November 12-13 (that is, just a couple of weeks), DotNext 2017 Moscow , the largest conference in Russia dedicated to the development on the .NET platform, will take place. Our speakers include leading industry experts from Russia, Europe and the USA. The main topics of the conference are platform operation insides (CLR, GC, JIT), best practices in the use of tools, profiling and performance optimization, multi-threaded programming, platform innovations, solving complex cases.

Under the cut - a detailed analysis of the program, a few words about the innovations of this year and the secret promotional code with a discount.

The return of hardcore

First , the changes affected the composition of the reports.

Past DotNext in St. Petersburg was held at an amazing time - many new technologies came out or were being prepared for release. Almost all the reports were about this, which automatically meant a reduction in the complexity of the material. The survey showed that people were not particularly interested in ideas like digging in the insides of GC and repairing collapsing profilers (javista's favorite activities), but they were very interested in how to implement Docker and Kubernetes into a ready-made .NET infrastructure. It was just such a time.

On DotNext 2017 Moscow hardcore comes back . We are still not going to delve into the GC - but we are going to discuss the memory model, performance testing and optimization, debugging subtleties, and even debugging on Linux. For special connoisseurs, there are two reports on the use of functional programming. Now hardcore reports - exactly one third of the total.

However, the discussion of "normal" issues and tools has not gone away. There is a large block of reports on cluster and cloud infrastructure, there is a discussion of the bodies and methods of their use (such as code generation practice), there is something about devops and security, and so on. Everyone will find a theme to their liking.

Obviously, this amount of information will not fit on one day, so now DotNext takes two days and three parallel tracks. Opening takes place at 10 am (on the first day, check-in is at 9 am), closing - at 7 pm, i.e. 9 hours per track. In order not to melt the brain from such a volume, you can plan to visit not only the most complex reports, but dilute them with more light ones. But how to get on everything that is planned - this will be written below.

Robots are crammed, not human

Secondly , we hooked up heavy artillery and analyzed the distribution of reports by track using special samopisny software. We solve the following problem: suppose a person wanted to go to 3 previously known reports. How to make them happen at different times so that they don’t have to choose between them?

The basis is OptaPlanner - a universal solver of business constraints. It is specially created for solving tasks such as routing cars, distributing employees by tasks, optimizing cloud computing, packaging goods and so on. All these tasks are united by the fact that they are similar to solving a puzzle in which it is necessary to redistribute limited resources to their respective consumers. Approximately the same problem arises when planning the distribution of reports.

On top of OptaPlanner was written its own engine called ConfPlanner . In particular, for this you need to thank Vladimir Sitnikov . Vladimir is a performance architect at NetCracker and a member of the program committees of the JUG.ru Group. The result is an open project, the source of which can be on the githabe .

The bottom line is that we set the constraints in the form of a YAML file and at the output we get a ready-made solution.

capacity: 400 languages: - name: ru - name: en rooms: - name: 1 capacity: 300 - name: 2 capacity: 200 days: - name: 1 date: 2017-10-04 timeslots: - name: 1 day: 1 start: 11:00 duration: 50 - name: 2 day: 1 start: 14:00 duration: 50 - name: 3 day: 1 start: 18:00 duration: 50 topics: - name: Case study - name: Tricks speakers: - name: Speaker A arriveTime: 2017-10-04T12:00:00+03:00 - name: Speaker B leaveTime: 2017-10-04T16:00:00+03:00 talks: - name: 'How to arrive late' language: en speakers: Speaker A topics: Tricks - name: 'How to depart early' language: ru speakers: Speaker B topics: Tricks - name: 'Coffee time' language: en speakers: - Speaker A - Speaker B topics: - Case study - Tricks 

Now the coolest: you can take into account not only the elementary constraints of the type of time, but also the survey data . Those surveys where you indicate what reports are going to go.

For example, a person wants to go on 3 reports and it so happens that they are lined up "in one line" (coincide in time). This combination is valid, but penalty points are awarded for it. The essence of the solution to the problem of drawing up the optimal report schedule is minimization of the penalty function.

Of course, after ConfPlanner made comments, the schedule is well thought out by real people. As you can see, filling out surveys is useful . Your opinion is really taken into account, in the most direct sense.

Promised Secret Promocode

At first, I wanted to insert a promotional code somewhere in the final part of the article, or in the middle of the list of reports, so that I had to search for it a little. It quickly became clear that the number of reports was large enough that no one could find it. So here, keep the code:

LastCallPromo

Using this code on the registration page , you can get a discount before the end of the week.

Content of the program

Now let's go through the reports and see what this conference will be about. Conventionally, all reports can be divided into the following groups:

• Performance and low-level details
  
  • Network code
  • Debugging
• Clusters and clouds
  
  • Transportation systems
• Language, tools and programming techniques
  
  • Functional programming
• miscellanea
  
  • Machine learning and materiel
  • Security
  • Monitoring, Operation and DevOps
  • Philosophy (!)

It is important to note that this division is conditional. The reports themselves are not tied to any rigid classification. It would be possible to group them in some other way, for example, by the framework used. However, the above structure has an excellent property: it helps to choose which report to go to.

Performance and low-level details

Keynout: Let's talk about performance testing

Andrey Akinshin, JetBrains

Keynout has several goals, including - to convey the spirit and essence of what will happen next couple of days. This report will focus on typical performance testing issues and possible approaches to solving them. Andrey Akinshin is working on the Rider project, is a manteyner of BenchmarkDotNet and, in general, knows a lot about micro-optimizations.

Patterns for high-performance C #: from algorithm to low-level techniques

Federico Lois, Corvalius

In this report, we will look at the techniques and patterns used to write high-performance code — from analysis to the specific implementation of optimization. Let us figure out how to understand what optimization to use, and what problems usually arise when optimizing the database code. Many of these techniques were invented and polished to a mirror shine when developing RavenDB 4.0 - a fresh version of the NoSQL engine for the .NET platform. RavenDB is a rather complicated thing, in which optimization has been going on for nanoseconds for a long time, and it is necessary to optimize in time, IO and processor simultaneously. Most of the techniques discussed in this report can be applied anywhere, regardless of language or framework.

Federico went a long way to be able to tell about his discoveries. He is not only a co-founder of Corvalius and Codealike, but he has actually worked on the performance of algorithms for the last ten years, using both CPU and all kinds of tricky hardware like GPUs as hardware. This is a person who is not afraid of working with binary data, registers and low-level optimization, and at the same time fascinated by the technology of parallelism and modern computer graphics. In general, if anyone can tell a report on low-level optimizations in C #, then this is it.

.NET memory model

Valery Petrov, Sidenis

Anyone else have questions after Federico's report? Maybe someone scares concurrency (and for good reason)? Valery Petrov will ease our fate with a detailed story about the memory model.

Interestingly, at work, Valery is mainly engaged in a "bloody enterprise", and there is a myth that "enterprise" programmers are not interested in such things, do not understand them, and in general at work it is not necessary. Well, the myth is destroyed!

So what is the matter and why should we be interested in it at all? Programs are usually written by people, and executed by a computer. During the existence of a computer, a lot of work has been done to reduce the threshold for entering programming: now it is not necessary to know how a computer works in order to be able to make it do something. However, nothing is given in vain, and behind the high-level languages ​​are hidden many delightful things. In some cases, ignorance of what is happening “below” can lead to sad consequences. And when it comes to concurrency and cross-platform, then there are dragons with underwater rakes.

In this report, Valery will tell you what the memory model is, what it is in .NET, what the specifications warrant to us, what the platform gives, what problems can be expected when leaving the comfort zone: moving to lock-free, running on other architectures (for example, ARM). It will also be shown that some problems can be found by a simple static analysis (the report is not about static analysis, so the details are separate). Among other things, it will be shown that there are also bugs in .NET.

