2026-08-14 –, Room 1
Professional Julia use requires industrial security. This challenge is unique because risks often hide in binary dependencies (JLLs) that standard tools ignore. This talk, following the launch of the Julia Security Working Group, shows how Trivy was adapted to scan the entire Julia dependency graph. We explore the implementation of this workflow within JuliaHub to provide automated security auditing and SBOM generation for any Julia project, ensuring safety for all.
This session demonstrates the technical integration of Trivy to provide vulnerability scanning for the Julia ecosystem. We outline how the JuliaHub platform automatically analyzes source code and dependencies to identify known risks, closing the "vulnerability gap" found in binary JLLs.
The session covers the core concepts of vulnerability scanning and demonstrates how these platforms integrate directly into development workflows to catch threats before they reach production. We conclude with a live demonstration of a workflow that brings these industrial-grade protections to every Julia project.
Mridul Ranjan Upadhyay serves as a Technical Program Manager at JuliaHub, orchestrating strategic initiatives and technological innovation at the intersection of research and industry. A forward-thinking leader and multiple patent holder, he specializes in transforming complex, high-level concepts into scalable products. Mridul is passionate about professionalizing development lifecycles and driving the evolution of emerging technologies within high-growth organizations.
