jlengrand/moderne-docs
1
0
Fork 0
mirror of https://github.com/jlengrand/moderne-docs.git synced 2026-03-10 08:31:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Clean up pov doc and add cli commands

Browse Source
This commit is contained in:
Mike Solomon
2025-04-15 08:39:36 -07:00
parent d8eee5886f
commit 0dcab0a36b
1 changed files with 31 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

118
docs/administrator-documentation/moderne-platform/getting-started/proof-of-value.md
View File

@@ -28,130 +28,74 @@ The idea is for all of these types of updates to become a continuous process for
### Recipes to run
_The recipes below are listed in order of increasing complexity. You can click the links to run them directly on the Moderne Platform. Alternatively, you can run the same recipes using the CLI._
_The recipes below are listed in order of increasing complexity. You can click the links to run them directly on the Moderne Platform. Alternatively, you can run the same recipes [using the CLI](#cli-command-reference)._
* [Common static analysis fixes](https://app.moderne.io/recipes/org.openrewrite.staticanalysis.CommonStaticAnalysis)
* Improve code quality and readability
* Fix common mistakes
* Eliminate legacy patterns and minor performance issues
*
```bash
mod run . --recipe CommonStaticAnalysis
```
* SLF4J Logging best practices
* [Improve performance](https://app.moderne.io/recipes/org.openrewrite.java.logging.slf4j.ParameterizedLogging) by preferring parameterized logging to string concatenation
*
```bash
mod run . --recipe ParameterizedLogging
```
* [Improve error reporting](https://app.moderne.io/recipes/org.openrewrite.java.logging.slf4j.CompleteExceptionLogging) by using exception-specialized logging invocations where applicable
*
```bash
mod run . --recipe CompleteExceptionLogging
```
* Maven dependency management
* [Upgrade Maven dependencies](https://app.moderne.io/recipes/org.openrewrite.maven.UpgradeDependencyVersion) to keep dependencies patched and up-to-date
*
```bash
mod run . --recipe UpgradeDependencyVersion -P "groupId=com.fasterxml.jackson*" -P "artifactId=jackson-module*" -P "newVersion=29.X" -P "versionPattern='-jre'" -P "retainVersions=com.jcraft:jsch"
```
* [Exclude test dependencies](https://app.moderne.io/recipes/org.openrewrite.maven.ExcludeDependency) like JUnit from the compile scope
*
```bash
mod run . --recipe ExcludeDependency -P "groupId=org.junit.vintage" -P "junit-vintage-engine" -P "scope=compile"
```
* [Remove redundant explicit dependency versions](https://app.moderne.io/recipes/org.openrewrite.maven.RemoveRedundantDependencyVersions) to clean up Maven POMs
*
```bash
mod run . --recipe RemoveRedundantDependencyVersions
```
* [Dependency insight for Gradle and Maven](https://app.moderne.io/recipes/org.openrewrite.java.dependencies.DependencyInsight)
*
```bash
mod run . --recipe DependencyInsight -P groupIdPattern='com.fasterxml.jackson*' -P artifactIdPattern='jackson*'
```
![](./assets/dep-insight.png)
* Gradle wrapper and plugin upgrades
* [Update Gradle Wrapper](https://app.moderne.io/recipes/org.openrewrite.gradle.UpdateGradleWrapper) to keep Gradle itself up to date
*
```bash
mod run . --recipe UpdateGradleWrapper
```
* [Update Gradle Plugin](https://app.moderne.io/recipes/org.openrewrite.gradle.plugins.UpgradePluginVersion) to keep build plugins up to date
*
```bash
mod run . --recipe UpgradePluginVersion -P "pluginIdPattern=com.jfrog.bintray" -P "newVersion=29.X" -P "versionPattern='-jre'"
```
* Security enhancements and discovery
* [Find secrets](https://app.moderne.io/recipes/org.openrewrite.java.security.secrets.FindSecrets) like passwords, encryption keys, access tokens
*
```bash
mod run . --recipe FindSecrets
```
* [Use secure random number generation](https://app.moderne.io/recipes/org.openrewrite.java.security.SecureRandom)
*
```bash
mod run . --recipe SecureRandom
```
* [Java security best practices](https://app.moderne.io/recipes/org.openrewrite.java.security.JavaSecurityBestPractices)
*
```bash
mod run . --recipe JavaSecurityBestPractices
```
* [OWASP Top 10](https://app.moderne.io/recipes/org.openrewrite.java.security.OwaspTopTen)
*
```bash
mod run . --recipe OwaspTopTen
```
* [Find and fix vulnerable dependencies](https://app.moderne.io/recipes/org.openrewrite.java.dependencies.DependencyVulnerabilityCheck)
