[POC] rewrite-maven-plugin: Introduce OpenRewrite by Moderne
#2322
Conversation
Pankraz76
force-pushed
the
editorconfig-maven-plugin-rewrite
branch
from
dd6f8d6 to
cff9c06
Compare
pom.xml
Outdated
| <!-- https://github.com/apache/maven/pull/2317 --> | ||
| <!-- <recipe>org.openrewrite.staticanalysis.RemoveUnusedPrivateFields</recipe> --> | ||
| <!-- https://github.com/apache/maven/pull/2310 --> | ||
| <recipe>org.openrewrite.staticanalysis.RemoveUnusedPrivateMethods</recipe> |
Pankraz76
force-pushed
the
editorconfig-maven-plugin-rewrite
branch
2 times, most recently
from
9101253 to
d70cd35
Compare
pom.xml
Outdated
| <execution> | ||
| <id>rewrite-maven-plugin</id> | ||
| <goals> | ||
| <goal>run</goal> |
There was a problem hiding this comment.
here we need new goal @timtebeek failOnDryRunDetection - then we complete request @gnodet.
which fails the build if a rule cannot be validated
- [POC] Modernize codebase - Automatically fix
Checkstyle violations#2300 - [POC] Modernize codebase - Automatically fix
Checkstyle violations#2300 (comment) failOnDryRunDetectionopenrewrite/rewrite-maven-plugin#984
| <goal>run</goal> | |
| <goal>failOnDryRunDetection</goal> |
pom.xml
Outdated
| <!-- <recipe>org.openrewrite.java.testing.junit5.JUnit5BestPractices</recipe> --> | ||
| <!-- <recipe>org.openrewrite.staticanalysis.CodeCleanup</recipe> --> | ||
| <!-- <recipe>org.openrewrite.staticanalysis.CommonStaticAnalysis</recipe> --> | ||
| <!-- <recipe>org.openrewrite.staticanalysis.RemoveUnusedLocalVariables</recipe> --> |
There was a problem hiding this comment.
Pankraz76
changed the title
rewrite-maven-plugin: Remove unused private methodsrewrite-maven-plugin: Introduce OpenRewrite by Moderne (RemoveUnusedPrivateMethods)
Pankraz76
force-pushed
the
editorconfig-maven-plugin-rewrite
branch
from
d70cd35 to
26152a3
Compare
pom.xml
Outdated
| <exportDatatables>true</exportDatatables> | ||
| <failOnDryRunResults>true</failOnDryRunResults> | ||
| <exclusions> | ||
| <!-- wait for suppression: RemoveUnusedPrivateMethods --> |
There was a problem hiding this comment.
need suppression to be exact not broad. @timtebeek
LOC and class option
There was a problem hiding this comment.
its not working either:
[WARNING] The recipe produced 17 warning(s). Please report this to the recipe author.
[WARNING] These recipes would make changes to src/mdo/java/WrapperProperties.java:
[WARNING] org.openrewrite.staticanalysis.RemoveUnusedPrivateMethods
[WARNING] These recipes would make changes to src/mdo/java/WrapperList.java:
[WARNING] org.openrewrite.staticanalysis.RemoveUnusedPrivateMethods
| <plugin> | ||
| <groupId>org.openrewrite.maven</groupId> | ||
| <artifactId>rewrite-maven-plugin</artifactId> | ||
| </plugin> |
There was a problem hiding this comment.
its only active on clean install when here, why so?
