Scanning Recipes

Name: OpenRewrite
Author: Moderne

This doc contains all scanning recipes. Scanning recipes can not be used as preconditions.

Remove table from single table inherited entity

io.moderne.hibernate.update66.RemoveTableFromInheritedEntity

For Single Table Inherited Entities Hibernate ignores the @Table annotation on child entities. From Version 6.6 it is considered an error.

Migrate management endpoint access value

io.moderne.java.spring.boot3.MigrateEndpointAccessValueSpring34

Migrate manage endpoint access value from false to none and true to read-only.

Remove ignoral of files or directories from .gitignore

org.openrewrite.ExcludeFileFromGitignore

This recipe will remove a file or directory from the .gitignore file. If the file or directory is already in the .gitignore file, it will be removed or negated. If the file or directory is not in the .gitignore file, no action will be taken.

Find colliding source files

org.openrewrite.FindCollidingSourceFiles

Finds source files which share a path with another source file. There should always be exactly one source file per path within a repository. This is a diagnostic for finding problems in OpenRewrite parsers/build plugins.

Show Git source control metadata

org.openrewrite.FindGitProvenance

List out the contents of each unique GitProvenance marker in the set of source files. When everything is working correctly, exactly one such marker should be printed as all source files are expected to come from the same repository / branch / commit hash.

Find LST provenance

org.openrewrite.FindLstProvenance

Produces a data table showing what versions of OpenRewrite/Moderne tooling was used to produce a given LST.

List runtime classpath

org.openrewrite.ListRuntimeClasspath

A diagnostic utility which emits the runtime classpath to a data table.

Find committers on repositories

org.openrewrite.search.FindCommitters

List the committers on a repository.

Append to text file

org.openrewrite.text.AppendToTextFile

Appends or replaces content of an existing plain text file, or creates a new one if it doesn't already exist. Please note that this recipes requires existing plain text files' format to be successfully parsable by OpenRewrite. If a file is left unchanged, it might be parsed as a Quark rather than plain text. In such case, use the plainTextMask option. See the Gradle or Maven plugin configuration page.

Create text file

org.openrewrite.text.CreateTextFile

Creates a new plain text file.

Add Gradle dependency

org.openrewrite.gradle.AddDependency

Add a gradle dependency to a build.gradle file in the correct configuration based on where it is used.

Add Gradle property

org.openrewrite.gradle.AddProperty

Add a property to the gradle.properties file.

Update Gradle wrapper

org.openrewrite.gradle.UpdateGradleWrapper

Update the version of Gradle used in an existing Gradle wrapper. Queries services.gradle.org to determine the available releases, but prefers the artifact repository URL which already exists within the wrapper properties file. If your artifact repository does not contain the same Gradle distributions as services.gradle.org, then the recipe may suggest a version which is not available in your artifact repository.

Upgrade Gradle dependency versions

org.openrewrite.gradle.UpgradeDependencyVersion

Upgrade the version of a dependency in a build.gradle file. Supports updating dependency declarations of various forms:

String notation: "group:artifact:version"
Map notation: group: 'group', name: 'artifact', version: 'version' Can update version numbers which are defined earlier in the same file in variable declarations.

Update a Gradle plugin by id

org.openrewrite.gradle.plugins.UpgradePluginVersion

Update a Gradle plugin by id to a later version.

Move content to another file

org.openrewrite.hcl.MoveContentToFile

Move content to another HCL file, deleting it in the original file.

Create Java class

org.openrewrite.java.CreateEmptyJavaClass

Create a new, empty Java class.

Study the size of the classpath by source set

org.openrewrite.java.search.ClasspathTypeCounts

Emit one data table row per source set in a project, with the number of types in the source set.

Find type mappings

org.openrewrite.java.search.FindTypeMappings

Study the frequency of J types and their JavaType type attribution.

Find the oldest Java version in use

org.openrewrite.java.search.HasMinimumJavaVersion

The oldest Java version in use is the lowest Java version in use in any source set of any subproject of a repository. It is possible that, for example, the main source set of a project uses Java 8, but a test source set uses Java 17. In this case, the oldest Java version in use is Java 8.

