use affects our users and the first steps towards writing accessible, approachable and use case-driven documentation.
On their journey towards machine learning (ML) in production, organizations often solely focus on MLOps, building the technical infrastructure and processes for model training, serving, and monitoring. However, as ML-based systems are increasingly employed in business-critical applications, ensuring their trustworthiness and legal compliance becomes paramount. To this end, highly complex “black box” AI systems pose a particular challenge.Using the example of ML-based recruiting tools, we show how even seemingly innocuous applications can carry significant risks. Then, we demonstrate how organizations can utilize Model Governance and Explainable AI to manage them by enabling stakeholders such as management, non-technical employees, and auditors to assess the performance of AI systems and their compliance with both business and regulatory requirements.
TerminusDB is an open-source document graph database. The database itself enables you to build quickly with the simplicity of JSON documents and turn objects into powerful knowledge graphs – perfect for critical asset relationships. This workshop will demonstrate the simplicity at which a Critical Asset Management System (CAMS) can be developed using TerminusX and TerminusDB Documents SDK. The SDK automatically generates the UI from the schema frames of documents which can also be customized to any look and feel.
Before I started my career in software development, I worked for many years as a dog trainer. The experiences I made in this time are the reason why I immediately fell in love with testing. So, let’s talk about TDD! TDD stand for Test-driven development and it’s not only a technique to write tests but also a design process in software development. I want to give you a new perspective on this process and explain how to TDD with the help of comparing it to how to train a dog. TDD has much in common with dogtraining, so at the end of my talk you should be able to write a piece of c test driven code, and also teach a dog a little trick - well, the last thing at least theoretically.
Everyone talks about code "scalability" and "maintainability", but I remember struggling to come up with a such a project structure when I got started in tech. I needed a practical real-world example with best practices. Years later, I built Custodian - a large, complex platform. Our developers team grew in size seamlessly. I share some of my learnings and shortcomings. I will walk through our codebase structure, how I learned from open source projects, and crucially, how we leveraged typescript and atomic design - a match made in heaven.
in this talk, I will talk about my experience as an introverted developer, from super skeptical about social media to Developer Advocate, a profession that involves a lot of content creation and it requires high communication skills.I will share everything I know and I have learned on my skin so you can use Social media and increase your communication skill, to open up to many new opportunities and, why not, find some friends on the internet.At the end of this talk, you will feel motivated to work on your social presence, even (and especially) if you are introverted.