Duel: .NET Core vs. Java

Vitaly Yezepchuk, Fast Reports

Even in the performance section there are nice light reports. In this report, Vitaly will be comparing the performance of .NET Core and Java runtimes in the Linux and Windows operating systems. Target audience: developers of high-performance and resource-intensive applications ... Well, or anyone who is interested to see how .NET will tear Java into the British flag. (What if it doesn't work out?)

High performance Networking in .NET Core

Karel Zikmund, Microsoft

In the top of performance, there are two reports on network performance.

The first of them is led by Karel Zikmund, an English-speaking speaker, known for being the Software Engineering Manager in the .NET Framework team and the .NET Core, and is the CoreFX manager for Networking, Crypto, Collections, Process, etc.

Karel will talk about the architecture and the specific implementation of the .NET Core network stack, especially about performance and portability. The following topics will be covered:

• Key ideas and goals behind the architecture and implementation of the network subsystem
• What progress has been made, what state of the current development
• How to achieve maximum performance
• Current results on performance improvements + comparison against various technologies and operating systems
  
  

Approaches for application request throttling

Maarten Balliauw, JetBrains

The second report on the arbitrariness of the network. Perhaps it should be attributed to the "clouds", about which is written below.

Maarten has long noticed that users are very strange people. At least in his project MyGet.org wild things are happening. If they are very lucky, users will actually use the service, but most likely, they will abuse trust in all possible ways. They use it strangely and unusually, which increases the workload, fills it with requests immediately after the end of the weekend, etc. All this is a real danger to the web application, it can interfere with both the work of a single user, and put the entire service. Therefore, ideally, you need to have some kind of smart filtering system, waiting for the user at the entrance, and controlling the number of requests per unit of time, the amount of traffic, and so on.

In this report, Maarten will talk about the simple, and at the same time, such a complex world of query terminators. We have to decide what and where to restrict - in the application, on the server, on reverse proxy like nginx, on external services like Azure or CloudFlare and so on. As a result, the wolves are fed and the sheep are safe - and the service is working fine, and the users are happy.

Debugging and Profiling .NET Core Apps on Linux

Sasha Goldshtein, Sela Group

In our hardcore "low-level" section there are two reports related to debugging. And both - about cross-platform applications.

The first report is led by Sasha Goldstein - an outstanding performance engineer who invariably occupies top positions at all conferences, no matter where he speaks. We interviewed him several times, I advise you to familiarize yourself with: a couple of videos of 2015 , videos of 2016 , interviews about working with a performance, and a review of the tools of the .NET performance engineer .

In this report, Sasha will talk about the following. Imagine having managed to run your favorite ASP.NET application on Linux or even something with a console interface. What's next? A happy ending? Oh no. In fact, you will have to face memory leaks, strange crashes, performance problems, and many other troubles - and what to do when it all happens in production? On Windows, we have a bunch of interesting tools, but they won't work in Linux, and there are no simple alternatives yet. In this report, Sasha will talk about how debugging and profiling of .NET Core applications on Linux now look like. How to investigate using perf , how LTTNG used as a replacement for ETW events, how to compile and understand LTTNG LTTNG , and much more. Sasha will talk about collecting core dumps , and how to get information interesting for the .NET developer using lldb and SOS . This report will be a very difficult journey through the wilds of unfinished utilities and special command line magic, but in the end we will come to a happy end! (but it is not exactly).

Mono application debugging tricks

Elizaveta Golenok, Gotech

The second debug report, and again the cross platform. However, after Sasha's report, it is already clear that we cannot see a simple life on Linux :-)

This report is very practical. One of Elizabeth’s real work tasks for this year is to make the existing legacy project (WCF, Web API, MVC, Web Forms) cross-platform. This task is rather classical, however, during the migration process, many problems arise, one of which is the debugging of Mono applications.