Pankraz76
force-pushed
the
editorconfig-maven-plugin-rewrite
branch
from
3ee2ff6 to
32a08dd
Compare
|
As reported on the other PR as well I wouldn't fail the CI if we can post fix suggestions instead. |
yes,
spot is limited to format only, while rewrite kicks in where others sign off. |
no body want but only computer can comparing clean code vs runtime its an easy tradeoff as motivation is just the same like OpenRewrite is ATM king and |
|
As an alternative, could open rewrite be setup to comment on PRs ? |
of course, this is aimed happy path for good integration and acceptance. Its easy to apply then, but will spam and take away, as friction we aim to automate will still happen. But this violates This will save community resources shifting from online to prior local run giving dev chance to learn and gain early feedback. As happy path is openrewrite/rewrite-static-analysis#544 (comment) 
|
Format is limited to cosmetics. Check is just file parser too, therefore very limited. Ideally, we would superset what Checkstyle relies on using: It's interesting to see that each tool has its niche:
Trading just a few seconds for higher code standards is generally an effort taken. Current real world problem: Missing auto-fix effectively preventing integration. This is where Rewrite kicks in. So we need Rewrite as enabler. Ideally
Even when having the option, running them would make sense to really make sure. Once (and for all) fixed by Rewrite CodeCleanup, technical debt is considered non-existent anymore. SpotBugs/PMD checks for more than 400 bug patterns. While Rewrite aims to:
Trading CPU time for maintenance and bugs avoidance seems justiciable. |
Pankraz76
force-pushed
the
editorconfig-maven-plugin-rewrite
branch
from
32a08dd to
af2ad59
Compare
yes. If integrated it should live in cloud to save ci time. On other hands it needs fix on local setup so lets think about this. Rewrite will be fast, once applied. |
pom.xml
Outdated
| <configuration> | ||
| <activeRecipes> | ||
| <recipe>org.openrewrite.java.format.AutoFormat</recipe> | ||
| <recipe>org.openrewrite.java.recipes.JavaRecipeBestPractices</recipe> |
There was a problem hiding this comment.
| <recipe>org.openrewrite.java.recipes.JavaRecipeBestPractices</recipe> | |
| <recipe>org.openrewrite.staticanalysis.ReplaceCollectToListWithToList </recipe> |
Pankraz76
force-pushed
the
editorconfig-maven-plugin-rewrite
branch
from
0f8c205 to
d99935a
Compare
| @@ -39,8 +39,8 @@ | |||
|
|
|||
| import java.io.BufferedWriter; | |||
| import java.io.File; | |||
| import java.io.FileWriter; | |||
There was a problem hiding this comment.
security´s everybody favourite.
This might be a good example to integrate and then build up from there avoiding further friction. Giving more freedom and attention to review.
[WARNING] The recipe produced 16 warning(s). Please report this to the recipe author.
[WARNING] Changes have been made to its/core-it-suite/src/test/resources/mng-0612/plugin/src/main/java/org/apache/maven/its/it0125/DependenciesMojo.java by:
[WARNING] org.openrewrite.java.security.JavaSecurityBestPractices
[WARNING] org.openrewrite.staticanalysis.BufferedWriterCreationRecipes
[WARNING] org.openrewrite.staticanalysis.BufferedWriterCreationRecipes$BufferedWriterFromNewFileWriterWithFileArgumentRecipe
[WARNING] Changes have been made to compat/maven-model-builder/src/test/java/org/apache/maven/model/building/FileModelSourceTest.java by:
[WARNING] org.openrewrite.java.security.JavaSecurityBestPractices
[WARNING] org.openrewrite.java.security.SecureTempFileCreation
[WARNING] Changes have been made to impl/maven-core/src/test/java/org/apache/maven/graph/ProjectSelectorTest.java by:
[WARNING] org.openrewrite.java.security.JavaSecurityBestPractices
[WARNING] org.openrewrite.java.security.SecureTempFileCreation
[WARNING] Changes have been made to compat/maven-compat/src/main/java/org/apache/maven/repository/legacy/DefaultWagonManager.java by:
[WARNING] org.openrewrite.java.security.JavaSecurityBestPractices
[WARNING] org.openrewrite.java.security.SecureTempFileCreation
[WARNING] Changes have been made to compat/maven-compat/src/test/java/org/apache/maven/artifact/testutils/TestFileManager.java by:
[WARNING] org.openrewrite.java.security.JavaSecurityBestPractices
[WARNING] org.openrewrite.java.security.SecureTempFileCreation
[WARNING] Please review and commit the results.
[WARNING] Estimate time saved: 9m
|
@Pankraz76 if you want to discuss such changes, you should do so on the dev mailing list rather than raising PRs. Such important changes should be discussed openly with the whole community. Also, you should define 2 profiles, triggered by a property. Take a look at how spotless is set up. |
pom.xml
Outdated
| <!-- <recipe>org.openrewrite.staticanalysis.RemoveUnusedPrivateMethods</recipe> --> | ||
| <!-- <recipe>org.openrewrite.staticanalysis.UnnecessaryThrows</recipe> --> | ||
| <!-- <recipe>org.openrewrite.java.ShortenFullyQualifiedTypeReferences</recipe> --> | ||
| <recipe>org.openrewrite.java.RemoveUnusedImports</recipe> |
There was a problem hiding this comment.
