Autonomous application modernization using multi-agent orchestration for GitHub Copilot CLI.

This plugin enables autonomous modernization of Java and .NET applications through a multi-agent orchestration system. Just describe what you need — upgrade Java versions, migrate to Azure, fix CVE vulnerabilities, or rearchitect your application — and the orchestrator automatically routes your request through the right workflow:

1. Assessment: Analyzes applications to identify modernization opportunities (auto-detects Java or .NET)
2. Planning: Generates executable task plans based on assessment results, enterprise policies, and user-defined constraints
3. Execution: Routes tasks to specialized agents for parallel execution — including Java upgrades, Azure migrations, security fixes, and structural rewrites

Enterprise modernization intent — target architectures, upgrade standards, guardrails, and compliance policies — can be embedded directly into the workflow through a rulebook, ensuring every generated plan aligns with your organization's standards.

• Java Upgrades: Java version upgrades (8 → 11 → 17 → 21), Spring Boot 2.x → 3.x, javax → jakarta migration, deprecated API migration
• Azure Migration: Migrate Java and .NET applications to Azure services (Service Bus, Azure SQL, Redis, Key Vault, Application Insights, Managed Identity)
• CVE & Vulnerability Fixing: Scan and fix CVE vulnerabilities in Maven and NuGet dependencies, including Log4j, Spring, Jackson, and OWASP dependency analysis
• Application Rearchitecture: Structural rewrites such as monolith-to-microservices decomposition, legacy UI modernization (WinForms → React/Angular, JSP → modern SPA), and module extraction
• .NET Modernization: Assess and migrate .NET applications to Azure, including NuGet security audits and ASP.NET-to-Azure migrations
• Enterprise Policy Support: Embed your organization's modernization intent — target architectures, upgrade standards, guardrails, and compliance policies — directly into the workflow via a rulebook
• Multi-Agent Orchestration: 3-level agent hierarchy (orchestrator → coordinators → executors) with automatic routing — just describe what you need
• Parallel Execution: Executor agents handle tasks concurrently
• Self-Verification: Executors implement build, test, and validation checks with retry logic
• Commit History Preservation: Detailed per-phase/per-task commits for review

1. Download Copilot CLI: Download from https://github.com/github/copilot-cli and follow the installation instructions for your platform.

2. Navigate to your project: Open a terminal and navigate to your project directory:

   cd /path/to/your/project

3. Start Copilot CLI:

   copilot

# Add the marketplace
copilot plugin marketplace add microsoft/github-copilot-modernization

# Install the plugin
copilot plugin install github-copilot-modernization@github-copilot-modernization

# Update the plugin (when a new version is available)
copilot plugin update github-copilot-modernization@github-copilot-modernization

Start the modernization orchestrator agent:

copilot --agent=github-copilot-modernization:modernize

Or with auto-approval for unattended execution:

copilot --agent=github-copilot-modernization:modernize --allow-all

Once in the CLI, simply ask in natural language:

copilot> modernize my application

Or be more specific:

copilot> upgrade this app to Java 21
copilot> migrate this Spring Boot app to Azure

Note: Only modernize is user-invocable. All other agents are internal and routed to automatically by the orchestrator.

The orchestrator supports multiple workflows depending on user intent:

All workflows run automatically — just describe what you want and the orchestrator handles routing.

• Discovers applications in the specified path
• Auto-detects project language (Java or .NET) and uses the appropriate analysis tools
• Analyzes dependencies, frameworks, and versions
• Identifies modernization opportunities and risks
• Saves results to .github/modernize/assessment/ (report.json)

• Loads assessment results and enterprise rulebook (if present)
• Merges enterprise constraints (target architectures, guardrails, standards) with assessment findings — rulebook policies override assessment recommendations
• Generates an executable task plan with language metadata
• Saves the plan to .github/modernize/<plan-name>/plan.md and tasks.json

