Update SonarModule to receive a list of sonar hotspot files (#375)

Refactor for future configuration of the sonar hotspots

Author: carlosu7

core-codemods/src/test/java/io/codemodder/codemods/AddMissingI18nCodemodTest.java

@@ -254,6 +254,7 @@ private CodemodLoader createLoader(final Class<? extends CodeChanger> codemodTyp
         Files.list(dir).toList(),
         Map.of(),
         List.of(),
+        List.of(),
         null,
         null,
         null);

core-codemods/src/test/java/io/codemodder/codemods/JSPScriptletXSSCodemodTest.java

@@ -50,6 +50,7 @@ void it_fixes_jsp(
             List.of(jsp),
             Map.of(),
             List.of(),
+            List.of(),
             null,
             null,
             null);

core-codemods/src/test/java/io/codemodder/codemods/VerbTamperingCodemodTest.java

@@ -60,6 +60,7 @@ void it_removes_verb_tampering(
             List.of(webxml),
             Map.of(),
             List.of(),
+            List.of(),
             null,
             null,
             null);

framework/codemodder-base/src/main/java/io/codemodder/CLI.java

@@ -133,7 +133,7 @@ final class CLI implements Callable<Integer> {
       description =
           "comma-separated set of path(s) to file(s) containing the result of a call to the Sonar Web API Hotspots endpoint",
       split = ",")
-  private List<Path> sonarHotspotsJsonFilePaths;
+  private List<String> sonarHotspotsJsonFilePaths;
 
   @CommandLine.Option(
       names = {"--contrast-vulnerabilities-xml"},
@@ -382,6 +382,7 @@ public Integer call() throws IOException {
       CodeDirectory codeDirectory = new DefaultCodeDirectory(projectPath);
       List<Path> sarifFiles = convertToPaths(sarifs);
       List<Path> sonarIssuesJsonFiles = convertToPaths(sonarIssuesJsonFilePaths);
+      List<Path> sonarHotspotJsonFiles = convertToPaths(sonarHotspotsJsonFilePaths);
       Map<String, List<RuleSarif>> pathSarifMap =
           SarifParser.create().parseIntoMap(sarifFiles, codeDirectory);
       List<ParameterArgument> codemodParameters =
@@ -397,6 +398,7 @@ public Integer call() throws IOException {
               pathSarifMap,
               codemodParameters,
               sonarIssuesJsonFiles,
+              sonarHotspotJsonFiles,
               defectDojoFindingsJsonFilePath,
               contrastVulnerabilitiesXmlFilePath);
       List<CodemodIdPair> codemods = loader.getCodemods();

framework/codemodder-base/src/main/java/io/codemodder/CodemodLoader.java

@@ -29,6 +29,7 @@ public CodemodLoader(
       final Map<String, List<RuleSarif>> ruleSarifByTool,
       final List<ParameterArgument> codemodParameters,
       final List<Path> sonarIssuesJsonFiles,
+      final List<Path> sonarHotspotsJsonFiles,
       final Path defectDojoFindingsJsonFile,
       final Path contrastVulnerabilitiesXmlFilePath) {
 
@@ -101,6 +102,7 @@ public CodemodLoader(
               orderedCodemodTypes,
               allWantedSarifs,
               sonarIssuesJsonFiles,
+              sonarHotspotsJsonFiles,
               defectDojoFindingsJsonFile,
               contrastVulnerabilitiesXmlFilePath);
       allModules.addAll(modules);

framework/codemodder-base/src/main/java/io/codemodder/CodemodProvider.java

@@ -36,13 +36,14 @@ Set<AbstractModule> getModules(
       List<Class<? extends CodeChanger>> codemodTypes,
       List<RuleSarif> sarifs,
       List<Path> sonarIssuesJsonPaths,
+      List<Path> sonarHotspotsJsonPaths,
       Path defectDojoFindingsJsonPath,
       Path contrastFindingsJsonPath);
 
   /**
    * Tools this provider is interested in processing the SARIF output of. Codemodder CLI will look
    * for the SARIF outputted by tools in this list in the repository root and then provide the
-   * results to {@link #getModules(Path, List, List, List, List, List, List, Path, Path)} as a
+   * results to {@link #getModules(Path, List, List, List, List, List, List, List, Path, Path)} as a
    * {@link List} of {@link RuleSarif}s.
    *
    * <p>By default, this returns an empty list.

framework/codemodder-base/src/test/java/io/codemodder/CodemodLoaderTest.java

@@ -409,6 +409,7 @@ private CodemodLoader createLoader(final Class<? extends CodeChanger> codemodTyp
         Files.list(dir).toList(),
         Map.of(),
         List.of(),
+        List.of(),
         null,
         null,
         null);
@@ -425,6 +426,7 @@ private CodemodLoader createLoader(
         Files.list(dir).toList(),
         Map.of(),
         List.of(),
+        List.of(),
         null,
         null,
         null);
@@ -446,6 +448,7 @@ private CodemodLoader createLoader(
         params,
         null,
         null,
+        null,
         null);
   }
 }

framework/codemodder-testutils/src/main/java/io/codemodder/testutils/CodemodTestMixin.java