Elizabeth will tell how to make the process of debugging Mono-applications more convenient / comfortable, she will show how the process of debugging actually takes place. Along the way, we will introduce the following technologies:

Debuggers:

• Soft Debugger;
• GNU Debugger for low-level problems;
• LLDB;

Profilers:

• Mono Log Profiler;
• Valgrind;
• HeapShot;

In addition, there will be a comparison of these tools with analogues used to debug classic .NET applications and .NET Core.

Clusters and clouds

One of the most HYIP themes of recent years strikes back, being almost the largest bloc of this conference. A great amount of new technologies, frameworks, secret know-how and so on are spinning here. There are less professionals who can tell their know-how, and we have gathered them all!

Back to the Future: Building Efficient Cloud Services with Orleans

Sergey Bykov, Microsoft

This report is dedicated to Microsoft Orleans , a framework developed by Microsoft Research.

Will tell about it the head of the Orleans development . Sergey Bykov started the Orleans project at Microsoft Research and continues to lead its development in open source in the Xbox division.

Orleans provides a radically new approach to building systems that gives developers the efficiency of stateful architecture and a host of other important benefits through a simple and intuitive programming model. Orleans has been successfully used in blockbuster games Halo, Gears of War, Age of Empires, Skype, Azure and other Microsoft systems, for IoT, financial analysis and many other areas. The Orleans clones created for the JVM, Go and Erlang are just another proof of the Orleans success.

I have a microservices architecture and i didn't know

Dino Esposito, JetBrains

As you already know, microservices are vertical layers of functionality, independent from each other in terms of technology, paradigms, and even, to some extent, data. Like any other isolated module, microservice can be easily replaced or rewritten, or even horizontally scaled without the risk of regressions. Microsevreis can be loosely coupled part of a distributed architecture, but they can be used separately, by themselves. This architecture has many advantages, and not so many disadvantages. More importantly, it is more common than it is customary to talk about. “Microservices” is just a special name for anything that is not a well-developed, comprehensive system.

In this report, Dino will share with us the painful experience of developing a microservice architecture, during which his company built the infrastructure in many stages, having very limited resources, collecting the results by brick and trying to ensure that when adding new Kripikov, the old ones would not fall off .

Dino is a well-known trainer, consultant and evangelist, a CTO of a rapidly growing IT company. He has written many well-known books for Microsoft Press. This report continues the glorious tradition in which Dino tells how to overcome this whole mess, which we have done ourselves.

I remind you that Dino has another report - the final keyout, definitely worth a visit.

Serverless compute with .NET based Azure Functions

Alex Thissen, Xpirit

If we are already talking about clouds and microservices, the first association from the world of Microsoft products is Azure.

Azure Functions can be used to create serverless cloud services, and in fact is a new step in the evolution of distributed computing and hosting. In order to explain to us the details of using this technology, Alex Thissen comes to us - a consultant for the development of modern distributed applications, 10-fold MVP owner, and of course - an expert in Azure Functions.

In this report, Alex will show you how to develop using Azure Functions and C #, and how to collect, test and deploy all of this on Azure. Details of programming on .NET, details of the architecture and internal implementation will be disassembled. In addition, Alex will show you how to start all this and host it on a local machine, so immediately after the report you will be able to independently invent and write cool apps using Azure Functions.

12-factor apps in .NET Core

Ian Cooper, Huddle

You, probably, already heard about Cloud Native: about continuous deployment and simple scaling of a server code. You heard about Docker and microservices. But what are the “12-factor applications” mentioned in the title? This methodology, originally developed by engineers who deployed to Heroku, is a “recipe for success” when writing code for any cloud platform. This report describes the essence of the method and demonstrates how to write an application for .NET that would meet all the requirements of this method. Absolutely there will be live examples using ASP.NET Core, the light and dark sides of applications built in this way are outlined; It will show how this can be deployed without a server, and using Azure Service Fabric.

