JRush | Container Essentials: Fast Builds, Secure Images, Zero Vulnerabilities
Summary
This session of JRush focuses on modern application security from multiple angles: containerization, developer tooling, and secure deployment practices. Speakers discuss cloud native buildpacks as a safer alternative to handwritten Dockerfiles, showing how they simplify builds, improve reproducibility, and reduce security risks. The talk also demonstrates how IntelliJ IDEA and JetBrains security tooling help developers detect vulnerabilities early through inspections, taint analysis, and CI/CD integration. Finally, hardened container images are presented as a new security baseline that minimizes attack surface, reduces CVEs, and simplifies compliance. Overall, the episode emphasizes shifting security left through better tooling, standardized images, and shared responsibility across teams.
About Catherine
Java developer passionate about Spring Boot. Writer. Developer Advocate at BellSoft
Social Media
Tags
Videos
Dec 12, 2025
Will AI Replace Developers? A Vibe Coding Reality Check 2025
Can AI replace software engineers? ChatGPT, Copilot, and LLM-powered vibe coding tools promise to automate development—but after testing them against 17 years of production experience, the answer is more nuanced than the hype suggests. Full project generation produces over-engineered code that's hard to refactor. AI assistants excel at boilerplate but fail at business logic. MCP servers solve hallucination problems but create context overload. Meanwhile, DevOps automation actually works. This breakdown separates AI capabilities from marketing promises—essential for teams integrating LLMs and copilots without compromising code quality or architectural decisions.
Videos
Dec 2, 2025
Build RAG System with Spring AI: No More AI Lies
Struggling to find answers in your own documentation? Your LLM is too. Hallucinations happen because models don’t know your data. RAG (Retrieval Augmented Generation) turns unstructured docs into searchable vector embeddings, so your LLM retrieves facts instead of inventing them. This tutorial walks through the full RAG workflow in Spring AI: document ingestion with TikaDocumentReader, embedding generation, vector storage (pgvector, Choma, Milvus, Oracle), and similarity-based retrieval. You’ll build two endpoints: one for uploading documents and one for answering questions strictly using your indexed data. When the system doesn’t know, it says so—no more confident nonsense. Designed for Java teams bringing AI into production systems where accuracy matters. You’ll learn the pattern, get the code, and deploy an LLM that finally stops hallucinating.
Further watching
Videos
Dec 30, 2025
Java in 2025: LTS Release, AI on JVM, Framework Modernization
Java in 2025 isn't about headline features, it's about how production systems changed under the hood. While release notes focus on individual JEPs, the real story is how the platform, frameworks, and tooling evolved to improve stability, performance, and long-term maintainability. In this video, we look at Java from a production perspective. What does Java 25 LTS mean for teams planning to upgrade? How are memory efficiency, startup time, and observability getting better? Why do changes like Scoped Values and AOT optimizations matter beyond benchmarks? We also cover the broader ecosystem: Spring Boot 4 and Framework 7, AI on the JVM with Spring AI and LangChain4j, Kotlin's growing role in backend systems, and tooling updates that make upgrades easier. Finally, we touch on container hardening and why runtime and supply-chain decisions matter just as much as language features.
Videos
Dec 24, 2025
I Solved Advent of Code 2025 in Kotlin: Here's How It Went
Every year, Advent of Code spawns thousands of solutions — but few engineers step back to see the bigger picture. This is a complete walkthrough of all 12 days from 2025, focused on engineering patterns rather than puzzle statements. We cover scalable techniques: interval math without brute force, dynamic programming, graph algorithms (JGraphT), geometry with Java AWT Polygon, and optimization problems that need constraint solvers like ojAlgo. You'll see how Java and Kotlin handle real constraints, how visualizations validate assumptions, and when to reach for libraries instead of writing everything from scratch. If you love puzzles, programming—or both—and maybe want to learn how to solve them on the JVM, this is for you.
Videos
Dec 18, 2025
Java 26 Preview: New JEPs and What They Mean for You
Java 26 is the next feature release that brings features for enhanced performance, security, and developer experience. This video discusses the upcoming JDK 26 release, highlighting ten JEPs including JEP 500. JEP 500 focuses on preparing developers for future restrictions on mutating final fields in Java, emphasizing their role in maintaining immutable state. This is crucial for robust programming and understanding the nuances of mutable vs immutable data, especially concerning an immutable class in java. We also touch upon the broader implications for functional programming in Java.