Opening the JAR: The Hitchhiker's Guide to JAR File Dependencies

Explore the intricate world of JAR file dependencies in this informative conference talk. Delve into the complexities of dependency management in Java programs, uncovering potential vulnerabilities and exploitation points. Gain insights into the various solutions developed over the years for running JAR files and managing their dependencies, and understand how these solutions have adapted to fit within the existing JAR file structure. Learn about the multiple methods of including dependencies, each with its own specific behaviors, caveats, and surprising details. Discover the discrepancies between best practices and real-world implementations of JAR files. Examine the structure of JAR files and common dependency inclusion methods, ranging from simple to complex. Uncover important considerations when searching for dependencies, including incorrect implementations, edge cases in processing, and other peculiarities. This talk provides a comprehensive guide to navigating the often confusing landscape of JAR file dependencies, equipping you with valuable knowledge for both development and security purposes.