Home / AI & ML / GitHub Copilot

A step-by-step guide to modernizing Java projects with GitHub Copilot agent mode

Learn how to use GitHub Copilot agent mode to modernize legacy Java projects with guided upgrades, automated fixes, and cloud-ready migrations.

·@AndreaGriffiths11
| 8 minutes

Whether you’re migrating your app to the cloud or updating Java runtime, modernizing legacy applications is rarely simple. Conflicting or deprecated dependencies, antiquated deployment targets, and lingering security vulnerabilities often block smooth progress.  

That’s when GitHub Copilot agent mode, paired with the GitHub Copilot app modernization VS Code extension, comes in.  This toolset delivers an interactive, step-by-step experience to help you upgrade and migrate your Java projects faster, with fewer errors and more confidence. 

While this guide highlights Java modernization, we also support end-to-end .NET app modernization within Visual Studio through GitHub Copilot Agent Mode. This includes AI-assisted .NET upgrades, cloud-ready migration paths, and seamless deployment to Azure — delivering a consistent, guided experience across the entire modernization journey that reduces manual effort and accelerates time to value. Learn more in the docs

In this article, you’ll learn how to use these tools together in Visual Studio Code to: 

  • Analyze your Java project and generate an upgrade plan 
  • Apply changes automatically using GitHub Copilot 
  • Fix build issues and validate tests in-loop 
  • Detect and fix CVEs post-upgrade 

But first, there are a few things you’ll need

To follow along, make sure you have:

Got it? Now let’s dive into the good stuff. 

Overview

When you start an agent session using the Java upgrade extension, Copilot performs the following:

  1. Analyzes your Java codebase
  2. Generates a customizable upgrade plan
  3. Executes code transformations using tools like OpenRewrite
  4. Fixes build errors iteratively
  5. Validates changes through test execution
  6. Scans for CVEs, provides code validation behavior and proposes secure replacements
  7. Provides a full summary report

Getting started, Step 1: Open your Java project in VS Code

Use a sample legacy Java project (or your own), with source control initialized using Git and a working test suite (ideally with unit tests).

git clone https://github.com/your-org/your-legacy-java-app.git
cd your-legacy-java-app
code

Step 2: Start an agent session in VS Code

Launch the GitHub Copilot chat sidebar and start a new agent session. Choose GitHub Copilot app modernization – upgrade for Java from the available tools. 

A Visual Studio Code window showing a Java project called ‘spring-webflow’. The file explorer is open on the left, displaying project files including build.gradle, settings.gradle, and a README.md. The main editor shows the README.md file with text describing Spring Web Flow. At the top, a Copilot agent mode tool selection dropdown is visible with options for upgrading Java projects. On the right sidebar, the Copilot Agent Mode panel is open, explaining how Copilot can edit files, run commands, and handle context.

Copy and paste this inside your agent session to begin:

Using Java upgrade tools,upgrade this project to Java 21. Analyze deprecated APIs, update Gradle dependencies, and propose a safe, testable migration plan.

Step 3: Let Copilot scan and plan

Copilot will analyze your project and propose an upgrade plan. The tool begins with a scan of your:

  • JDK version usage
  • Build tool configurations (build.gradle for Gradle or pom.xml for Maven)
  • Outdated or insecure dependencies
  • Deprecated APIs and language features

It then creates a structured upgrade plan, editable in the Copilot chat. You can prompt Copilot to exclude modules from this upgrade or make any necessary adjustments to the plan.

Visual Studio Code window showing a Java project upgrade plan. In the main editor, the file plan.md is open with sections for Project Information, Java Environments, Upgrade Goals, and Additional Tasks. It specifies upgrading from Java 17 to Java 21 using Gradle Wrapper. On the right-hand Copilot Agent Mode panel, JSON input and output are displayed, showing that a new upgrade session was created with an auto-generated migration plan. The file explorer on the left lists project files including build.gradle, progress.md, and other configuration files.

