Without a doubt, code maintenance and security challenges will continue into the new year. Organizations will struggle to keep up with dependency updates and migration tasks, and they will face security vulnerabilities that outpace their remediation efforts. All the while, everyone is trying to accomplish more with fewer resources.
In the spirit of the holiday season, we shared the 12 days of code transformation with resources to help guide your team to automating a cleaner, updated codebase in 2024 and beyond. Check out the recap below.
Day 1: Migrate to Java 21 everywhere
Jingle all the way to Java 21! Automatically upgrade your code from Java 8 to 11 to 17 and 21 in minutes.
This recipe applies changes commonly needed when migrating to Java 21. It will also replace deprecated API with equivalents when there is a clear migration strategy. Build files will also be updated to use Java 21 as the target/source and plugins will also be upgraded to versions that are compatible with Java 21.
Day 2: Remediate common static analysis issues
Ho, ho, ho! We love always-clean code! Automate your coding best practices, and clean up issues to keep your repos on the nice list.
The common static analysis recipe looks for and fixes over 50 issues in your code, all of which you can easily enable or disable to meet your needs.
Day 3: Visualize dependency version distribution across repos
Deck out your codebase data with a violin plot visualization to gain dependency insights. Analyze and understand the distribution of artifact versions in use across all your repos like never before, then plan your next steps to phase out old versions.
Moderne code visualizations empower developers with large-scale automated impact analysis. They enable developers to reduce complex code data into a recognizable form that can convey code impacts to business leadership. This helps to prioritize and advocate for follow-on change. Using visualizations, developers can estimate timelines for modernization efforts and migrations more accurately too.
Day 4: Migrate to Spring Boot 3.2
So long Spring Boot 2.7!
Now what do you do?
Just automate your migration...
To keep your code shiny and new!
With open source support for Spring Boot 2.7 ended, you need to accelerate your upgrade. In this workshop, there are a variety of exercises that demonstrate the different ways you can automatically migrate or upgrade an application to Spring Boot 3.
Day 5: Fix the OWASP Top 10 vulnerabilities
Turn naughty code to nice! Discover the many ways that Moderne bolsters your code to solve your toughest application security problems—even the OWASP Top 10.
The Moderne platform enables rich insights into your security issues and can auto-remediate code weaknesses and vulnerabilities using a marketplace of existing recipes or ones you customize for your organization.
Day 6: Adopt fluent assertions with AssertJ in tests
Like holiday guests, libraries and frameworks can…linger. Sometimes you just have to move them along. Moderne enables organizations to quickly move from one thing to another, no matter where they are coming from in their migration—this can mean migrating to new versions or migrating to new tech. It’s all about making it easier to reason across projects and keep projects maintainable over time.
For example, migrate your entire organization from Hamcrest to AssertJ in minutes.
Day 7: Find and fix vulnerable dependencies
Bring a little magic to your codebase!
We know that fixing vulnerable dependencies is one of your top concerns! Unfortunately, too many vulnerable dependencies require minor or major version updates that potentially break source code.
The good news? This code security problem is solvable.
With the Moderne Platform, you can quickly analyze and upgrade vulnerable dependencies for cleaner, more secure code.
Day 8: Migrate to LaunchDarkly 7.0 for Java
Are third-party breaking changes the Grinch of your code?
Automating LaunchDarkly updates will lighten your load.
Then clear out the crumbs of feature flags past,
Plus all their related conditionals—at last!
Migrate to LaunchDarkly 7.0 for Java and manage unused feature flags with Moderne.
Day 9: Track all third-party dependency licenses across repos
‘Tis the season to be jolly! Don't get stuck in compliance misery. Instead, get armed with software composition analysis (SCA) insights. Quickly identify all third-party and open-source licenses in use to ensure your existing codebase (or even a codebase involved in a merger or acquisition) is compliant.
Day 10: Migrate to Micronaut 4.2
In 2023, the Micronaut team released version 4.0.0 of the Micronaut framework. With Jeremy Grelle from the Micronaut team in the lead, we at Moderne helped develop and deliver OpenRewrite migration recipes for users of the Micronaut framework. This allows users to migrate automatically on the day of the release, bringing them up to date quickly despite breaking changes.
So here's a gift that keeps on giving! Always be on the latest Micronaut version to take advantage of improvements. The best gift ever, Micronaut!
Day 11: Uncover sensitive API endpoints
Start your New Year off right!
Finding personally identifiable information (PII) and secrets exposed by REST APIs everywhere in your codebase is a delight.
As companies grow and more APIs are created, it becomes exponentially more difficult to discover how sensitive information flows throughout the codebase. Moderne can help you track it all down.
Day 12: Migrate from Log4j to SLF4J
As we end the 12 days of code transformation, let’s keep application security top of mind.
The Log4j “December to remember” isn’t completely out of sight.
Auto-migrate from Log4j to SLF4J now.
And to all, a good night!
We hope all of these resources will shine a light and support your resolution for secure and updated code all the time. Moderne is committed to helping you make a difference in your codebase in minutes, not months, and to free developers to do the creative work they love that truly makes a difference to businesses and the world.