AWS amazonq documentation change
Summary
Added details about required Java version upgrade paths and dependency transformations, removed sections about split diffs and change categorization
Security assessment
The changes focus on clarifying code transformation mechanics and Java version compatibility requirements. While dependency upgrades could have security implications indirectly, there is no explicit mention of vulnerability fixes, security patches, or security-related features in the diff. The removed content about split diffs appears to be workflow-related rather than security-related.
Diff
diff --git a/amazonq/latest/qdeveloper-ug/how-CT-works.md b/amazonq/latest/qdeveloper-ug/how-CT-works.md index 7c8d34573..c7946ad6f 100644 --- a//amazonq/latest/qdeveloper-ug/how-CT-works.md +++ b//amazonq/latest/qdeveloper-ug/how-CT-works.md @@ -9 +9 @@ Building your code and creating a transformation planTransforming your codeRevie -To transform your code, Amazon Q Developer generates a transformation plan that it uses to upgrade the code language version of your project. After transforming your code, it provides a transformation summary and a file diff for you to review changes before accepting them. The following sections provide more details on how Amazon Q performs the transformation. +To transform your code, Amazon Q Developer generates a transformation plan that it uses to upgrade the code language version of your project. After transforming your code, it provides a transformation summary and a file diff for you to review changes before accepting them. Since Amazon Q Developer makes the minimal changes necessary to make your upgraded code compatible with the target JDK, an additional transformation is required to upgrade your project's libraries and dependencies. The following sections provide more details on how Amazon Q performs the transformation. @@ -17,2 +16,0 @@ After generating the build artifact, Amazon Q builds your code in a secure build -Before the transformation begins, you have the option to split up the changes Amazon Q proposes into multiple diffs. This allows you to update and test your code with fewer changes at a time, and will require you to accept changes incrementally after the transformation is complete. - @@ -21 +19,16 @@ Before the transformation begins, you have the option to split up the changes Am -To transform your code, Amazon Q attempts to upgrade your code to the target Java version based on the proposed changes in the transformation plan. As it makes changes, it re-builds and runs existing unit tests in your source code to iteratively fix any encountered errors. +To transform your code, Amazon Q attempts to upgrade your code to the target Java version based on the proposed changes in the transformation plan. As it makes changes, it re-builds and runs existing unit tests in your source code to iteratively fix any encountered errors. The JDK upgrade can be made from the following source code version to the target version: + + * Java 8 to 17 + + * Java 8 to 21 + + * Java 11 to 17 + + * Java 11 to 21 + + * Java 17 to 21 + + + + +Amazon Q Developer makes the minimal changes necessary to make your code compatible with the target Java version. After successfully upgrading to Java 17 or 21, an additional transformation is required to upgrade your project's libraries and dependencies. Choose the same source code version and target code version (for example, 17 to 17). @@ -104,23 +116,0 @@ After you review the transformation summary, you can view the changes Amazon Q i -If you chose to have Amazon Q split up the changes into multiple diffs, it will provide one or more diffs with changes, depending on the upgrades required for your application. If applicable to your application, the changes are categorized in the following groups: - - * Minimum compatible library versions to the target Java version: Upgrade dependencies, including Springboot, JUnit, and PowerMockito, to the minimum compatible versions in the target Java version. - - * Popular enterprise specifications application frameworks: Upgrade popular enterprise and application frameworks like Jakarta EE, Hibernate, and Micronaut 3. - - * HTTP client utilities web frameworks: Upgrade HTTP client libraries, Apache Commons utilities, and Struts frameworks. - - * Testing tools frameworks: Upgrade testing tools like ArchUnit, Mockito, and TestContainers and build tools like Jenkins and Maven Wrapper. - - * Miscellaneous processing documentation: Multiple types of upgrades, including ORMs, XML processing, and API documentation like Swagger to SpringDoc/OpenAPI. - - * Deprecated APIs, outdated dependencies, and formatting: Replace deprecated APIs, make additional dependency version upgrades, and format code changes - - - - -Amazon Q will provide one diff file at a time, and you must accept changes in a diff to review the following diff. If you reject changes in a diff, you won’t be able to review any other diffs. After you accept changes from one diff, you can review the updates to your code and test the changes before continuing to accept subsequent changes. - -Note that there may be minor version downgrades across the diffs. For example, you may see a dependency version upgraded to a newer version in the first diff, and in a subsequent diff see an older version of the dependency. This is because Amazon Q might need to adjust versions to accommodate changes made in each diff. After you accept changes from all the diffs, your code will contain the most recent reliable versions. - -The title of the diff will indicate whether the proposed changes will result in a full or partial transformation. If the diff indicates the transformation was only partially successful, then it does not include all necessary changes for a complete transformation and a successful code build. To get the most upgraded version of your code, accept all the code diffs, including partially successful ones. Then, you can manually update your code to address the errors Amazon Q wasn’t able to fix. -