By the end of the report, you will gain a deeper understanding of Cloud Native, and Ian Cooper, an architect from London with more than 20 years of experience, the founder of #ldnug and a well-known speaker specializing in proper architecture, patterns and good design practices, will help you with this.

Apache Kafka and reactive microservices on .NET Core

Denis Ivanov, 2GIS

Among the "cloud" reports stands out a group of three stories dedicated to transport systems. It was difficult in this review of reports not to put Kafka in the first place - so popular and beloved in the .NET community.

Just in case, we recall that Apache Kafka is an open source platform for processing message flows. The abstraction of the distributed log that underlies Kafka makes it possible to use it as a queuing system, but it also provides some very useful advantages that are inaccessible even to ESB-level solutions.

In this report, under the strict guidance of Denis Ivanov, we will analyze the basic principles on which Apache Kafka is built, we learn how and in what cases its use allows us to solve problems simply and efficiently.

But most importantly, we will consider the real use of Apache Kafka in a system that has a microservice architecture and the backends of which are implemented on .NET Core and Scala. It will tell you about the wonderful Reactive Extensions library and show how using a reactive approach allows you to keep the code simple, reliable and extremely productive.

The report does not forget the features and nuances, which are always very much when we make microservice applications, and even with such a set of technologies. The actual experience gained in a large project will be described. Denis works in 2GIS on sales systems and advertising services, writes C # code in Windows and macOS, and compiles it and deploys applications in Linux - therefore he knows firsthand what he is talking about. To us, the listeners of the report, all this will allow us to quickly navigate if we need to solve similar problems.

NServiceBus or MassTransit? .NET ServiceBus frameworks compared

Roland Guijt, RMG Holding BV

Continuing the theme of architectures with the use of messaging for the implementation of microservices, we need to recall the service tires. There are several options, but how to choose between them? For .NET, there is MassTransit and NServiceBus , and both of them work great. But despite the resemblance, they have significant differences.

In this report, Ronald will take us through the main features and API MassTransit and NServiceBus, noting the similarities and differences. At the end of this competition, we will be able to choose the winner - the one who is most suitable for your application. (You can make bets right now!)

Akka Streams for mere mortals

Vagif Abilov, Miles

How can a few lines of code print a continuous stream of messages from Twitter, adding to it weather data in the places of residence of their authors? And how to limit the speed of requests to the weather provider so that they do not put us on the black list? All this can be seen in the demo from the final part of the report.

Before that, we will learn about Akka Streams technology, which allows working with real-time data streams as easily as programmers work with LINQ expressions, without requiring manual implementation of either individual actors or Reactive Streams interfaces.

Vagif is a super professional with 30 years of programming experience. You may know him by his beautiful username on Github - @object . He is currently developing systems for F # and C #. Vagif often speaks at conferences, takes part in open-source projects and supports Simple.OData.Client .

Language, tools and programming techniques

Runtime code generation techniques in real life scenarios

Raffaele Rialdi, Vevy Europe

Code generation in runtime is a very powerful and well-studied technique, but many developers are still reluctant to use it. Usually the study of Expression Trees begins with some simple example of how to create a predicate (filter) or a mathematical expression. But not the Expression Trees single .NET developer is alive. Most recently, it was possible to generate code using the compiler itself — this is done using the Roslyn / CodeAnalisys library APIs, which, among other things, also provide parsing, crawling, and source generation.

In this report, we, together with Rafael, will analyze the real ways of using code generation. In some cases, they can greatly improve the performance of the application, which in turn leads us to a dilemma - if the generated code is so useful and we are going to use it often, how can we debug this code? This is one of the fundamental questions that arise in real projects.

Rafael is a practicing architect, consultant and speaker with MVP in the Developer Security category since 2003, which right now has been involved in enterprise project backends, specializing in code generation and cross-platform development for C # and C ++. In other words, Raphael is the person to whom almost any question about code generation can be asked in the discussion area, and not only about .NET, and he will most likely answer.