Add Maven dependency

org.openrewrite.maven.AddDependency

Add a Maven dependency to a pom.xml file in the correct scope based on where it is used.

Add the Develocity Maven extension

org.openrewrite.maven.AddDevelocityMavenExtension

To integrate the Develocity Maven extension into Maven projects, ensure that the develocity-maven-extension is added to the .mvn/extensions.xml file if not already present. Additionally, configure the extension by adding the .mvn/develocity.xml configuration file.

Add managed Maven dependency

org.openrewrite.maven.AddManagedDependency

Add a managed Maven dependency to a pom.xml file.

Add a configuration option for the Maven runtime

org.openrewrite.maven.AddRuntimeConfig

Add a new configuration option for the Maven runtime if not already present.

Increment Maven project version

org.openrewrite.maven.IncrementProjectVersion

Increase Maven project version by incrementing either the major, minor, or patch version as defined by semver. Other versioning schemes are not supported.

Manage dependencies

org.openrewrite.maven.ManageDependencies

Make existing dependencies managed by moving their version to be specified in the dependencyManagement section of the POM.

Remove unused properties

org.openrewrite.maven.RemoveUnusedProperties

Detect and remove Maven property declarations which do not have any usage within the project.

Update Maven wrapper

org.openrewrite.maven.UpdateMavenWrapper

Update the version of Maven used in an existing Maven wrapper.

Upgrade Maven dependency version

org.openrewrite.maven.UpgradeDependencyVersion

Upgrade the version of a dependency by specifying a group and (optionally) an artifact using Node Semver advanced range selectors, allowing more precise control over version updates to patch or minor releases.

Upgrade transitive Maven dependencies

org.openrewrite.maven.UpgradeTransitiveDependencyVersion

Upgrades the version of a transitive dependency in a Maven pom file. Leaves direct dependencies unmodified. Can be paired with the regular Upgrade Dependency Version recipe to upgrade a dependency everywhere, regardless of whether it is direct or transitive.

Create Properties file

org.openrewrite.properties.CreatePropertiesFile

Create a new Properties file.

Create XML file

org.openrewrite.xml.CreateXmlFile

Create a new XML file.

XML style Auto-detection debug

org.openrewrite.xml.style.AutodetectDebug

Runs XML Autodetect and records the results in data tables and search markers. A debugging tool for figuring out why XML documents get styled the way they do.

Copy YAML value

org.openrewrite.yaml.CopyValue

Copies a YAML value from one key to another. The existing key/value pair remains unaffected by this change. Attempts to merge the copied value into the new key if it already exists. Attempts to create the new key if it does not exist.

Create YAML file

org.openrewrite.yaml.CreateYamlFile

Create a new YAML file.

Finds flow between two methods

org.openrewrite.analysis.search.FindFlowBetweenMethods

Takes two patterns for the start/end methods to find flow between.

Find method invocations that resemble a pattern

io.moderne.ai.research.FindCodeThatResembles

This recipe uses two phase AI approach to find a method invocation that resembles a search string.

Get recommendations

io.moderne.ai.research.GetRecommendations

This recipe calls an AI model to get recommendations for modernizing the code base by looking at a sample of method declarations.

Find duplicate source files

org.openrewrite.FindDuplicateSourceFiles

Record the presence of LSTs with duplicate paths, indicating that the same file was parsed more than once.

Language composition report

org.openrewrite.LanguageComposition

Counts the number of lines of the various kinds of source code and data formats parsed by OpenRewrite. Comments are not included in line counts. This recipe emits its results as two data tables, making no changes to any source file. One data table is per-file, the other is per-repository.

Applies a codemod to all source files

org.openrewrite.codemods.ApplyCodemod

Applies a codemod represented by an NPM package to all source files.

Biome recommendations

org.openrewrite.codemods.Biome

Run Biome recommended settings on your projects.