• Routes tasks to specialized executor agents based on language and task type:
  • Java upgrade tasks → Java version upgrades, Spring Boot upgrades, javax → jakarta migration, deprecated API migrations
  • Azure migration tasks (Java) → Service Bus, Azure SQL, Redis, Key Vault, Application Insights, Managed Identity
  • Azure migration tasks (.NET) → ASP.NET to Azure, NuGet dependency updates, .NET-specific Azure service integrations
  • Security/CVE tasks → CVE vulnerability scanning and fixing for Maven and NuGet dependencies
  • Rearchitecture tasks → Structural rewrites using a multi-agent coordinator/worker pattern (monolith decomposition, legacy UI modernization, module extraction)
• Each executor queries MCP knowledge base for migration patterns
• Monitors progress with automatic retry on failure

Organizations can embed their modernization policies, target architectures, and upgrade standards directly into the workflow through a rulebook. This ensures every generated plan aligns with enterprise standards — without requiring manual review of each decision.

Place markdown files in the .github/modernize/rulebook/ directory of your project. The planning phase automatically reads all .md files in this folder and merges them with assessment results before generating the task plan. Rulebook constraints override assessment recommendations — if your rulebook specifies "use Azure Service Bus for messaging," that takes precedence regardless of what the assessment discovers.

Create .github/modernize/rulebook/enterprise-standards.md:

# Enterprise Modernization Standards

## Target Architecture
- All Java applications must target Java 21 and Spring Boot 3.x
- Use Azure Container Apps for microservices deployments
- Use Azure Service Bus for all asynchronous messaging (replace RabbitMQ, ActiveMQ)
- Use Azure Database for PostgreSQL Flexible Server for relational data

## Security & Compliance
- All services must authenticate using Managed Identity — no connection strings or passwords in code
- All public endpoints must be behind Azure Front Door
- Enable Azure Defender for all deployed resources

## Guardrails
- Do not use Azure Functions for long-running processes
- Do not introduce Kafka — use Event Hubs with Kafka protocol if needed
- All infrastructure must be defined in Bicep (no Terraform, no ARM templates)

No fixed naming or structure is required — use any filenames and headings that make sense for your organization. The orchestrator infers the purpose of each file from its content.

Without a rulebook, the plugin applies sensible defaults:

• Java: Upgrade to 17+ (21 only if explicitly requested); Spring Boot 3.x with javax → jakarta migration
• Azure: Managed Identity for authentication; managed database services for relational data
• Messaging: RabbitMQ/ActiveMQ → Azure Service Bus; Kafka → Azure Event Hubs
• Infrastructure: Bicep by default

copilot --agent=github-copilot-modernization:modernize
copilot> upgrade this app to Java 21

copilot --agent=github-copilot-modernization:modernize
copilot> migrate this Spring Boot app to Azure

copilot --agent=github-copilot-modernization:modernize
copilot> modernize my .NET application for Azure

copilot --agent=github-copilot-modernization:modernize
copilot> fix CVE vulnerabilities in my project

copilot --agent=github-copilot-modernization:modernize
copilot> rearchitect my monolithic application into microservices

copilot --agent=github-copilot-modernization:modernize
copilot> modernize my application

Here's a complete example modernizing a Spring Boot app:

# 1. Navigate to project
cd ~/projects/my-spring-app

# 2. Start the orchestrator
copilot --agent=github-copilot-modernization:modernize

# 3. Ask for modernization (assessment, planning, and execution run automatically)
copilot> modernize my application

# 4. After completion, verify results
mvn clean test
mvn spring-boot:run

# Verify marketplace is added
copilot plugin marketplace list

# Re-add marketplace if needed
copilot plugin marketplace add microsoft/github-copilot-modernization

# Reinstall
copilot plugin install github-copilot-modernization@github-copilot-modernization

• For Java projects: verify pom.xml or build.gradle exists in your project root
• For .NET projects: verify .csproj or .sln exists in your project root
• Ensure you are in the correct directory before starting Copilot CLI

The plugin uses the MCP server defined in .mcp.json. If you encounter issues, try reinstalling the plugin to reset the MCP configuration.

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit Contributor License Agreements.

When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.

MIT