Step 4: Apply changes and resolve errors

Once you approve the plan, Copilot begins upgrading files, adjusting imports, and fixing syntax errors. If build errors pop up, Copilot enters a fix-and-test loop until the project compiles cleanly.

Visual Studio Code window showing a log file 3.1.upgradeProjectUsingOpenRewrite.log from a Java project upgrade. The log details tasks for upgrading to Java 21, including collecting and applying OpenRewrite recipes, running Gradle builds, and reporting many tasks as UP-TO-DATE. On the right, the Copilot Agent Mode panel displays input and output for the upgrade session, with instructions and notes about executing the plan. The file explorer on the left lists Java project files, including logs, Gradle files, and source folders.

Copilot produces a detailed upgrade report, including: 

  • Changed files and commit history 
  • API and dependency updates 
  • Remaining to-dos and next steps 
Visual Studio Code window showing a summary report summary.md for upgrading a Java project to version 21. The report includes project information, goals, test changes showing all 1177 tests passing before and after, and dependency changes with Java upgraded from 17 to 21. On the right sidebar, Copilot Agent Mode displays migration benefits, a risk assessment marked LOW, and next steps for production such as updating environments, CI/CD pipelines, documentation, and monitoring. The file explorer on the left shows project files including plan.md, progress.md, and Gradle configuration files.

Example code changes before and after the upgrade:

// Before (deprecated constructor)
View view = this.resolver.resolveViewName("intro", new Locale("EN"));

// After Java 21 upgrade
View view = this.resolver.resolveViewName("intro", Locale.of("EN"));

Step 5: Migrate to Azure

To make the app Azure-ready, you can run an app assessment to identify cloud readiness issues. From the GitHub Copilot app modernization extension UI, click on Migrate to Azure.

Visual Studio Code sidebar showing the GitHub Copilot App Modernization panel. Under ‘Quickstart’, it asks how to modernize a Java app, with two blue buttons: ‘Upgrade Runtime & Frameworks’ and ‘Migrate to Azure’. A message below recommends using Claude Sonnet 3.7 or later. Below, an ‘Assessment’ section links to an ‘Assessment Report.

Depending on the deployment target, GitHub Copilot app modernization will identify cloud migration issues with recommended actions. To set the deployment target, modify the assessment-config.yaml file under the appmod-java/appcat folder. In this example, we will choose Azure Kubernetes Service (AKS) as the target. (Other deployment targets include Azure App Service, Azure App Service Managed Instance, Azure Container Apps, Azure Kubernetes Service, and AKS Automatic, etc.)

Visual Studio Code editor showing a YAML configuration file named assessment-config.yaml. The file defines appcat with a target set to azure-aks and mode set to source-only.

An assessment report is generated, detailing cloud readiness issues. Click on the migrate button associated with the Auth Migration issue category to move from on-premise user authentication to Microsoft Entra ID.

Cloud Readiness report panel showing an issue under ‘Auth Migration (Spring Security)’. Criticality is marked as ‘Potential (1)’, code impact is 2, and the solution suggests migrating from on-premises user authentication to Microsoft Entra ID. A blue ‘Migrate’ button appears in the Action column.

Similar to the upgrade process, Copilot first makes a plan highlighting the dependency updates and configuration changes. Once you approve the plan, Copilot will go ahead and execute the migration steps.

Visual Studio Code editor showing a plan.md file under code-migration. The file contains an analysis summary for a Spring WebFlow project with Spring Security integration. It notes use of Spring Security BOM 6.0.8, framework nature, SecurityFlowExecutionListener component, Java 21, and Spring Framework 6.0.23. The ‘Files to be Modified’ section highlights dependency updates in build.gradle, requiring Microsoft Entra ID dependencies. Changes include adding spring-cloud-azure-starter-active-directory, spring-boot-starter-oauth2-client, and updating the BOM for Spring Cloud Azure dependencies.