*
```bash
mod run . --recipe DependencyVulnerabilityCheck -P scope='runtime' -P overrideTransitive=true -P maximumUpgradeDelta='patch'
```
![](./assets/vuln-dep.png)
* Modernize test frameworks
* [JUnit 5 best practices](https://app.moderne.io/recipes/org.openrewrite.java.testing.junit5.JUnit5BestPractices)
*
```bash
mod run . --recipe JUnit5BestPractices
```
* [Mockito 1 to 5 migration](https://app.moderne.io/recipes/org.openrewrite.java.testing.mockito.Mockito1to5Migration)
*
```bash
mod run . --recipe Mockito1to5Migration
```
* [Migrate JUnit assertions to AssertJ](https://app.moderne.io/recipes/org.openrewrite.java.testing.assertj.Assertj) improved readability and consistency over stock JUnit assertions
*
```bash
mod run . --recipe Assertj
```
* Major migrations
* [Java 8 to 11](https://app.moderne.io/recipes/org.openrewrite.java.migrate.Java8toJava11)
*
```bash
mod run . --recipe Java8toJava11
```
* [Java 11 to 21](https://app.moderne.io/recipes/org.openrewrite.java.migrate.UpgradeToJava21)
*
```bash
mod run . --recipe UpgradeToJava21
```
* [Spring Boot 1 to 2](https://app.moderne.io/recipes/org.openrewrite.java.spring.boot2.UpgradeSpringBoot_2_7)
*
```bash
mod run . --recipe UpgradeSpringBoot_2_7
```
* [Spring Boot 3.4 best practices](https://app.moderne.io/recipes/io.moderne.java.spring.boot3.SpringBoot3BestPractices)
*
```bash
mod run . --recipe SpringBoot3BestPractices
```
* Custom migrations. Custom recipes can be developed to help with internal platform API management, EJB to Spring migrations, etc.
Major migrations are complex transformations consisting of multiple individual recipes. At some point, these transformations represent one-off use cases and there are diminishing returns from trying to automate them fully. Mostly, they will lift your applications 80-90% of the way to completion with the remainder requiring some manual actions expected to be taken by developers.
#### CLI command reference
| Recipe Name | CLI Command |
|-------------|-------------|
| CommonStaticAnalysis | ```mod run . --recipe CommonStaticAnalysis``` |
| ParameterizedLogging | `mod run . --recipe ParameterizedLogging` |
| CompleteExceptionLogging | `mod run . --recipe CompleteExceptionLogging` |
| UpgradeDependencyVersion | `mod run . --recipe UpgradeDependencyVersion -P "groupId=com.fasterxml.jackson*" -P "artifactId=jackson-module*" -P "newVersion=29.X" -P "versionPattern='-jre'" -P "retainVersions=com.jcraft:jsch"` |
| ExcludeDependency | `mod run . --recipe ExcludeDependency -P "groupId=org.junit.vintage" -P "junit-vintage-engine" -P "scope=compile"` |
| RemoveRedundantDependencyVersions | `mod run . --recipe RemoveRedundantDependencyVersions` |
| DependencyInsight | `mod run . --recipe DependencyInsight -P groupIdPattern='com.fasterxml.jackson*' -P artifactIdPattern='jackson*'` |
| UpdateGradleWrapper | `mod run . --recipe UpdateGradleWrapper` |
| UpgradePluginVersion | `mod run . --recipe UpgradePluginVersion -P "pluginIdPattern=com.jfrog.bintray" -P "newVersion=29.X" -P "versionPattern='-jre'"` |
| FindSecrets | `mod run . --recipe FindSecrets` |
| SecureRandom | `mod run . --recipe SecureRandom` |
| JavaSecurityBestPractices | `mod run . --recipe JavaSecurityBestPractices` |
| OwaspTopTen | `mod run . --recipe OwaspTopTen` |
| DependencyVulnerabilityCheck | `mod run . --recipe DependencyVulnerabilityCheck -P scope='runtime' -P overrideTransitive=true -P maximumUpgradeDelta='patch'` |
| JUnit5BestPractices | `mod run . --recipe JUnit5BestPractices` |
| Mockito1to5Migration | `mod run . --recipe Mockito1to5Migration` |
| Assertj | `mod run . --recipe Assertj` |
| Java8toJava11 | `mod run . --recipe Java8toJava11` |
| UpgradeToJava21 | `mod run . --recipe UpgradeToJava21` |
| UpgradeSpringBoot_2_7 | `mod run . --recipe UpgradeSpringBoot_2_7` |
| SpringBoot3BestPractices | `mod run . --recipe SpringBoot3BestPractices` |
### Impact analysis
Another substantial use case worth testing is impact analysis. When adding new functionality or fixing a bug, it's often times good to think about what the consequences would be. While you _could_ make a change and see who yells at you, it's generally better if you take the time to do your due diligence and figure out what's going to happen.