Lint source code with ESLint

org.openrewrite.codemods.ESLint

Run ESLint across the code to fix common static analysis issues in the code.

This requires the code to have an existing ESLint configuration.

Run Putout

org.openrewrite.codemods.Putout

Run Putout on your projects.

Lint UI5 projects with UI5 linter

org.openrewrite.codemods.UI5

Runs the UI5 Linter, a static code analysis tool for UI5 projects. It checks JavaScript, TypeScript, XML, JSON, and other files in your project and reports findings.

Upgrade Angular versions

org.openrewrite.codemods.migrate.angular.ApplyAngularCLI

Run ng update to upgrade Angular CLI and Angular Core to the specified version.

Update README

io.moderne.knowledge.docs.UpdateReadme

Generate a README file for the project, containing information about the project inferred from its knowledge graph.

Search for a class that uses the given design technique

io.moderne.knowledge.search.SearchDesignTechnique

Search for a class that uses the given design technique.

Change Concourse value

org.openrewrite.concourse.ChangeValue

Change every value matching the key pattern.

Upgrade a .NET project using upgrade-assistant

org.openrewrite.dotnet.UpgradeAssistant

Run upgrade-assistant upgrade across a repository to upgrade projects to a newer version of .NET.

Analyze a .NET project using upgrade-assistant

org.openrewrite.dotnet.UpgradeAssistantAnalyze

Run upgrade-assistant analyze across a repository to analyze changes required to upgrade projects to a newer version of .NET. This recipe will generate an org.openrewrite.dotnet.UpgradeAssistantAnalysis data table containing the report details.

Add Gradle or Maven dependency

org.openrewrite.java.dependencies.AddDependency

For a Gradle project, add a gradle dependency to a build.gradle file in the correct configuration based on where it is used. Or For a maven project, Add a Maven dependency to a pom.xml file in the correct scope based on where it is used.

Dependency resolution diagnostic

org.openrewrite.java.dependencies.DependencyResolutionDiagnostic

Recipes which manipulate dependencies must be able to successfully access the artifact repositories and resolve dependencies from them. This recipe produces two data tables used to understand the state of dependency resolution.

The Repository accessibility report lists all the artifact repositories known to the project and whether respond to network access. The network access is attempted while the recipe is run and so is representative of current conditions.

The Gradle dependency configuration errors lists all the dependency configurations that failed to resolve one or more dependencies when the project was parsed. This is representative of conditions at the time the LST was parsed.

Find relocated dependencies

org.openrewrite.java.dependencies.RelocatedDependencyCheck

Find Maven and Gradle dependencies and Maven plugins that have relocated to a new groupId or artifactId. Relocation information comes from the oga-maven-plugin maintained by Jonathan Lermitage, Filipe Roque and others.

This recipe makes no changes to any source file by default. Add changeDependencies=true to change dependencies, but note that you might need to run additional recipes to update imports and adopt other breaking changes.

Remove a Gradle or Maven dependency

org.openrewrite.java.dependencies.RemoveDependency

For Gradle project, removes a single dependency from the dependencies section of the build.gradle. For Maven project, removes a single dependency from the <dependencies> section of the pom.xml.

Upgrade Gradle or Maven dependency versions

org.openrewrite.java.dependencies.UpgradeDependencyVersion

For Gradle projects, upgrade the version of a dependency in a build.gradle file. Supports updating dependency declarations of various forms:

String notation: "group:artifact:version"
Map notation: group: 'group', name: 'artifact', version: 'version' It is possible to update version numbers which are defined earlier in the same file in variable declarations.

For Maven projects, upgrade the version of a dependency by specifying a group ID and (optionally) an artifact ID using Node Semver advanced range selectors, allowing more precise control over version updates to patch or minor releases.

Upgrade transitive Gradle or Maven dependencies

org.openrewrite.java.dependencies.UpgradeTransitiveDependencyVersion

Upgrades the version of a transitive dependency in a Maven pom.xml or Gradle build.gradle. Leaves direct dependencies unmodified. Can be paired with the regular Upgrade Dependency Version recipe to upgrade a dependency everywhere, regardless of whether it is direct or transitive.

