The software you are building has probably several dependencies and also an additional bunch of transitive dependencies.
Keeping all dependencies under control is key to ensure your application security, quality, and more.
Today some tools are helping you to manage your dependencies, and they are great, but they also have an important limitation: they lack accuracy.
In this talk I will cover how FASTEN project aim at giving more accurate dependencies insight by bringing evolutions to the existing dependencies managers (such as Maven, Pip, etc.) by leveraging functions call graphs done across the whole ecosystem (e.g. Maven Central).
You will learn how it can reduce false positives in reports that are recommending dependencies updates or detect issue at built time rather than at runtime.
So if you are overwhelmed by constant notifications related to dependency upgrades, deprecation, etc. join me to find a solution!
More details about the project: FASTEN project is open source (Apache License 2.0) and founded by the European commission as part of Horizon 2020 program. It involved various universities, companies and non-profit organization. The source code is available from https://github.com/fasten-project/. Some technical documentation is available in the GitHub wiki: https://github.com/fasten-project/fasten/wiki. And more information about the project can be found on the project website: https://www.fasten-project.eu/. The goal of the project is not to replace currently available tooling that deal with dependency management but rather improve them by doing some low level analysis of dependencies (and dependencies relations).