Mono + .NET Core = ❤

Egor Bogatov, Microsoft

Performance, code generation, some kind of tin ... For a change, here we will have an easy and pleasant report showing the real progress of our technologies and allowing us to feel a slight pride in the things we do.

The development of an open cross-platform .NET Core is well underway and much attention is paid to other platforms. What about Mono and mobile platforms? In this report, we, together with Yegor, will talk about the current state of affairs of Mono and its place in the .NET ecosystem. Let us tell you how we use .NET Core code in Mono and vice versa, as well as new features and tools, such as Embeddinator .

Egor is a developer at Xamarin (Microsoft) from the Mono BCL team. Works on improving Mono and combining it with .NET Core. In fact, all the information from this report is first-hand. Anyone who wants to be tin, will be able to freely catch Yegor in the discussion area and ask all the burning questions.

TDD upside down

Yegor Bugaenko, Zerocracy

Egor is the only owner of the “game” badge at Java conferences. In the sense, besides the standard variants of complexity (easy - “smoothie”, medium - “bearded”, difficult - “goat”), the “game” badge with the image of fried chicken was specially made for it. We warned you.

So, especially for DotNext, Egor developed a more relaxed and academic report, but the chosen topic, nevertheless, will kindle the heart of any expert on good programming practices. Egor is the author of the book Elegant Objects , CEO in Zerocracy and Java architect in several open source projects ( Rultor , Takes , JCabi ).

Development through testing (aka TDD) was rediscovered by Kent Beck and explored in detail in his famous book in 2002. In 2014, David Heinemeier Hansson (creator of Ruby on Rails) said that TDD does not work and only hurts architecture. Robert Martin (creator of the SOLID principles) did not agree with this and explained that TDD may not work only in certain cases. After some time, he even compared the importance of TDD with the importance of hand washing in medicine and added that “it would not surprise him if one day TDD acquires the force of law”. Two years later, and for us - a couple of months ago, he wrote about it again, and again, and more. This is a hot topic for discussion. Of course, we have our own opinion on this.

Life, liberty and the pursuit of APIness: the secret to happy code

Dylan Beattie, Spotlight

This will be a very philosophical, and at the same time, a purely practical report. He will be led by Dylan Beattie - a person with so many work achievements and interesting projects that it is easier to read the full list on our website . In the context of the report, it is interesting that Dylan is a system architect who right now is working on building complex modern distributed applications and, accordingly, on developing the right APIs for them. And he will probably play us on the guitar, at a party after the first day of DotNext with Vagif.

But back to the report. The point is that we have been working all our life on systems created by other people. Starting from a simple UI on the phone, and ending with the cloud infrastructure of the modern Internet - the interaction between systems and users is the foundation for our understanding of the technology and sensations from its use. If you build the right interaction, users will be happy and will work productively. If the platform leaves only bad impressions, it only leads to inefficiency, fear and anguish from using such a product.

Whether we are aware or not, every time we create new programs, we also create user experience. People will interact with our code — as end users, or maybe as members of the development team. Or maybe they are mobile application developers using your API, or is it someone who needs to go to the night to fix the problems that have arisen. From the outside, this may seem like quite different cases, but in fact they have something in common. Dylan calls this the word " discoverability ." (I do not specifically translate this word, because the report will still be in English, and in English it has more meanings than the Russian equivalent of “intelligibility”).

In this report, Dylan outlines ideas and discoveries relating to user experience, API design, psychology and psychology of learning, and shows how you can integrate the idea of discoverability at all architectural levels of the application. There will be illustrations on real big projects, with explanations of how discoverability works with different interaction paradigms. It doesn't matter if you create databases or system libraries, hypermedia API or mobile applications - one day there will be a moment when someone starts interacting with your code - and when this happens - it’s better that they are satisfied, right?