Find the oldest matching dependency version in use

org.openrewrite.java.dependencies.search.FindMinimumDependencyVersion

The oldest dependency version in use is the lowest dependency version in use in any source set of any subproject of a repository. It is possible that, for example, the main source set of a project uses Jackson 2.11, but a test source set uses Jackson 2.16. In this case, the oldest Jackson version in use is Java 2.11.

Find and fix vulnerable Nuget dependencies

org.openrewrite.csharp.dependencies.DependencyVulnerabilityCheck

This software composition analysis (SCA) tool detects and upgrades dependencies with publicly disclosed vulnerabilities. This recipe both generates a report of vulnerable dependencies and upgrades to newer versions with fixes. This recipe only upgrades to the latest patch version. If a minor or major upgrade is required to reach the fixed version, this recipe will not make any changes. Vulnerability information comes from the GitHub Security Advisory Database, which aggregates vulnerability data from several public databases, including the National Vulnerability Database maintained by the United States government. Dependencies following Semantic Versioning will see their patch version updated where applicable.

Find licenses in use in third-party dependencies

org.openrewrite.java.dependencies.DependencyLicenseCheck

Locates and reports on all licenses in use.

Find and fix vulnerable dependencies

org.openrewrite.java.dependencies.DependencyVulnerabilityCheck

This software composition analysis (SCA) tool detects and upgrades dependencies with publicly disclosed vulnerabilities. This recipe both generates a report of vulnerable dependencies and upgrades to newer versions with fixes. This recipe by default only upgrades to the latest patch version. If a minor or major upgrade is required to reach the fixed version, this can be controlled using the maximumUpgradeDelta option. Vulnerability information comes from the GitHub Security Advisory Database, which aggregates vulnerability data from several public databases, including the National Vulnerability Database maintained by the United States government. Upgrades dependencies versioned according to Semantic Versioning. Last updated: 2025-04-07T1102.

Remove unused dependencies

org.openrewrite.java.dependencies.RemoveUnusedDependencies

Scans through source code collecting references to types and methods, removing any dependencies that are not used from Maven or Gradle build files. This is a complex recipe which has not yet been well tested and exercised. For now it should be treated as making recommendations to further investigate.

Software bill of materials

org.openrewrite.java.dependencies.SoftwareBillOfMaterials

Produces a software bill of materials (SBOM) for a project. An SBOM is a complete list of all dependencies used in a project, including transitive dependencies. The produced SBOM is in the CycloneDX XML format. Supports Gradle and Maven. Places a file named sbom.xml adjacent to the Gradle or Maven build file.

XML parser XXE vulnerability

org.openrewrite.java.security.XmlParserXXEVulnerability

Avoid exposing dangerous features of the XML parser by updating certain factory settings.

Enable CSRF attack prevention

org.openrewrite.java.security.spring.CsrfProtection

Cross-Site Request Forgery (CSRF) is a type of attack that occurs when a malicious web site, email, blog, instant message, or program causes a user's web browser to perform an unwanted action on a trusted site when the user is authenticated. See the full OWASP cheatsheet.

Prevent clickjacking

org.openrewrite.java.security.spring.PreventClickjacking

The frame-ancestors directive can be used in a Content-Security-Policy HTTP response header to indicate whether or not a browser should be allowed to render a page in a <frame> or <iframe>. Sites can use this to avoid Clickjacking attacks by ensuring that their content is not embedded into other sites.

Create `index.jelly` if it doesn't exist

org.openrewrite.jenkins.CreateIndexJelly

Jenkins tooling requires src/main/resources/index.jelly exists with a description.

Upgrade jenkins java version

org.openrewrite.jenkins.UpgradeJavaVersion

Upgrades the version of java specified in Jenkins groovy scripts. Will not downgrade if the version is newer than the specified version.

