If log4j, Spring4Shell, etc. have taught us anything, it's that we request to keep our dependencies up to date. But updating our applications can take quite a few time. How do we stay on top of that, while besides continuing to deliver business value? Luckily, there are plenty of tools that can aid us with this, from package managers to bots that can automatically make changes on our repositories. Let's go over any of the different options, so we can make informed choices about what's best for us in a peculiar situation
GeeCON Prague 2022: Marit van Dijk - Keep your dependencies in check
If log4j, Spring4Shell, etc. have taught us anything, it's that we request to keep our dependencies up to date. But updating our applications can take quite a few time. How do we stay on top of that, while besides continuing to deliver business value? Luckily, there are plenty of tools that can aid us with this, from package managers to bots that can automatically make changes on our repositories. Let's go over any of the different options, so we can make informed choices about what's best for us in a peculiar situation