Providers of types without pain and magic

Roman Nevolin, EPAM

Newtonsoft.Json is the most popular package in NuGet. And next to it, in third place, is the Entity Framework. Perhaps this is a good demonstration of how often .NET developers process a variety of data. And for each type of data - its own library, and a bunch of wrapper classes that you have to write in order to obtain all the benefits of strict typing. And this should be done for each new data source.

However, F # offers us another solution to the eternal problem - type providers. A solution that allows you to maximally simplify work with any data types, get rid of writing and maintaining classes of wrappers, and at the same time solve completely different problems, like drawing complex graphs and working with neural networks with F # tools.

If you want to know how to use type providers, what problems they solve, how they work and how to write your own provider for your tasks, come to this report!

Knowing F # is optional . Roman does research in the field of Machine Learning and develops his own machine learning tools, so he can explain complex things with simple words.

Functional programming

This time we have two reports on functional programming. The introduction of these ideas initially progressed slowly and difficultly, and, judging by the number of reports, the future has come.

From dependency injection to dependency rejection

Mark Seemann, blog.ploeh.dk

Functional programming has one big problem - it’s very difficult to talk about it. Attempts to convey to people something using terms like “zygohistomorphic prepromorphism” easily drive an unprepared listener to mind.

Mark is the author of the popular book Dependency Injection in .NET , the author of countless blog posts , and the speaker at so many conferences that he had to start a public schedule on his website. And he tells every time more and more new. If anyone can talk about FP, it's him.

What will this report be about?
In object-oriented design, dependency injection is often used - this pattern is very popular, but nevertheless it is a rather complex approach to solving the problem of separating related entities. In functional programming, there are ways that are much simpler and more efficient.

In this report, Mark will consider the use of dependency injection in classic object-oriented design and explain why it is not necessary (even undesirable) to use it in functional programming. Following this, it will be clearly shown how the use of functional programming by the technique eliminates the need to use mocks and stubs in unit testing, and allows you to completely eliminate garbage from a direct listing of dependencies.

Functional programming for C # developers

Nikolay Gusev, Deutsche Bank Technology Center

Functional programming is gaining popularity every day. New libraries, frameworks and languages ​​inspired by functional concepts are coming out here and there. More and more programmers are beginning to appreciate the immutable state and pure functions, simple and convenient composition of structures and the compiler, which finds the lion's share of errors before launching the application. C # language every year absorbs new ideas from the world of functional programming. We’ve become accustomed to Linq’s convenience and functions as parameters. And sometimes C # itself becomes the cradle of new ideas, for example, Reactive Extensions (thanks to Eric Meyer).

I wonder what other functional programming constructs could be used in C #? Nikolay Gusev will tell about it in his report. At the same time we learn how to handle errors in the style of functional programming, how to get rid of the Null Reference Exception, how else you can use Linq and much more.

Security questions

Only two reports are devoted to security issues, but which ones! Agree, we, as developers, do not always want to think about security, often we forget about everything in pursuit of new features. This pair of reports will make our fate a bit simpler.

ASP.NET Core: Attack Prevention Mechanisms 2.0

Mikhail Scherbakov

As you know, at the conferences of the JUG.ru Group repetitions of reports are not welcome. You could already hear the first version of the report, and this is not a repetition.

Version 2.0 of the report will be about the built-in mechanisms for preventing attacks in ASP.NET, augmented and expanded after the release of .NET Core 2.0 . We look at the new Microsoft web framework from a security point of view.

In the report, Mikhail will talk about the differences in security features ASP.NET of different versions and analyze how the built-in protection mechanisms against XSS and CSRF now work, what cryptography features are available out of the box, how session management is organized.

The report will be of interest primarily to developers writing secure ASP.NET applications, specialists conducting security review of .NET projects, and everyone who wants to understand the implementation of security components using the example of this platform. , , .

