Heroku's commitment to developer productivity shines through in its powerful buildpack system. They handle the heavy lifting of building your app, letting you focus on what matters most: writing code. A prime example is the Heroku Java buildpack, a versatile tool that simplifies deploying Java applications, especially those built with popular frameworks like Spring Boot, Quarkus, and Micronaut.

One of the core strengths of Heroku buildpacks is their automatic nature. They intelligently detect your application's language and framework, fetching the necessary build tools and configuring the Heroku platform to run your app seamlessly. This means no more wrestling with server...

What is Duke? No one knows his species or genus. People say he’s a Java Bean or a Software Agent, but all we know for sure is that he reminds us of the more than twenty-year legacy of the Java language and its community. The Java community has such an affinity for Duke that designers have created surfing Duke, astronaut Duke, rockstar Duke, macramé Duke, and of course Heroku’s Samurai Duke.

But how can all of these Duke variants exist without violating copyright or trademark laws? After all, Duke represents the language at the middle of one of the fiercest copyright battles in the history of software. The answer, it turns out, can teach us a great deal about how to nurture an open source...

This blog post is adapted from a talk given by Joe Kutner at Devoxx 2018 titled "10 Mistakes Hackers Want You to Make."

Building self-defending applications and services is no longer aspirational--it’s required. Applying security patches, handling passwords correctly, sanitizing inputs, and properly encoding output is now table stakes. Our attackers keep getting better, and so must we.

In this blog post, we'll take a look at several commonly overlooked ways to secure your web apps. Many of the examples provided will be specific to Java, but any modern programming language will have equivalent tactics.

1. Ensure dependencies are up-to-date

Every year, OWASP, a group of...

Designing scalable, fault tolerant, and maintainable stream processing systems is not trivial. The Kafka Streams Java library paired with an Apache Kafka cluster simplifies the amount and complexity of the code you have to write for your stream processing system.

Unlike other stream processing systems, Kafka Streams frees you from having to worry about building and maintaining separate infrastructural dependencies alongside your Kafka clusters. However, you still need to worry about provisioning, orchestrating, and monitoring infrastructure for your Kafka Streams applications.

Heroku makes it easy for you to deploy, run, and scale your Kafka Streams applications by using supported...

Pushing an app to the cloud can feel like launching a probe into space. Once your project is thousands of miles away you can't bang on it with a hammer or replace broken parts when there's a problem. Your debugging efforts must rely on the instrumentation, telemetry, and remote controls included with the app when it was deployed. On Heroku, we've gladly done some of that prep work for you.

Two new Heroku features, Heroku Exec and Language Runtime Metrics, improve your production monitoring, inspecting, and debugging experience on the platform. With Heroku Exec, you can create secure TCP and SSH tunnels into a dyno, which facilitate SSH sessions, port forwarding, remote...