Package io.codemodder.codemods

package io.codemodder.codemods

Classes

Class	Description
AddClarifyingBracesCodemod	Adds braces in situations where the lack of braces in combination with whitespace makes it seem like statements are in a different code flow.
AddMissingI18nCodemod	This codemod finds missing i18n keys in property files and adds them to the file, using an LLM to generate the missing values.
AddMissingOverrideCodemod	A codemod for automatically fixing missing @Override annotations.
AvoidImplicitPublicConstructorCodemod	A codemod for setting a private constructor to hide implicit public constructor (Sonar)
DeclareVariableOnSeparateLineCodemod	A codemod for declaring a variable on a separate line.
DefaultCodemods	Give an ability for users to list all the codemods so they don't have to reference them individually.
DefectDojoSqlInjectionCodemod	This codemod knows how to fix SQL injection findings that come through DefectDojo for supported vendors.
DefineConstantForLiteralCodemod	A codemod for defining a constant for a literal string that is duplicated n times.
DisableAutomaticDirContextDeserializationCodemod	Disables automatic return of objects in javax.naming.DirContext#search.
FixRedundantStaticOnEnumCodemod	A codemod for automatically removing redundant static flags on nested enums.
FixUnsafeNIOPathComparisonCodemod	Fix unsafe NIO path comparison.
HardenJavaDeserializationCodemod	Adds gadget filtering logic to ObjectInputStream.
HardenProcessCreationCodemod	Harden new process creation.
HardenStringParseToPrimitivesCodemod	A codemod that enforces the appropriate parsing technique for converting Strings to primitive types in the codebase.
HardenXMLDecoderCodemod	Adds gadget filtering logic to XMLDecoder streams.
HardenXMLInputFactoryCodemod	Disables external entity resolution in XMLInputFactory use.
HardenXMLReaderCodemod	Disables external entity resolution in XMLReader use.
HardenXStreamCodemod	Adds gadget filtering logic to XStream deserialization.
HardenZipEntryPathsCodemod	Adds path escaping detection to ZipInputStream.
HQLParameterizationCodemod	Parameterize possible injections for Hibernate queries.
InputResourceLeakCodemod	A codemod for automatically fixing input resource leaks detected by CodeQL's rule "java/input-resource-leak" whenever possible.
InsecureCookieCodemod	Fixes issues reported under the id "java/insecure-cookie".
JDBCResourceLeakCodemod	A codemod for automatically fixing JDBC resource leaks detected by CodeQL's rule "java/database-resource-leak" whenever possible.
JEXLInjectionCodemod	A codemod for automatically fixing JEXL injections detected by CodeQL's rule "java/jexl-expression-injection" whenever possible.
JSPScriptletXSSCodemod	This type corrects simple and obvious XSS vulnerabilities in JSPs.
LimitReadlineCodemod	Turns hardcoded seeds for PRNGs to be more random.
LogFailedLoginCodemod
MavenSecureURLCodemod	Fixes issues reported under the id "java/maven/non-https-url".
MigrateFilesCommonsIOToNIOCodemod	Migrates FileUtils APIs to Files where possible.
MigrateSpringJobBuilderFactoryCodemod	Migrates Spring code from using JobBuilderFactory to directly using JobBuilder.
MoveSwitchDefaultCaseLastCodemod	A codemod for moving the "default" case to last in switch statements.
OptimizeJacksonStringUsageCodemod
OutputResourceLeakCodemod	A codemod for automatically fixing output:w resource leaks detected by CodeQL's rule "java/output-resource-leak" whenever possible.
OverridesMatchParentSynchronizationCodemod	A codemod for automatically fixing overridden methods that do not match their parent methods in synchronization.
PreventFileWriterLeakWithFilesCodemod	Transform calls to BufferedWriter(Writer) that have anonymous FileWriter(File) in their constructor arguments to use an NIO method instead.
RandomizeSeedCodemod	Turns hardcoded seeds for PRNGs to be more random.
RemoveCommentedCodeCodemod	A codemod for removing commented-out lines of code.
RemoveRedundantVariableCreationCodemod	A codemod to remove redundant variable creation
RemoveUnusedImportCodemod
RemoveUnusedLocalVariableCodemod	Codemod to remove unused local variables which expression is a variable or just a Literal expression like a single boolean, char, double, integer, long, null, string or a text block string.
RemoveUnusedPrivateMethodCodemod	A codemod for removing unused private methods.
RemoveUselessParenthesesCodemod	Codemod to remove useless pair of parentheses
ReplaceDefaultHttpClientCodemod	This codemod replaces instances of org.apache.http.impl.client.DefaultHttpClient with HttpClientBuilder.create().useSystemProperties().build().
ReplaceStreamCollectorsToListCodemod	A codemod for replacing 'Stream.collect(Collectors.toList())' with 'Stream.toList()'
ResourceLeakCodemod	A codemod that wraps AutoCloseable objects whenever possible.
SanitizeApacheMultipartFilenameCodemod	Sanitizes multipart filename inputs from HTTP requests.
SanitizeHttpHeaderCodemod
SanitizeSpringMultipartFilenameCodemod	Sanitizes multipart filename inputs from HTTP requests.
SecureRandomCodemod	Turns Random into SecureRandom.
SemgrepOverlyPermissiveFilePermissionsCodemod
SensitiveDataLoggingCodemod	A codemod that removes any sensitive data being logged.
SimplifyRestControllerAnnotationsCodemod	A codemod to replace `@Controller` with `@RestController` and remove `@ResponseBody` annotations
SonarSQLInjectionCodemod
SonarUnsafeReflectionRemediationCodemod	Sonar remediation codemod for S2658: Classes should not be loaded dynamically.
SonarXXECodemod
SpringAbsoluteCookieTimeoutCodemod	This codemod will set the absolute timeout for Spring session cookies in application.properties if it's missing or too high.
SQLParameterizerCodemod	Parameterizes SQL statements in the JDBC API.
SSRFCodemod
StackTraceExposureCodemod	Fixes issues reported under the id "java/stack-trace-exposure"
SubstituteReplaceAllCodemod	A codemod for automatically replacing replaceAll() calls to replace() .
SwitchLiteralFirstComparisonsCodemod	A codemod for automatically switching the order of literals and variables in comparisons so they're guaranteed not to throw NullPointerException when the variable is unexpectedly null.
SwitchToStandardCharsetsCodemod	Moves strings to StandardCharsets fields.
UnverifiedJwtCodemod	Fixes issues reported under the id "missing-jwt-signature-check".
UpgradeSSLContextTLSCodemod	Targets making sure the protocols set in SSLContext.getInstance(String) are safe.
UpgradeSSLEngineTLSCodemod	Targets making sure the protocols set in SSLEngine.setEnabledProtocols(String[]) are safe.
UpgradeSSLParametersTLSCodemod	Targets making sure the protocols set in SSLParameters.setProtocols(String[]) are safe.
UpgradeSSLSocketProtocolsTLSCodemod	Targets making sure the protocols set in SSLSocket.setEnabledProtocols(String[]) are safe.
UpgradeTempFileToNIOCodemod	Upgrade the File.createTempFile(String, String) method to use the NIO version Files.createTempFile(String, String, FileAttribute[]).
UseEmptyForToArrayCodemod	A codemod that forces a zero-sized array to pass to Collection.toArray(Object[]) since that is preferable for performance.
ValidateJakartaForwardPathCodemod	Makes sure that internal Jakarta forwards don't go to places they shouldn't (e.g., /WEB-INF/web.xml.)
VerboseRequestMappingCodemod
VerbTamperingCodemod	Removes all <http-method> XML elements from files named web.xml.