Copilot summarizes a list of changes made for this migration scenario. These changes include: 

  • Added Microsoft Entra ID dependency in the build configuration 
  • Added configuration for Microsoft Entra ID in Application.properties 
  • Added configuration adapter for Spring security to enable Microsoft Entra ID  
  • Added documentation to explain how to implement Microsoft Entra ID authentication with the Spring WebFlow app 
Visual Studio Code editor showing a summary.md file titled ‘Migration Summary: On-premises User Authentication to Microsoft Entra ID’. The overview lists project details, migration scenario, session ID, date (September 10, 2025), and a status of ‘Completed Successfully’. The summary describes dependency updates, documentation creation, and framework enhancement for Spring WebFlow. On the right, the panel shows files created/modified (build.gradle, entra-id-integration.adoc, SampleEntraIdSecurityConfig.java, and application.properties) along with validation results confirming no vulnerabilities, successful build, and all tests passing.

Step 6: Validate changes and review the report 

With your code updated, it’s time to confirm everything works as expected. Copilot will guide you through running your test suite using your project’s build system. 

For Maven projects, you can also run tests manually with:

bash

./mvnw test

For Gradle projects:

bash

./gradlew test

If there are failures, Copilot will help debug or even write missing tests based on your recent changes. All with the human-in-the-loop principle, who has to confirm all proposed steps.

Automated CVE scanner  

GitHub Copilot app modernization automatically performs comprehensive CVE scanning across all changed dependencies, a critical security feature consistently requested by development teams. When vulnerabilities are detected, the agent intelligently proposes safe version replacements or recommends alternative libraries to maintain security compliance. 

Validation report panel titled ‘Iteration 1 – Stage 1: CVE Validation’. It lists newly added dependencies spring-cloud-azure-starter-active-directory:5.22.0 and spring-boot-starter-oauth2-client:3.3.5. The output confirms ‘No known CVEs found for the dependencies.’ A note at the bottom states that Stage 1 completed successfully with no changes required

Deploy to Azure 

Deploying the app to Azure can be a long, painstaking process, and requires a specific set of skills to craft infrastructure as code. We’ve simplified this step and automated deployment to Azure, so you can go from code to cloud faster.  

Visual Studio Code sidebar showing the GitHub Copilot App Modernization for Java panel. Under ‘Tasks’, sections include Upgrade Tasks, Migration Tasks, Quality & Security Tasks, Deployment Tasks, and My Tasks. The Deployment Tasks section is expanded, showing options to deploy to existing Azure infrastructure or provision infrastructure and deploy to Azure.
Deployment summary panel showing key highlights of an Azure deployment. It lists: 6 Azure resources provisioned, a live application running with a container apps URL, total deployment time of 4 minutes 58 seconds, auto-scaling enabled (1–10 replicas), full monitoring with Application Insights and Log Analytics, and secure deployment using managed identities. A note at the bottom explains this record serves as documentation for future reference and understanding resource relationships.

Java modernization complete 

And that’s it. With GitHub Copilot app modernization, you can take a legacy Java project and make it cloud ready. It remediates code for Java upgrades and migrations scenarios, resolves build issues, validates changes, and even helps strengthen test coverage — all within a single, guided workflow. 

Try Copilot agent mode today 

Whether you’re modernizing Java, upgrading .NET, or planning your next migration, these extensions that enhance Copilot agent mode are ready to help you analyze large codebases, plan upgrades or migrations, fix issues automatically, and save hours of manual debugging. 

Special thanks to Sandra Ahlgrimm, senior cloud advocate at Microsoft, and Nick Zhu, senior program manager at Microsoft, who helped contribute to this blog post. 

To get started, modernize your Java and .NET apps, or learn more about the latest AI-assisted modernization enhancements from Azure.

Tags:

Written by

Andrea Griffiths

Andrea Griffiths

@AndreaGriffiths11

Andrea is a Senior Developer Advocate at GitHub with over a decade of experience in developer tools. She combines technical depth with a mission to make advanced technologies more accessible. After transitioning from Army service and construction management to software development, she brings a unique perspective to bridging complex engineering concepts with practical implementation. She lives in Florida with her Welsh partner, two sons, and two dogs, where she continues to drive innovation and support open source through GitHub's global initiatives. Find her online @alacolombiadev.

Related posts