Spring Boot 2 To 3
PendingStatic analysis audit pending.
Overview
No static analysis result has been recorded yet. Pattern checks will appear here once the artifact has been analyzed.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may create branches, modify project files, and create commits during the migration.
The skill instructs the agent to run repository-mutating git commands and commit changes. This is expected for a migration workflow, and the instructions use a working branch and staged commits, but users should notice the agent can change repository state.
Run the following git command yourself ... `git checkout -b upgrade/sb3-<target-version>` ... Run `git add` and `git commit` for the recipe-generated changes only
Use this only on a clean working tree, review every diff and commit, and avoid pushing or merging until tests and human review pass.
Different runs may download different recipe/plugin versions and produce different code changes.
The workflow intentionally resolves current external OpenRewrite plugin and recipe versions, and one example uses LATEST. This is purpose-aligned for an upgrade guide, but it reduces reproducibility and depends on external package provenance.
Do not hardcode plugin or recipe versions. Look up current versions ... `-Drewrite.recipeArtifactCoordinates=org.openrewrite.recipe:rewrite-spring:LATEST`
Prefer pinning reviewed OpenRewrite plugin and recipe versions for a migration branch, and record the versions used in the migration notes.
If the script is absent, the workflow may fail; if a script is supplied from another location, it should be inspected before execution.
The manifest lists only SKILL.md and two reference files, with no scripts/check.sh present. That makes the helper unreviewable in the supplied artifact set and may simply cause the command to fail.
Run the check script from this skill’s `scripts/` directory, passing the target project path: `scripts/check.sh <project-dir>`
Verify the helper script exists in the installed skill and review it before running it, or perform the described checks manually.