Add plugin developer team to CODEOWNERS

org.openrewrite.jenkins.github.AddTeamToCodeowners

Adds the {artifactId}-plugin-developers team to all files in .github/CODEOWNERS if absent.

Removes invalid JNDI properties

org.openrewrite.java.liberty.RemoveWas2LibertyNonPortableJndiLookup

Remove the use of invalid JNDI properties from Hashtable.

Add Maven annotation processor path

org.openrewrite.java.micronaut.AddAnnotationProcessorPath

Add the groupId, artifactId, version, and exclusions of a Maven annotation processor path.

Add `snakeyaml` dependency if needed

org.openrewrite.java.micronaut.AddSnakeYamlDependencyIfNeeded

This recipe will add the snakeyaml dependency to a Micronaut 4 application that uses yaml configuration.

Copy non-inherited annotations from super class

org.openrewrite.java.micronaut.CopyNonInheritedAnnotations

As of Micronaut 3.x only annotations that are explicitly meta-annotated with @Inherited are inherited from parent classes and interfaces.

Add `@Introspected` to classes requiring a map representation

org.openrewrite.java.micronaut.TypeRequiresIntrospection

In Micronaut 2.x a reflection-based strategy was used to retrieve that information if the class was not annotated with @Introspected. As of Micronaut 3.x it is required to annotate classes with @Introspected that are used in this way.

Use latest JAXB API and runtime for Jakarta EE 8

org.openrewrite.java.migrate.javax.AddJaxbRuntime

Update build files to use the latest JAXB runtime from Jakarta EE 8 to maintain compatibility with Java version 11 or greater. The recipe will add a JAXB run-time, in Gradle compileOnly+testImplementation and Maven provided scope, to any project that has a transitive dependency on the JAXB API. The resulting dependencies still use the javax namespace, despite the move to the Jakarta artifact.

Add scope annotation to injected classes

org.openrewrite.java.migrate.javax.AddScopeToInjectedClass

Finds member variables annotated with @Inject' and applies @Dependent` scope annotation to the variable's type.

Unannotated entity attributes require a Transient annotation

org.openrewrite.java.migrate.javax.AddTransientAnnotationToEntity

In OpenJPA, attributes that are themselves entity classes are not persisted by default. EclipseLink has a different default behavior and tries to persist these attributes to the database. To keep the OpenJPA behavior of ignoring unannotated entity attributes, add the javax.persistence.Transient annotation to these attributes in EclipseLink.

`@Embeddable` classes cannot have an `@Id` annotation when referenced by an `@EmbeddedId` annotation

org.openrewrite.java.migrate.javax.RemoveEmbeddableId

According to the Java Persistence API (JPA) specification, if an entity defines an attribute with an @EmbeddedId annotation, the embeddable class cannot contain an attribute with an @Id annotation. If both the @EmbeddedId annotation and the @Id annotation are defined, OpenJPA ignores the @Id annotation, whereas EclipseLink throws an exception.

Migrate Joda-Time to Java time

org.openrewrite.java.migrate.joda.JodaTimeRecipe

Prefer the Java standard library over third-party usage of Joda Time.

Convert `@lombok.Value` class to Record

org.openrewrite.java.migrate.lombok.LombokValueToRecord

Convert Lombok @Value annotated classes to standard Java Records.

Plan a Java version migration

org.openrewrite.java.migrate.search.PlanJavaMigration

Study the set of Java versions and associated tools in use across many repositories.

Find and fix vulnerable npm dependencies

org.openrewrite.nodejs.DependencyVulnerabilityCheck

Node.js dependency insight

org.openrewrite.nodejs.search.DependencyInsight

Identify the direct and transitive Node.js dependencies used in a project.

Find Node.js projects

org.openrewrite.nodejs.search.FindNodeProjects

Find Node.js projects and summarize data about them.

Rename bean

org.openrewrite.java.spring.RenameBean

Renames a Spring bean, both declaration and references.

Separate application YAML by profile

org.openrewrite.java.spring.SeparateApplicationYamlByProfile

The Spring team's recommendation is to separate profile properties into their own YAML files now.

