forbidden-apis
rewrite
Our great sponsors
forbidden-apis | rewrite | |
---|---|---|
4 | 24 | |
312 | 1,830 | |
0.0% | 7.0% | |
6.6 | 9.9 | |
about 1 month ago | 6 days ago | |
Java | Java | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
forbidden-apis
-
Stop Using Utcnow and Utcfromtimestamp
> All this stuff would be a lot easier if timezones always had to be stated explicitly.
On Java, you can use the forbidden-apis build plugin (https://github.com/policeman-tools/forbidden-apis) to fail the build whenever a timezone or locale or charset is not specified explicitly (it forbids the methods from the Java API which use an implicit timezone/locale/charset). I don't know whether there's something similar for Python; it might be harder because Python is much more dynamic (though it might be possible to use monkeypatching to warn whenever the bad methods are used).
-
Decluttering Google Guava
Is https://github.com/policeman-tools/forbidden-apis something that might help you in the interim?
-
What are some useful static analyzers for Java?
Besides the classic pmd/stopbugs/jacoco/owasp, a favorite of mine is forbidden-apis.
-
Retrofit Java
Regarding the "deleting them if not necessary any or are deprecated or do not make sense anymore ", something you can use today is this nice maven plugin:forbidden-apis.
rewrite
- FLaNK Weekly 31 December 2023
- OpenRewrite – Automated mass refactoring of source code
-
AST-grep(sg) is a CLI tool for code structural search, lint, and rewriting
If you're into this sort of thing, there's OpenRewrite[1] for the Java ecosystem.
[1] https://docs.openrewrite.org/
-
What's New in Spring Framework 6.1
> Spring has gotten so bloated.
I'd call Spring feature-rich than bloated. You can always shed weight that you don't want to carry.
> Plus there's multiple ways of doing the same thing. e.g. JPA, spring-data.
That's because there are different ways to solve a problem. Someone may want an ORM-based approach to connect to the database; they can choose spring-data-jpa. Someone may want to use JDBC with a light abstraction on top of it; they can choose spring-data-jdbc. It's all about choices and right tradeoffs and Spring offers plenty of them.
> they don't provide easy upgrade paths between majors versions
That's not my experience. I've been happily upgrading 2.x.x versions and plan to upgrade to 3.2.x when it is ready. But depending on the codebase, I admit it can be painful. Projects like OpenRewrite[1] might help here.
> and they stop updating vulnerabilities on older major versions.
This is not news. They want you to pay for extended support if you need it.
> No docs on migration.
They do maintain migration docs on GitHub wiki which are a lot more detailed than their blog posts on migration. Here's the latest one to upgrade from Spring Boot 2 to 3: https://github.com/spring-projects/spring-boot/wiki/Spring-B...
[1]: https://github.com/openrewrite/rewrite
-
We already have Spring 2.1.3, Is SpringBoot 3 worth learning.
The issue you may run into when migrating from Spring Boot 2.x to 3.x is the JEE namespace renames. Migrating code from 8 to 17 in my experience hasn't been all that difficult. In most projects, there are no changes to make. However, with the namespace change, you'll probably have to do some planning and testing. If you are migrating a lot of projects, check out Open Rewrite, it may help automate a lot of these upgrades (for both 8 to 17 and Spring Boot versions).
-
Why wouldn't somebody change their version?
Couldn't OpenRewrite (https://docs.openrewrite.org) do a big part of this manual work?
-
Any ideas on how to automate upgrade of legacy Spring Framework/Spring Boot repositories?
Openrewrite would probably be a big help, see https://docs.openrewrite.org
-
what is your favorite programming trick/tool that not many People know about?
In a similar vein there is OpenRewrite which is an open-source project that works in a similar way. It also has a lot of great refactorings already built in, like doing all the grunt work for migrating to JUnit 5, or replacing string concatenation in SLF4J log calls with parameterized formatting.
-
Refactoring giant codebase
seems a case for https://docs.openrewrite.org/
-
What are your thoughts on Spring in 2023?
https://github.com/openrewrite/rewrite might help
What are some alternatives?
jreleaser - :rocket: Release projects quickly and easily with JReleaser
JavaParser - Java 1-17 Parser and Abstract Syntax Tree for Java with advanced analysis functionalities.
gradle-errorprone-plugin - Gradle plugin to use the error-prone compiler for Java
gradle-lint-plugin - A pluggable and configurable linter tool for identifying and reporting on patterns of misuse or deprecations in Gradle scripts.
playforia-minigolf - Client & Server for Minigolf Game known from Playforia/Playray/Appeli. Written in Java.
grammars-v4 - Grammars written for ANTLR v4; expectation that the grammars are free of actions.
find-sec-bugs - The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
cl-cuda - Cl-cuda is a library to use NVIDIA CUDA in Common Lisp programs.
Checkstyle - Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.
aws-ip-ranges - Tracking the history and size of AWS's ip-ranges.json file
fb-contrib - a FindBugs/SpotBugs plugin for doing static code analysis for java code bases
spring-cloud-dataflow - A microservices-based Streaming and Batch data processing in Cloud Foundry and Kubernetes