Exploring the power of Moderne data tables for code impact analysis and automated remediation

Sharon Power
|
October 30, 2023
Moderne data tables screenshot
Contents

Key Takeaways

The Moderne Platform is ready to transform the way you perform impact analysis on your entire codebase with a cutting-edge feature simply called data tables. Data tables, which can be created in minutes, collect real-time, insightful data about dependencies, CVEs, licenses, version numbers, API usage—and pretty much any other information you want to know about your source code. (See Figure 1.)

Contrast this to a traditional impact analysis that can take months of error-prone manual work, that eats up time from multiple developers armed with spreadsheets, and that comes loaded with costs—only to be outdated and wrong the moment it’s finished.

By generating structured data in real time, Moderne data tables allow you to harness the power of analytics to view hidden patterns, identify areas for improvement, and make informed decisions to quickly change your code. And the Moderne Platform’s auto-remediation capabilities enable you to make the changes at scale. This frees you from tedious tasks so that you can gain back time and focus on feature developments that drive business innovation.

Figure 1. Where to access data tables in the Moderne Platform

How Moderne data tables are created

The deep, actionable insights in data tables are born from the unique process of creating Lossless Semantic Trees (LSTs) of your codebase and running search and transformation recipes on the LSTs. 

Recipes are programs that can be easily customized for infinite use cases. They make safe, 100% accurate, style-preserving source code changes across entire codebases leveraging a rules-based system. A recipe can represent a single, stand-alone operation or it can be linked together with other recipes to accomplish a larger goal such as a framework migration. 

Recipes can emit rows of structured data according to simple schemas that the recipes define. The Moderne Platform aggregates these rows of data across any number of repositories and produces a data table for you to view. Data tables are produced as Excel documents or CSV files that are easy to integrate into the data analytics tools you already use. See the example from the “Find Types” recipe in Figure 2.

Read on to learn just a few ways that you can use data tables to analyze and understand your code. 

Figure 2. Data table from the “Find Types” recipe

Assess, prioritize, and remediate security vulnerabilities

One key recipe that drives rich code analysis and updates for organizations is the “Find and Fix Vulnerable Dependencies” recipe, a software composition analysis (SCA) capability that detects publicly disclosed vulnerabilities in your dependencies. 

The data table from this recipe (see Figure 3)  provides detailed information about the repositories and their vulnerabilities including: 

  • A summary of what the security vulnerability is
  • The level of severity of each vulnerability (critical, high, moderate, or low)
  • The number of direct (depth=0) or transitive (depth=1 to x) dependencies
  • Whether a patch version update could address the vulnerability 
Figure 3. Data table from the “Find and Fix Vulnerable Dependencies” recipe

The vulnerability information is based on the GitHub Security Advisory Database, which aggregates vulnerability data from several public databases, including the National Vulnerability Database maintained by the United States government.

This data is not just informative—it's actionable. You can quickly determine how critical, disruptive, and potentially time-consuming these security dependency updates are going to be to remediate. 

The data can be used to prioritize actions for automated remediation, helping you focus on the most pressing vulnerabilities first. For instance, if minor version bumps require both dependency and code changes, you can prioritize patch release bumps, which this recipe also can easily automate. You simply review the pull request and can mass-commit the change anywhere it’s needed across your entire codebase. 

If a minor or major upgrade is required to reach the fixed version, this recipe will not make any changes. However, the data table enables you to quickly see which recipes you need to apply (or create) to affect minor or major library upgrades that will close the vulnerability and update the source code.

Understand the impact of code migrations for your entire organization

Moderne data tables also help with tasks like migrating to a new framework version, such as Spring Boot 3.x. They provide data about which small parts of the recipe made changes, helping you understand the most common changes and areas of greatest impact.

As an example, we have a recipe called “Migrate to Spring Boot 3.1” (see Figure 4). 

Figure 4. “Migrate to Spring Boot 3.1” recipe in the Moderne Platform marketplace

Migrating from Spring Boot 2 to Spring Boot 3.1 requires code changes in addition to dependency version bumps. To migrate to Spring Boot 3.1, you first have to migrate from:

  • Spring Boot 2.3 to 2.4
  • Spring Boot 2.4 to 2.5
  • Spring Boot 2.5 to 2.6
  • Spring Boot 2.6 to 2.7

You have to update the test from JUnit 4 to JUnit 5. You also have to migrate to Java 17, which means you have to migrate to Java 11 first if you haven’t yet. 

Each of these little migrations takes a number of steps, so the “Migrate to Spring Boot 3.1” recipe is deeply hierarchical. It links together recipes for each of these migrations as well as many others.

Sometimes, the most effective way to understand what data is telling you is through a chart or diagram. In the case of Spring Boot 3.1 migration, the information in the data table example below (see Figure 5) was ported into a Sankey diagram using Jupyter notebooks. The diagram shows the constituent parts of the recipe and the most common changes made. You can see that the most common change is to use the new instance of pattern match syntax that's available in Java 17. You can also see that the recipe made changes to ensure tests are not public, changed annotations, and upgraded the Java version. 

Figure 5. Sankey diagram built from the “Migrate to Spring Boot 3.1” data table

Find all API endpoints in your codebase for a holistic view, then automate updates

With data tables, you gain the ability to find and holistically view all the API endpoint definitions in your organization’s codebase so that you’re able to analyze and make decisions about it. By looking for all usages of a specific method, the data table can produce code samples for each call, allowing you to see exactly how the API is being used in your codebase. The Moderne Platform enables you to automatically update APIs and distribute the change everywhere at once across your codebase.

To illustrate, Moderne has an out-of-the-box recipe called “Find API endpoints” (see Figure 6) that traverses the LSTs to discover Spring HTTP API endpoints. In the example below, you can see that it ran across a set of 135 open-source repositories. It searched 65.7K files and found 522 results. 

Figure 6. “Find API endpoints” recipe execution and data tables

Clicking on the “Data tables” tab allows you to access and download the data table the recipe produced (see Figure 7). The data table from the “Find API endpoints” recipe provides the below information, which you can filter and use to perform impact analysis, prioritize changes, and make automated remediations:

  • Repository Origin
  • Repository Path
  • Repository Branch
  • SCM Type
  • Repository Link
  • Source Path
  • Method Name
  • Method
  • Path
Figure 7. Data table from running “Find API endpoints” recipe on OSS repositories

Aid compliance audits and track third-party software licenses 

Moderne data tables can also assist with compliance audits by identifying all the licenses in use across your repositories. You can filter the results to focus on specific types of licenses, such as GPL and LGPL dependencies.

Figure 8. Data table example for “Find licenses in use in third-party dependencies” recipe

Ready to get started with Moderne data tables?

Moderne data tables are a powerful tool for developers. They offer a comprehensive view of your codebase, helping you to manage vulnerabilities, plan migrations, comply with audits, and understand API usage. With Moderne data tables, you're not just managing code—you're leveraging its power to propel your business forward. Are you ready to harness the power of your codebase with Moderne?

You can now access data tables through both the Moderne Platform and the Moderne CLI.

For more information about how you can dig deeper into your source code and easily understand it in detail, try Moderne for free or schedule a meeting with us.