That one is unneeded, it's covered by spotless already.
There was a problem hiding this comment.
ok, nice yes. Then remove.
|
PMD or rewrite, might even do both. Spot seems ending up being short: |
Pankraz76
force-pushed
the
editorconfig-maven-plugin-rewrite
branch
from
d99935a to
606471e
Compare
yes, of course. This is just demo to fullfill request. As he have clear leckage this should actually be in every body´s favor. |
just writing email from my acc to [email protected] is enough right? |
There was a problem hiding this comment.
We should be aware and take care about the license of openwrite and single rules.
https://docs.openrewrite.org/reference/latest-versions-of-every-openrewrite-module
|
yes, recent discovery seems fishy - |
|
then Might use rewrite to fix legacy, by using Is this any good @timtebeek ? |
|
I've spoken at length with the author linked above at Code Remix Summit last week, helped him understand and analyze the changes, and got him set up to continue his work. Despite this he came out with a deeply flawed analysis and false statements, which unfortunately are being taken at face value. Figured I'd provide some more context about the changes made from our perspective: You're all welcome to use and contribute to OpenRewrite for as much as you'd like; we see no reason to be hesitant at all, but understand opinions may differ. Either way I'll continue to support the Apache Maven project and users for as much as I can, as I have when talking to Apache Maven contributors over the years, especially with an eye towards changes in the upcoming v4. |
|
This is nothing new and nothing I haven't heard before. This same thing
happened with MongoDB and with other projects. A proprietary closed license
wasn't the right response then and it isn't now. The correct response is to
license under GPL or perhaps AGPL. The Apache license was explicitly
designed to allow big corporations to build businesses and products around
open source tech without contributing back to the community.
…On Sun, May 18, 2025 at 2:20 PM Tim te Beek ***@***.***> wrote:
*timtebeek* left a comment (apache/maven#2322)
<#2322 (comment)>
I've spoken at length with the author linked above at Code Remix Summit
last week, helped him understand and analyze the changes, and got him set
up to continue his work. Despite this he came out with a deeply flawed
analysis and false statements, which unfortunately are being taken at face
value.
Figured I'd provide some more context about the changes made from our
perspective:
- ***@***.***/the-openrewrite-community-potluck
***@***.***/the-openrewrite-community-potluck-ebf36116e7a6?source=friends_link&sk=7aa496b025118a9a8fd94c7691fb0ed6>
You're all welcome to use and contribute to OpenRewrite for as much as
you'd like; we see no reason to be hesitant at all, but understand opinions
may differ. Either way I'll continue to support the Apache Maven project
and users for as much as I can, as I have when talking to Apache Maven
contributors over the years, especially with an eye towards changes in the
upcoming v4.
—
Reply to this email directly, view it on GitHub
<#2322 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAHVP2HZKC3GTVI4UMZQSXD27CJKRAVCNFSM6AAAAAB44MONN2VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDQOBZGAYTONBSGE>
.
You are receiving this because you commented.Message ID:
***@***.***>
--
Elliotte Rusty Harold
***@***.***
|
|
@gastaldi I think we talked about using rewrite. FYI: consider license. What do you say about it, as quarkus leverages rewrite? Please enlighten us about Quarkus perspective on this. Thanks. |
@gsmet may know more about this subject |
We coordinated at the time; Quarkus only uses the Apache Licensed core of OpenRewrite, including recipes moved for that specific purpose. For Apache Maven there would similarly still be a large suite of recipes that continue to be Apache Licensed, like for instance the Apache Maven best practices, which we'll expand to cover more of the Maven 4 migration nice to haves. |
predecessor:
The enabler seen above gives us the change to automate such flaws; reducing unwanted friction.
leveraging:
rival/addition to
Checkstyle violations#2300editorconfig-maven-plugin: implement IDE agnostic configuration #2321BUILD SUCCESS
Build breaker: