Modern software is assembled from third party and OSS dependencies. Keeping up to date with these dependencies to fix CVEs and modernize applications requires new techniques.
New releases of Spring Boot are being released on a quite frequent schedule and updating your projects to newer versions of Spring Boot is something that many teams and organizations around the globe do as part of their daily work. Sometimes those upgrades are simple and easy, for example for new patch releases that mostly include changes to fix bugs and address CVEs. In contrast to that, upgrading to a new minor or even a new major version requires more work, including code changes to adapt to new or changed APIs, updating configurations to not use deprecated keys anymore, and more.
Automating bulk pull request generation FTW
Q&A with Jonathan Leitschuh, inaugural HUMAN Dan Kaminsky Fellow, in advance of his upcoming Black Hat USA presentation.
Postponing a (major) dependency update for too long can harm our productivity in the long run as we might not be able to switch to a recent Java version.
To demonstrate OpenRewrite, this blogpost will walk through upgrading a Spring Boot 1.5 application to 2.5+. Along the way we will pick up JUnit 5, and migrate from Java 8 to 17, with minimal manual intervention.
Human Security honors its late co-founder with a fellowship who is using OpenRewrite and Moderne to patch open source vulnerabilities.
With modern enterprises relying on software to function, having a process in place to mitigate vulnerabilities in open source code is becoming more important.
Jonathan and Charlene discuss Moderne‘s use of virtual reality—specifically, the Oculus VR system—as a collaboration tool for its disparate developer team and demonstrate how the groups work in the Workroom app.
On this episode of the Humans of DevOps, Jason Baum is joined by Jonathan Schneider, co-founder, and CEO of Moderne. They discuss how remote teams can overcome challenges using VR, the benefits of VR for remote teams, and how VR impacts code quality and developer productivity.
At Moderne, they automatically identify and patch security holes in your code, freeing you to create, build, and make exciting new things. Olga Kundzich and Jonathan Schneider join me on the Tech Talks Daily podcast to discuss the downsides of cloud-native application development and maintaining modern applications.
Modern software is >80% third party dependencies and OSS. OpenRewrite helps manage and update these dependencies (and the code) with automation.
The OpenRewrite team also collaborated with Micronaut to develop and make OpenRewrite recipe a recommended upgrade process for the latest 3.x version of Micronaut, the JVM-based full-stack framework for building microservices and serverless applications.
Micronaut partners with Moderne to develop automation for upgrading to Micronaut 3.x. Micronaut framework users do not need to perform the migration by hand, allowing both consumers and authors of the framework to innovate faster.
Jonathan Schneider and Olga Kundzich are co-founders of Moderne, a Seattle-based startup that just announced $4.7 million in seed funding founded to commercialize OpenRewrite, an open-source project that Jonathan developed at Netflix.
Moderne is helping developers automate upgrades of third-party dependencies, libraries and frameworks, CVEs patching and internal APIs management.
Moderne is working to provide a platform to automatically "fix, upgrade and secure" code in minutes, offering support for framework or API migrations and applying CVE patches.