@@ -78,7 +78,8 @@ default Stream<DynamicTest> generateTestCases(@TempDir final Path tmpDir) throws
                 metadata.doRetransformTest(),
                 metadata.expectingFixesAtLines(),
                 metadata.expectingFailedFixesAtLines(),
-                metadata.sonarIssuesJsonFiles());
+                metadata.sonarIssuesJsonFiles(),
+                metadata.sonarHotspotsJsonFiles());
 
     return DynamicTest.stream(inputStream, displayNameGenerator, testExecutor);
   }
@@ -94,7 +95,8 @@ private void verifyCodemod(
       final boolean doRetransformTest,
       final int[] expectedFixLines,
       final int[] expectingFailedFixesAtLines,
-      final String[] sonarIssuesJsonFiles)
+      final String[] sonarIssuesJsonFiles,
+      final String[] sonarHotspotsJsonFiles)
       throws IOException {
 
     // create a copy of the test file in the temp directory to serve as our "repository"
@@ -114,21 +116,10 @@ private void verifyCodemod(
       pathToJavaFile = newPathToJavaFile;
     }
 
-    final List<String> sonarJsons =
-        sonarIssuesJsonFiles != null ? Arrays.asList(sonarIssuesJsonFiles) : new ArrayList<>();
-
-    final List<Path> sonarJsonsPaths =
-        sonarJsons.stream()
-            .map(testResourceDir::resolve)
-            .filter(Files::exists)
-            .collect(Collectors.toList());
-
-    if (sonarJsonsPaths.isEmpty()) {
-      Path defaultPath = testResourceDir.resolve("sonar-issues.json");
-      if (Files.exists(defaultPath)) {
-        sonarJsonsPaths.add(defaultPath);
-      }
-    }
+    final List<Path> sonarIssuesJsonsPaths =
+        buildSonarJsonPaths(testResourceDir, sonarIssuesJsonFiles, "sonar-issues.json");
+    final List<Path> sonarHotspotsJsonPaths =
+        buildSonarJsonPaths(testResourceDir, sonarHotspotsJsonFiles, "sonar-hotspots.json");
 
     // Check for any sarif files and build the RuleSarif map
     CodeDirectory codeDir = CodeDirectory.from(tmpDir);
@@ -155,7 +146,8 @@ private void verifyCodemod(
             List.of(pathToJavaFile),
             map,
             List.of(),
-            sonarJsonsPaths,
+            sonarIssuesJsonsPaths,
+            sonarHotspotsJsonPaths,
             Files.exists(defectDojo) ? defectDojo : null,
             Files.exists(contrastXml) ? contrastXml : null);
 
@@ -243,6 +235,7 @@ private void verifyCodemod(
             List.of(),
             null,
             null,
+            null,
             null);
     CodemodIdPair codemod2 = loader2.getCodemods().get(0);
     CodemodExecutor executor2 =
@@ -270,6 +263,29 @@ private void verifyCodemod(
     assertThat(codeAfterFirstTransform, equalTo(codeAfterSecondTransform));
   }
 
+  private List<Path> buildSonarJsonPaths(
+      final Path testResourceDir,
+      final String[] sonarJsonFiles,
+      final String defaultSonarFilename) {
+    final List<String> sonarJsons =
+        sonarJsonFiles != null ? Arrays.asList(sonarJsonFiles) : new ArrayList<>();
+
+    final List<Path> sonarIssuesJsonsPaths =
+        sonarJsons.stream()
+            .map(testResourceDir::resolve)
+            .filter(Files::exists)
+            .collect(Collectors.toList());
+
+    if (sonarIssuesJsonsPaths.isEmpty()) {
+      Path defaultPath = testResourceDir.resolve(defaultSonarFilename);
+      if (Files.exists(defaultPath)) {
+        sonarIssuesJsonsPaths.add(defaultPath);
+      }
+    }
+
+    return sonarIssuesJsonsPaths;
+  }
+
   /**
    * A hook for verifying the before and after files. By default, this method will compare the
    * contents of the two files for exact equality.

framework/codemodder-testutils/src/main/java/io/codemodder/testutils/Metadata.java

@@ -51,4 +51,7 @@
 
   /** Sonar issues file names for testing multiple json files */
   String[] sonarIssuesJsonFiles() default {};
+
+  /** Sonar hotspots file names for testing multiple json files */
+  String[] sonarHotspotsJsonFiles() default {};
 }

framework/codemodder-testutils/src/main/java/io/codemodder/testutils/RawFileCodemodTest.java

@@ -71,6 +71,7 @@ private void verifySingleCase(
             List.of(),
             null,
             null,
+            null,
             null);
     List<CodemodIdPair> codemods = loader.getCodemods();
     assertThat("Only expecting 1 codemod per test", codemods.size(), equalTo(1));