Moderne SaaS works on the OpenRewrite AST, which is a structural representation of code, an intermediary between code as text and compiled binary code. OpenRewrite AST is an enhanced compiler AST with type attribution, formatting, and other metadata that is used to implement this code analysis and transformation. Because of this structural representation of code, there is no need for an additional database or indexing of code, and any dynamically formed query or change of code can be performed.

Syntactic Awareness
A somewhat simple floral illustration of a single branch with multiple stems and buds
Syntax + Types + Formatting
+ Dependencies + More
Close-up of a computer screen with lines of code

Moderne is a horizontally scalable solution. OpenRewrite ASTs are cached on worker nodes in memory and any query or transformation request received can be executed in seconds. Hundreds of millions of lines of code can be operated on simultaneously.

ASTs are output from the build process and stored in Artifactory alongside binaries. This triggers ingestion into the SaaS, so the code is available to work on a few minutes after being compiled.

OpenRewrite encapsulates these queries or changes into recipes, with building blocks for typical operations provided out of the box (find or change type). It has been extended for framework migrations, CVE patching, and custom recipe development. There is no need to learn a new query language for developers, custom recipes are developed in the same language as the code being analyzed/transformed, and built-in recipes are consumed via UI forms with options.

Moderne SaaS integrates with GitHub (can be easily extended to any git-based source code management) for user authorization decisions and issuing Pull Requests and mass commits. Users have exactly the same access to code and repositories as they have in GitHub.

This solution in effect is a data warehouse for code, where code is imported in a highly structured representation and queries and transformations can be executed in seconds at scale.

In the future, this AST will be tied to binaries and deployed assets, enabling end-to-end traceability of code from source to production. So when a new method-level vulnerability is announced, organizations can iterate over their production environments and identify where this method is used, and then issue a change campaign to eliminate this pattern in the corresponding source code.

Moderne Icon