Update the API manifest

org.openrewrite.java.spring.UpdateApiManifest

Keep a consolidated manifest of the API endpoints that this application exposes up-to-date.

Merge Spring `bootstrap.yml` with `application.yml`

org.openrewrite.java.spring.boot2.MergeBootstrapYamlWithApplicationYaml

In Spring Boot 2.4, support for bootstrap.yml was removed. It's properties should be merged with application.yml.

Use `AutoConfiguration#imports`

org.openrewrite.java.spring.boot2.MoveAutoConfigurationToImportsFile

Use AutoConfiguration#imports instead of the deprecated entry EnableAutoConfiguration in spring.factories when defining autoconfiguration classes.

Integration scheduler pool size

org.openrewrite.java.spring.boot2.search.IntegrationSchedulerPoolRecipe

Spring Integration now reuses an available TaskScheduler rather than configuring its own. In a typical application setup relying on the auto-configuration, this means that Spring Integration uses the auto-configured task scheduler that has a pool size of 1. To restore Spring Integration’s default of 10 threads, use the spring.task.scheduling.pool.size property.

Applications using logging shutdown hooks

org.openrewrite.java.spring.boot2.search.LoggingShutdownHooks

Spring Boot registers a logging shutdown hook by default for JAR-based applications to ensure that logging resources are released when the JVM exits. If your application is deployed as a WAR then the shutdown hook is not registered since the servlet container usually handles logging concerns.

Most applications will want the shutdown hook. However, if your application has complex context hierarchies, then you may need to disable it. You can use the logging.register-shutdown-hook property to do that.

Maintain trailing slash URL mappings

org.openrewrite.java.spring.boot3.MaintainTrailingSlashURLMappings

This is part of Spring MVC and WebFlux URL Matching Changes, as of Spring Framework 6.0, the trailing slash matching configuration option has been deprecated and its default value set to false. This means that previously, a controller @GetMapping("/some/greeting") would match both GET /some/greeting and GET /some/greeting/, but it doesn't match GET /some/greeting/ anymore by default and will result in an HTTP 404 error. This recipe is to maintain trailing slash in all HTTP url mappings.

Add logging.pattern.level for traceId and spanId

org.openrewrite.java.spring.cloud2022.AddLoggingPatternLevelForSleuth

Add logging.pattern.level for traceId and spanId which was previously set by default, if not already set.

Replace String literals with `HttpHeaders` constants

org.openrewrite.java.spring.http.ReplaceStringLiteralsWithHttpHeadersConstants

Replace String literals with org.springframework.http.HttpHeaders constants.

Replace String literals with `MediaType` constants

org.openrewrite.java.spring.http.ReplaceStringLiteralsWithMediaTypeConstants

Replace String literals with org.springframework.http.MediaType constants.

Upgrade Spring dependencies

org.openrewrite.maven.spring.UpgradeExplicitSpringBootDependencies

Upgrades dependencies according to the specified version of spring boot. Spring boot has many direct and transitive dependencies. When a module has an explicit dependency on one of these it may also need to be upgraded to match the version used by spring boot.

Rename packages to lowercase

org.openrewrite.staticanalysis.LowercasePackage

By convention all Java package names should contain only lowercase letters, numbers, and dashes. This recipe converts any uppercase letters in package names to be lowercase.

Standardize method name casing

org.openrewrite.staticanalysis.MethodNameCasing

Fixes method names that do not follow standard naming conventions. For example, String getFoo_bar() would be adjusted to String getFooBar() and int DoSomething() would be adjusted to int doSomething().

Remove `public` visibility of JUnit 5 tests

org.openrewrite.java.testing.cleanup.TestsShouldNotBePublic

Remove public and optionally protected modifiers from methods with @Test, @ParameterizedTest, @RepeatedTest, @TestFactory, @BeforeEach, @AfterEach, @BeforeAll, or @AfterAll. They no longer have to be public visibility to be usable by JUnit 5.

