Automated Java Upgrades: From Pain to Productivity in 30 Minutes - DevConf.CZ 2025
Speaker(s): Ludwig Steindl
Keeping large Java applications up to date is a constant challenge. Manual dependency and runtime upgrades are time-consuming, error-prone, and often pushed down the backlog because they lack immediate business value. Meanwhile, outdated dependencies introduce security risks, technical debt, and compliance concerns—especially with new regulations like NIS2 and DORA, which make timely software updates a legal requirement.
But what if upgrades could happen automatically?
In this hands-on session, I’ll demonstrate how to fully automate Java dependency upgrades using Renovate, OpenRewrite, and GitHub Actions. Through a live Quarkus 2 → 3 migration, you'll see how:
1. Renovate detects outdated dependencies and automatically creates pull requests.
2. OpenRewrite applies automated code fixes for breaking changes.
3. Red Hat Developer Sandbox provides a pre-configured environment for manual adjustments—eliminating the need for local setup.
4. SBOMs (Software Bill of Materials) are generated and sent to Dependency-Track, ensuring compliance with NIS2 and DORA while making security improvements visible to decision-makers.
By the end of this session, you’ll have a practical, repeatable strategy to automate dependency management—keeping your Java applications secure, compliant, and resilient with minimal manual effort and zero disruption to development.
---
Full schedule, including slides and other resources:
https://pretalx.devconf.info/devconf-cz-2025/schedule/
Видео Automated Java Upgrades: From Pain to Productivity in 30 Minutes - DevConf.CZ 2025 канала DevConf
Keeping large Java applications up to date is a constant challenge. Manual dependency and runtime upgrades are time-consuming, error-prone, and often pushed down the backlog because they lack immediate business value. Meanwhile, outdated dependencies introduce security risks, technical debt, and compliance concerns—especially with new regulations like NIS2 and DORA, which make timely software updates a legal requirement.
But what if upgrades could happen automatically?
In this hands-on session, I’ll demonstrate how to fully automate Java dependency upgrades using Renovate, OpenRewrite, and GitHub Actions. Through a live Quarkus 2 → 3 migration, you'll see how:
1. Renovate detects outdated dependencies and automatically creates pull requests.
2. OpenRewrite applies automated code fixes for breaking changes.
3. Red Hat Developer Sandbox provides a pre-configured environment for manual adjustments—eliminating the need for local setup.
4. SBOMs (Software Bill of Materials) are generated and sent to Dependency-Track, ensuring compliance with NIS2 and DORA while making security improvements visible to decision-makers.
By the end of this session, you’ll have a practical, repeatable strategy to automate dependency management—keeping your Java applications secure, compliant, and resilient with minimal manual effort and zero disruption to development.
---
Full schedule, including slides and other resources:
https://pretalx.devconf.info/devconf-cz-2025/schedule/
Видео Automated Java Upgrades: From Pain to Productivity in 30 Minutes - DevConf.CZ 2025 канала DevConf
Комментарии отсутствуют
Информация о видео
26 июня 2025 г. 13:15:29
00:27:33
Другие видео канала
