Taking dependency management to the next level with call graphs!

The software you are building has probably several dependencies and also an additional bunch of transitive dependencies.
Keeping all dependencies under control is key to ensure your application security, quality, and more.
Today some tools are helping you to manage your dependencies, and they are great, but they also have an important limitation: they lack accuracy.

In this talk I will cover how FASTEN project aim at giving more accurate dependencies insight by bringing evolutions to the existing dependencies managers (such as Maven, Pip, etc.) by leveraging functions call graphs done across the whole ecosystem (e.g. Maven Central).
You will learn how it can reduce false positives in reports that are recommending dependencies updates or detect issue at built time rather than at runtime.
So if you are overwhelmed by constant notifications related to dependency upgrades, deprecation, etc. join me to find a solution!

More details about the project: FASTEN project is open source (Apache License 2.0) and founded by the European commission as part of Horizon 2020 program. It involved various universities, companies and non-profit organization. The source code is available from https://github.com/fasten-project/. Some technical documentation is available in the GitHub wiki: https://github.com/fasten-project/fasten/wiki. And more information about the project can be found on the project website: https://www.fasten-project.eu/. The goal of the project is not to replace currently available tooling that deal with dependency management but rather improve them by doing some low level analysis of dependencies (and dependencies relations).

Slides (External URL):

https://docs.google.com/presentation/d/1jo_jVgoeslA3oKGa3v9SKJhbtjmNTarSHsR1BXZ1…

Objective of the presentation:

Share knowledge regarding limitations of currently available dependency management tools and highlight how an actively developed open source project can improve the current situation. Give insights on the project development, challenge faced, and lessons learned.

Attendee pre-requisites - If none, enter "N/A":

Basic understanding of dependency management.

Schedule info

Time:

27 Oct 2021 - 16:50 to 27 Oct 2021 - 17:20

Room:

Room 2

Taking dependency management to the next level with call graphs!

Comments Sign in to post comments

More informtion about FASTEN project

Re: More informtion about FASTEN project