Add Hamcrest JUnit dependency

org.openrewrite.java.testing.junit5.AddHamcrestJUnitDependency

Add Hamcrest JUnit dependency only if JUnit 4's assertThat or assumeThat is used.

Add JUnit Jupiter dependencies

org.openrewrite.java.testing.junit5.AddJupiterDependencies

Adds JUnit Jupiter dependencies to a Maven or Gradle project. Junit Jupiter can be added either with the artifact junit-jupiter, or both of junit-jupiter-api and junit-jupiter-engine. This adds "junit-jupiter" dependency unless "junit-jupiter-api" or "junit-jupiter-engine" are already present.

Remove table from single table inherited entity
Migrate management endpoint access value
Remove ignoral of files or directories from .gitignore
Find colliding source files
Show Git source control metadata
Find LST provenance
List runtime classpath
Find committers on repositories
Append to text file
Create text file
Add Gradle dependency
Add Gradle property
Update Gradle wrapper
Upgrade Gradle dependency versions
Update a Gradle plugin by id
Move content to another file
Create Java class
Study the size of the classpath by source set
Find type mappings
Find the oldest Java version in use
Add Maven dependency
Add the Develocity Maven extension
Add managed Maven dependency
Add a configuration option for the Maven runtime
Increment Maven project version
Manage dependencies
Remove unused properties
Update Maven wrapper
Upgrade Maven dependency version
Upgrade transitive Maven dependencies
Create Properties file
Create XML file
XML style Auto-detection debug
Copy YAML value
Create YAML file
Finds flow between two methods
Find method invocations that resemble a pattern
Get recommendations
Find duplicate source files
Language composition report
Applies a codemod to all source files
Biome recommendations
Lint source code with ESLint
Run Putout
Lint UI5 projects with UI5 linter
Upgrade Angular versions
Update README
Search for a class that uses the given design technique
Change Concourse value
Upgrade a .NET project using upgrade-assistant
Analyze a .NET project using upgrade-assistant
Add Gradle or Maven dependency
Dependency resolution diagnostic
Find relocated dependencies
Remove a Gradle or Maven dependency
Upgrade Gradle or Maven dependency versions
Upgrade transitive Gradle or Maven dependencies
Find the oldest matching dependency version in use
Find and fix vulnerable Nuget dependencies
Find licenses in use in third-party dependencies
Find and fix vulnerable dependencies
Remove unused dependencies
Software bill of materials
XML parser XXE vulnerability
Enable CSRF attack prevention
Prevent clickjacking
Create index.jelly if it doesn't exist
Upgrade jenkins java version
Add plugin developer team to CODEOWNERS
Removes invalid JNDI properties
Add Maven annotation processor path
Add snakeyaml dependency if needed
Copy non-inherited annotations from super class
Add @Introspected to classes requiring a map representation
Use latest JAXB API and runtime for Jakarta EE 8
Add scope annotation to injected classes
Unannotated entity attributes require a Transient annotation
@Embeddable classes cannot have an @Id annotation when referenced by an @EmbeddedId annotation
Migrate Joda-Time to Java time
Convert @lombok.Value class to Record
Plan a Java version migration
Find and fix vulnerable npm dependencies
Node.js dependency insight
Find Node.js projects
Rename bean
Separate application YAML by profile
Update the API manifest
Merge Spring bootstrap.yml with application.yml
Use AutoConfiguration#imports
Integration scheduler pool size
Applications using logging shutdown hooks
Maintain trailing slash URL mappings
Add logging.pattern.level for traceId and spanId
Replace String literals with HttpHeaders constants
Replace String literals with MediaType constants
Upgrade Spring dependencies
Rename packages to lowercase
Standardize method name casing
Remove public visibility of JUnit 5 tests
Add Hamcrest JUnit dependency
Add JUnit Jupiter dependencies
Replace Mockito 1.x anyString()/any() with nullable(Class)
Replace verifyZeroInteractions() to verifyNoMoreInteractions()
Find unit tests