All Classes and Interfaces
Classes
Class
Description
Adds braces in situations where the lack of braces in combination with whitespace makes it seem
like statements are in a different code flow.
This codemod finds missing i18n keys in property files and adds them to the file, using an LLM to
generate the missing values.
A codemod for automatically fixing missing @Override annotations.
A codemod for setting a private constructor to hide implicit public constructor (Sonar)
A codemod for declaring a variable on a separate line.
Give an ability for users to list all the codemods so they don't have to reference them
individually.
This codemod knows how to fix SQL injection findings that come through DefectDojo for supported
vendors.
A codemod for defining a constant for a literal string that is duplicated n times.
Disables automatic return of objects in
javax.naming.DirContext#search.A codemod for automatically removing redundant static flags on nested enums.
Fix unsafe NIO path comparison.
Adds gadget filtering logic to
ObjectInputStream.Harden new process creation.
A codemod that enforces the appropriate parsing technique for converting Strings to primitive
types in the codebase.
Adds gadget filtering logic to
XMLDecoder streams.Disables external entity resolution in
XMLInputFactory use.Disables external entity resolution in
XMLReader use.Adds gadget filtering logic to XStream deserialization.
Adds path escaping detection to
ZipInputStream.Parameterize possible injections for Hibernate queries.
A codemod for automatically fixing input resource leaks detected by CodeQL's rule
"java/input-resource-leak" whenever possible.
Fixes issues reported under the id "java/insecure-cookie".
A codemod for automatically fixing JDBC resource leaks detected by CodeQL's rule
"java/database-resource-leak" whenever possible.
A codemod for automatically fixing JEXL injections detected by CodeQL's rule
"java/jexl-expression-injection" whenever possible.
This type corrects simple and obvious XSS vulnerabilities in JSPs.
Turns hardcoded seeds for PRNGs to be more random.
Fixes issues reported under the id "java/maven/non-https-url".
Migrates
FileUtils APIs to Files where
possible.Migrates Spring code from using JobBuilderFactory to directly using JobBuilder.
A codemod for moving the "default" case to last in switch statements.
A codemod for automatically fixing output:w resource leaks detected by CodeQL's rule
"java/output-resource-leak" whenever possible.
A codemod for automatically fixing overridden methods that do not match their parent methods in
synchronization.
Transform calls to
BufferedWriter(Writer) that have anonymous
FileWriter(File) in their constructor arguments to use an NIO method
instead.Turns hardcoded seeds for PRNGs to be more random.
A codemod for removing commented-out lines of code.
A codemod to remove redundant variable creation
Codemod to remove unused local variables which expression is a variable or just a Literal
expression like a single boolean, char, double, integer, long, null, string or a text block
string.
A codemod for removing unused private methods.
Codemod to remove useless pair of parentheses
This codemod replaces instances of org.apache.http.impl.client.DefaultHttpClient with
HttpClientBuilder.create().useSystemProperties().build().
A codemod for replacing 'Stream.collect(Collectors.toList())' with 'Stream.toList()'
A codemod that wraps AutoCloseable objects whenever possible.
Sanitizes multipart filename inputs from HTTP requests.
Sanitizes multipart filename inputs from HTTP requests.
Turns
Random into SecureRandom.A codemod that removes any sensitive data being logged.
A codemod to replace `@Controller` with `@RestController` and remove `@ResponseBody` annotations
Sonar remediation codemod for S2658: Classes should not be loaded dynamically.
This codemod will set the absolute timeout for Spring session cookies in application.properties
if it's missing or too high.
Parameterizes SQL statements in the JDBC API.
Fixes issues reported under the id "java/stack-trace-exposure"
A codemod for automatically replacing replaceAll() calls to replace() .
A codemod for automatically switching the order of literals and variables in comparisons so
they're guaranteed not to throw
NullPointerException when the variable is unexpectedly
null.Moves strings to
StandardCharsets fields.Fixes issues reported under the id "missing-jwt-signature-check".
Targets making sure the protocols set in
SSLContext.getInstance(String) are
safe.Targets making sure the protocols set in
SSLEngine.setEnabledProtocols(String[]) are safe.Targets making sure the protocols set in
SSLParameters.setProtocols(String[]) are safe.Targets making sure the protocols set in
SSLSocket.setEnabledProtocols(String[]) are safe.Upgrade the
File.createTempFile(String, String) method to use the NIO version
Files.createTempFile(String, String, FileAttribute[]).A codemod that forces a zero-sized array to pass to
Collection.toArray(Object[]) since that is preferable for performance.Makes sure that internal Jakarta forwards don't go to places they shouldn't (e.g.,
/WEB-INF/web.xml.)
Removes all
<http-method> XML elements from files named web.xml.