Forem: Anupam Kushwaha The latest articles on Forem by Anupam Kushwaha (@anupam_kushwaha_85). https://forem.com/anupam_kushwaha_85 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3758282%2Fbdc81381-ebe4-4df9-83a2-1c63d64c7025.jpg Forem: Anupam Kushwaha https://forem.com/anupam_kushwaha_85 en From Scaffolding to Debugging: Spring Boot with GitHub Copilot CLI Anupam Kushwaha Mon, 09 Feb 2026 18:33:58 +0000 https://forem.com/anupam_kushwaha_85/from-scaffolding-to-debugging-spring-boot-with-github-copilot-cli-3e3l https://forem.com/anupam_kushwaha_85/from-scaffolding-to-debugging-spring-boot-with-github-copilot-cli-3e3l <p><em>This is a submission for the <a href="https://dev.to/challenges/github-2026-01-21">GitHub Copilot CLI Challenge</a></em></p> <h2> What I Built </h2> <p>I built a production-ready Spring Boot REST API secured with JWT authentication.</p> <p>The application includes:</p> <ul> <li>User registration and authentication</li> <li>Stateless JWT-based authorization</li> <li>Task management (CRUD operations)</li> <li>Layered architecture (controller, service, repository, entity, DTO)</li> <li>Multi-database support: <ul> <li>H2 for local development</li> <li>PostgreSQL for production readiness</li> </ul> </li> </ul> <p>This project explores whether GitHub Copilot CLI can act as a real engineering assistant — not just a code generator — while building a secure backend following real-world Spring Boot best practices.</p> <h2> Demo </h2> <p>🔗 <strong>Repository:</strong><br><br> <a href="https://github.com/anupamkushwaha85/copilot-cli-springboot-jwt" rel="noopener noreferrer">https://github.com/anupamkushwaha85/copilot-cli-springboot-jwt</a></p> <h3> Screenshots </h3> <p><strong>Project scaffolding with GitHub Copilot CLI</strong><br><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F2zb5c8gjcp8kfwt9i8ar.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F2zb5c8gjcp8kfwt9i8ar.png" alt="GitHub Copilot CLI generating the complete Spring Boot project structure, including entities, repositories, services, controllers, and security configuration." width="800" height="449"></a></p> <p><strong>JWT security and service layer generation</strong><br><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffn2t86g6xkg7dl2asf7e.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffn2t86g6xkg7dl2asf7e.png" alt="Copilot CLI generating JWT authentication, Spring Security filters, service layer logic, and REST controllers using iterative prompts." width="800" height="449"></a></p> <p><strong>Debugging Spring Security (403 Forbidden issue)</strong><br><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0wjwrvxixwgyn8d6d0y5.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0wjwrvxixwgyn8d6d0y5.png" alt="Initial 403 Forbidden error when testing authentication endpoints, highlighting a real Spring Security configuration issue." width="800" height="379"></a></p> <p><strong>API testing with Postman</strong><br><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fi02fg5rinwy5ffq3xix4.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fi02fg5rinwy5ffq3xix4.png" alt="Successful user registration and authentication using JWT tokens." width="800" height="667"></a></p> <p><strong>Protected endpoints in action</strong><br><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3c71lzpyoblfvxib529b.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3c71lzpyoblfvxib529b.png" alt="JWT-secured task APIs accessed with authenticated requests." width="800" height="672"></a></p> <h2> My Experience with GitHub Copilot CLI </h2> <p>GitHub Copilot CLI was used throughout the entire development lifecycle — not just for initial scaffolding.</p> <p>Copilot CLI assisted with:</p> <ul> <li>Generating the complete project structure and Maven configuration</li> <li>Creating entities, repositories, services, controllers, and DTOs</li> <li>Implementing JWT authentication and Spring Security configuration</li> <li>Adapting the application for H2 (development) and PostgreSQL (production)</li> <li>Generating documentation alongside the code</li> </ul> <h3> Real Debugging with Copilot CLI </h3> <p>One of the most valuable moments was debugging a <code>403 Forbidden</code> error on the authentication endpoints.</p> <p>Instead of trial-and-error:</p> <ul> <li>Copilot CLI analyzed the Spring Security configuration</li> <li>Identified default form login and HTTP basic auth interference</li> <li>Suggested disabling them explicitly</li> <li>Provided the exact fix in <code>SecurityConfig</code> </li> </ul> <p>This experience showed that Copilot CLI is effective not only for writing code, but also for systematic debugging and root-cause analysis. It significantly reduced setup friction and allowed me to focus on architecture and correctness instead of boilerplate.</p> <h4> Outcome: </h4> <p>A production-ready backend built end-to-end with GitHub Copilot CLI, demonstrating real-world usage beyond code generation.</p> devchallenge githubchallenge cli githubcopilot