Beating injections

, Positive Technologies

The second report is about security, and it has exactly the same practical orientation. We recommend reading the speaker’s biography on the site in order to understand that this is the best security expert and an obvious candidate for communication in the discussion area after the report.

The report is devoted to the problem of vulnerabilities of .NET-applications to injection attacks in languages ​​of various grammars (HTML, JavaScript, URL, SQL, Path, etc.).

The first part of the report will consider the formal model of an application vulnerable to this class of attacks, and a universal approach to protecting against them based on it.

The second part is devoted to a review of the open library LibProtection, which allows developers to safely use the familiar API for working with formatted and interpolated strings when working with input data and hiding behind it a full-featured built-in runtime protection tool.

Machine Learning &

Machine Learning — . , — SmartData , . DotNext !

Artificial Intelligence and Neural Networks for .NET Developers

, Microsoft

Artificial intelligence is now one of the most discussed topics and the main engine of digital business transformation. Microsoft’s AI strategy includes democratizing AI for developers, i.e. providing easy-to-use frameworks and services for solving intellectual problems.

Dmitry is a technology evangelist from Microsoft, specializing in the Internet of Things, in the development of universal Windows applications and in the field of functional programming.

In this report, Dmitry will show how .NET-developers can use the capabilities of AI in their projects: starting from ready-made cognitive services running in the cloud, ending with teaching neural networks in .NET-languages ​​and launching complex neural network models on compact devices like Raspberry Pi.

Self-aware applications: automatic production monitoring

Dina Goldshtein, Google

— , . , , , , . ETW CLRMD , . : GC, CPU, , . Riverbed , — , , .

, DevOps

, , . «Self-aware applications», - , .

The Metrix has you…

, Paladyne Systems
. After this, the main task of the authors is to fight off the bugs that have accidentally reached them. In fact, the application does not end its life journey in the teeth of users, but only starts it. And he needs the help of developers no less than during the formation and testing.

, , . , Time Series . , InfluxDB Grafana .

NUKE: Build automation for C# developers

Matthias Koch, JetBrains

— JetBrains, , 5 open source , TestFx, TestLinker NUKE .

NUKE — , C# DSL. , . NUKE , C#, IDE , , . NUKE . — !

.NET Core Linux

, TYME

Linux? — TYME, , .NET Core Linux.
.NET Core Linux, . , : GitLab, TeamCity, Ansible, Octopus Deploy, Docker. . , TYME Linux.

A little philosophy

Final keyout: Unchain my heart

Dino Esposito, JetBrains

Imagine yourself in 2048. What will be considered art? How will we do the usual things, how will we do business?

Dino will tell us a story - a fictional story - which can be considered science fiction. Or a special cellular fiction. In 2008, one guy made Bitcoin. To manage Bitcoin, you need to use a common registry - Blockchain. Blockchain is a public registry for transactions - in the future, transactions of any type. Imagine that someone went further, on a couple of levels. Blockchain spread throughout the world, and became the basis for absolutely everything. Banks, notaries, government - in short, any third-party certifying authorities - were on the verge of disaster.

Imagine that in 2048 the whole world turned out to be entirely based on Blockchain, and any transaction in it is visible, traceable and verifiable by anyone. Imagine a world in which people dress in RFID-connected clothing connected to Blockchain. Any step you take is also monitored (by the way, now they are watching 2017 too!). Your location is well known to everyone, all the actions I recorded. Imagine a world in which computers deal with most of the most tedious tasks you’ve ever met in life - they make decisions for you, drive a car for you, order plane tickets for you, buy different things for you - and even write for you programs.

Imagine a world in which only thoughts and dreams are all truly yours, and they are the only pleasant thing that you still have. (No, I do not think that computers will have sex for you, even in 2048!). Will it be utopia or anti-utopia? A world without deception, envy and crime. Full of honesty, freedom, love. (And yes, free love is like the kind that hippies dreamed of in the 70s, but much better). Time will tell, and time flies very quickly.