Steve Poole

Table of Contents YouTubePodcast AppsGuestsSteve PooleDavid WelchContent Is your Java application actually secure, or does it just look that way? In this episode of the Foojay Podcast, Frank is joined by Steve Poole and David Welch, both from HeroDevs, to …

Table of Contents The CVE Blind SpotThe River StyxThe Rules Changed. The Habits Didn’t.What This Looks Like in PracticeWhen Dependencies Become ZombiesSpring Boot 3.5: The Next CrossingWe’ve Seen This Film BeforeThe Window Is Open. For Now.The Map, Not Just the …

Table of Contents Agents everywhereRod Johnson on the roadThe sessions that didn’t get the main stageA few things from the HeroDevs cornerThe documentaryWhat I’m taking home Spring I/O 2026 wrapped in Barcelona on Wednesday. Three days at the Palau de …

Table of Contents Your Brain Is Working Against YouWhere Java Developers Are Most ExposedYour Toolchain Catches Some of ThisMake the Model Show Its WorkingThe Confidence TaxSources This article is adapted from The Confidence Trap, part of the “2026 Supply Chain …

Table of Contents The inflexion pointWhere Grails versions stand todayThe Spring Boot gravitational pullWhat the risk actually looks likeThe practical middle groundUpgrade is an action, not a strategySummaryResources In the companion article to this one, I looked at the revitalisation …

Table of Contents The technology we stop seeingWhy the Apache move mattersTwenty years of changing handsEighteen months of migrationOne hundred repositories become nineBeyond the code: licensing and complianceThe modernisation you might have missedWhat Grails 7 actually shipsGrails 8 and the …

Table of Contents first, a word about ecosystemsSpeed first.Still optimised for speed.Open Source Security Doesn’t Work the Way You Think It DoesThis matters more than people realise.The Inevitable AI in the MixEnter Shai-HuludThen it pivoted.The defining shift.This Is Also What …

Table of Contents The Chaos and the CrowdFOSDEM isn’t a conference so much as a live snapshot of the open source ecosystem in action.Navigating the FirehoseSo why go in person when you could watch from your sofa?Trends and Tensions in …

Table of Contents Are you sitting comfortably?The CVE is (almost) not importantThe Inversion of the Security TimelineHabit vs. HypeThe Flawed Assumption of Loud AlertsPrioritising Changes Over StoriesThe main timelineAre we done?How the message dilutesA common scenerioWhat This Means to You …

Table of Contents In this article you’ll learnIntroductionWhat this article is aboutBack in the real worldCode FlowsA different type of waterfallUnpredictable as the weather?The idealised workflowThe ethics of vulnerability patchingUnreported is not safeDownstream’s responsibility to the ecosystemEnd of Life software …