If Log4Shell, Spring4Shell, etc. have taught us anything, it's that we need to keep our dependencies up to date. But updating our applications can take a lot of time. How do we stay on top of that, while also continuing to deliver business value?
Luckily, there are plenty of tools that can help us with this, from package managers to bots that can automatically create changes on our repositories. Let's go over some of the different options, so we can make informed choices about what's best for us in a particular situation.
Marit van Dijk is a software developer with 20 years of experience in different roles and companies. She loves building awesome software with amazing people, and has contributed to open source projects like Cucumber and various other projects. She enjoys learning new things, as well as sharing knowledge on Java, Kotlin, programming, test automation, Cucumber/BDD and software engineering. She speaks at international conferences, webinars and podcasts, writes blog posts and contributed to the book "97 Things Every Java Programmer Should Know" (O’Reilly Media).