AJUG Resources

Helpful Sites

If you are just getting started with Java or a developer for years, we are collecting links to sites, blogs, and tutorials which we have found useful over the years.

AJUG Meetup

Not all JARs are created equally

October 18th, 2016

Hate those e-mails “are you using some_vulnerable.JAR or some.vulnerable.class” on a project you or nobody has touched in years then your eyes dry over looking at the dependency hierarchy of an old project?

Well, hate no more! Understanding that not all JARs are created equally is the first step in realizing there is consternation. The only constant is change in Open Source and keeping up with versions, CVEs, industry trends, etc could be a burden especially as team members move on. So many dependencies in a modern JAVA project one would need a warehouse to store all these parts [*cough* your artifact repository].

Having supply chain discipline when consuming Open Source can help answer the “where” and “what” an enterprise has deployed. Applying supply chain principles and data beyond your CMDB would have insight to. Makes Dev & Ops happy driving Open Source adoption and visibility.

Also, will be providing an update from last year’s AJUG talk on State of Open Source Software Supply Chain.


Holiday Inn Atlanta-Perimeter/Dunwoody

4386 Chamblee Dunwoody Road,
Atlanta, GA (map)

AJUG Tweets

Follow @atlantajug on twitter.

Recent Jobs