Make your dependency stacks great again

Yusuf Zainee (~yusuf)


4

Votes

Description:

We at redhat are working on developing a one stop solution for all kinds of insights that a developer needs during the development time. We use our extensive infrastructure couple with data curated by Redhat and security data provided by world leader 'Snyk', to provide accurate information to the developer about the packages that he/she might be using in their project. The report contains information like security vulnerabilities associated to the direct and transitive dependencies, its severity, corrective actions, the license compatibilities, stack license, outliers, insights on the packages being used like latest available version, popularity of the package and also AI powered insights on which are all the companion packages which we must be using. The best part is that the user gets all of this at his development time itself and its all free (open source).

Via this session, we want to educate all the developers how they can enhance their programming capabilities by using this extension. It would be a great learning curve for students or those who are just out of college as they get to know or learn about aspects of selecting a package in their project, which they usually are not aware of.

Prerequisites:

  • Vulnerabilities and security
  • Direct and transitive dependencies
  • IDE extensions

Content URLs:

source code (open source): https://github.com/fabric8-analytics

ppt: https://docs.google.com/presentation/d/1XCefvpVNCXMgBO99oD9t-gmhSwVOB6NO5NFFkmMrQhw/edit#slide=id.p

Video: https://youtu.be/6hoaGEWnfK0

Speaker Info:

Yusuf is a Principal Software Engineer in Redhat's developer group. He has around 13 years of experience in software development. He is one of the contributors to the redhat's project 'Fabric8-Analytics' which aims to provide some key analytics and insights to the developers about their application. Yusuf was identified and awarded by KSCST (a govt of Karnataka [India] initiative) for his contributions in the field of cryptography and genetic algorithm. Yusuf has also represented IBM's Cloud Brokerage Platform in couple of IEEE conferences and meet up. Prior to moving to cloud domain, Yusuf spent around 8.5 yrs in R&D dept in the telecommunication domain.

Deepak is a Software Engineer at RedHat,India and has more than 3 years of Engineering Experience. Deepak is a Technical Blogger and is pursuing AWS Associate Developer certification. Deepak has experience in developing scalable applications on AWS and Red Hat's Openshift. Deepak was a CFP volunteer in last year's pycon and wishes to be a presenter this year :)

Speaker Links:

https://medium.com/tech-vichaar/publish-your-first-production-grade-kubernetes-app-on-google-cloud-a900d82afe01

https://medium.com/tech-vichaar/introduction-to-aws-ec2-be8412424672

https://github.com/fabric8-analytics

https://github.com/selinon/selinon

Section: Developer tools and automation
Type: Talks
Target Audience: Intermediate
Last Updated: