rewrite
rbac-police
Our great sponsors
rewrite | rbac-police | |
---|---|---|
24 | 8 | |
1,830 | 321 | |
7.0% | 0.9% | |
9.9 | 0.0 | |
3 days ago | 4 months ago | |
Java | Go | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
rewrite
- FLaNK Weekly 31 December 2023
- OpenRewrite – Automated mass refactoring of source code
-
AST-grep(sg) is a CLI tool for code structural search, lint, and rewriting
If you're into this sort of thing, there's OpenRewrite[1] for the Java ecosystem.
[1] https://docs.openrewrite.org/
-
What's New in Spring Framework 6.1
> Spring has gotten so bloated.
I'd call Spring feature-rich than bloated. You can always shed weight that you don't want to carry.
> Plus there's multiple ways of doing the same thing. e.g. JPA, spring-data.
That's because there are different ways to solve a problem. Someone may want an ORM-based approach to connect to the database; they can choose spring-data-jpa. Someone may want to use JDBC with a light abstraction on top of it; they can choose spring-data-jdbc. It's all about choices and right tradeoffs and Spring offers plenty of them.
> they don't provide easy upgrade paths between majors versions
That's not my experience. I've been happily upgrading 2.x.x versions and plan to upgrade to 3.2.x when it is ready. But depending on the codebase, I admit it can be painful. Projects like OpenRewrite[1] might help here.
> and they stop updating vulnerabilities on older major versions.
This is not news. They want you to pay for extended support if you need it.
> No docs on migration.
They do maintain migration docs on GitHub wiki which are a lot more detailed than their blog posts on migration. Here's the latest one to upgrade from Spring Boot 2 to 3: https://github.com/spring-projects/spring-boot/wiki/Spring-B...
[1]: https://github.com/openrewrite/rewrite
-
We already have Spring 2.1.3, Is SpringBoot 3 worth learning.
The issue you may run into when migrating from Spring Boot 2.x to 3.x is the JEE namespace renames. Migrating code from 8 to 17 in my experience hasn't been all that difficult. In most projects, there are no changes to make. However, with the namespace change, you'll probably have to do some planning and testing. If you are migrating a lot of projects, check out Open Rewrite, it may help automate a lot of these upgrades (for both 8 to 17 and Spring Boot versions).
-
Why wouldn't somebody change their version?
Couldn't OpenRewrite (https://docs.openrewrite.org) do a big part of this manual work?
-
Any ideas on how to automate upgrade of legacy Spring Framework/Spring Boot repositories?
Openrewrite would probably be a big help, see https://docs.openrewrite.org
-
what is your favorite programming trick/tool that not many People know about?
In a similar vein there is OpenRewrite which is an open-source project that works in a similar way. It also has a lot of great refactorings already built in, like doing all the grunt work for migrating to JUnit 5, or replacing string concatenation in SLF4J log calls with parameterized formatting.
-
Refactoring giant codebase
seems a case for https://docs.openrewrite.org/
-
What are your thoughts on Spring in 2023?
https://github.com/openrewrite/rewrite might help
rbac-police
- Rbac-police is an rbac assessment tool with eks rules
- Rbac-police is an awesome tool for container escapes in kubernetes
- Rbac-police is an awesome kubernetes security tool.
- Rbac-police audits kubernetes and finds paths to escape the pod and take over the cluster
- rbac-police audits kubernetes pods for container escape routes
- Check out rbac-police for k8s rbac testing
-
Blackhat 2022 recap – Trends and highlights
This Trampoline pod affects all major cloud providers with the default behavior and, for this, escaping the container means managing the entire cluster. They shared the tool rbac-policy that was presented in KubeCon EU.
- PaloAltoNetworks/rbac-police: Evaluate the RBAC permissions of serviceaccounts, pods and nodes in Kubernetes clusters through policies written in Rego
What are some alternatives?
JavaParser - Java 1-17 Parser and Abstract Syntax Tree for Java with advanced analysis functionalities.
paralus - All-in-one Kubernetes access manager. User-level credentials, RBAC, SSO, audit logs.
gradle-lint-plugin - A pluggable and configurable linter tool for identifying and reporting on patterns of misuse or deprecations in Gradle scripts.
DirtyCred - Kernel exploitation technique
grammars-v4 - Grammars written for ANTLR v4; expectation that the grammars are free of actions.
kubeclarity - KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems
cl-cuda - Cl-cuda is a library to use NVIDIA CUDA in Common Lisp programs.
phantom-attack - POC for Phantom Attack
aws-ip-ranges - Tracking the history and size of AWS's ip-ranges.json file
rbac-tool - Rapid7 | insightCloudSec | Kubernetes RBAC Power Toys - Visualize, Analyze, Generate & Query
spring-cloud-dataflow - A microservices-based Streaming and Batch data processing in Cloud Foundry and Kubernetes
kube-bench - Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark