Reverted default behavior to hardening

Author: andrecsilva

integration_tests/test_dependency_manager.py

@@ -136,7 +136,7 @@ def test_fail_to_add(self, tmp_repo):
         os.chmod(tmp_repo / self.requirements_file, 0o400)
 
         command = [
-            "codemodder_hardening",
+            "codemodder",
             tmp_repo,
             "--output",
             self.output_path,

integration_tests/test_multiple_codemods.py

@@ -25,7 +25,7 @@ def test_two_codemods(self, codemods, tmpdir):
         shutil.copy(pathlib.Path(SAMPLES_DIR) / source_file_name, directory)
 
         command = [
-            "codemodder_hardening",
+            "codemodder",
             directory,
             "--output",
             str(codetf_path),

pyproject.toml

@@ -45,7 +45,7 @@ Repository = "https://github.com/pixee/codemodder-python"
 
 [project.scripts]
 codemodder = "codemodder.codemodder:main"
-codemodder_hardening = "codemodder.codemodder:harden"
+codemodder-remediation = "codemodder.codemodder:remediate"
 generate-docs = 'codemodder.scripts.generate_docs:main'
 get-hashes = 'codemodder.scripts.get_hashes:main'
 

src/codemodder/codemodder.py

@@ -73,7 +73,7 @@ def log_report(context, output, elapsed_ms, files_to_analyze, token_usage):
 def apply_codemods(
     context: CodemodExecutionContext,
     codemods_to_run: Sequence[BaseCodemod],
-    hardening: bool,
+    remediation: bool,
 ) -> TokenUsage:
     log_section("scanning")
     token_usage = TokenUsage()
@@ -90,7 +90,7 @@ def apply_codemods(
     for codemod in codemods_to_run:
         # NOTE: this may be used as a progress indicator by upstream tools
         logger.info("running codemod %s", codemod.id)
-        if codemod_token_usage := codemod.apply(context, hardening):
+        if codemod_token_usage := codemod.apply(context, remediation):
             log_token_usage(f"Codemod {codemod.id}", codemod_token_usage)
             token_usage += codemod_token_usage
 
@@ -136,7 +136,7 @@ def run(
     sast_only: bool = False,
     ai_client: bool = True,
     log_matched_files: bool = False,
-    hardening: bool = False,
+    remediation: bool = False,
 ) -> tuple[CodeTF | None, int, TokenUsage]:
     start = datetime.datetime.now()
 
@@ -208,7 +208,7 @@ def run(
         context.find_and_fix_paths,
     )
 
-    token_usage = apply_codemods(context, codemods_to_run, hardening)
+    token_usage = apply_codemods(context, codemods_to_run, remediation)
 
     elapsed = datetime.datetime.now() - start
     elapsed_ms = int(elapsed.total_seconds() * 1000)
@@ -233,7 +233,7 @@ def run(
     return codetf, 0, token_usage
 
 
-def _run_cli(original_args, hardening=False) -> int:
+def _run_cli(original_args, remediation=False) -> int:
     codemod_registry = registry.load_registered_codemods()
     argv = parse_args(original_args, codemod_registry)
     if not os.path.exists(argv.directory):
@@ -272,8 +272,8 @@ def _run_cli(original_args, hardening=False) -> int:
 
     _, status, _ = run(
         argv.directory,
-        # Force dry-run if not hardening
-        argv.dry_run if hardening else True,
+        # Force dry-run if remediation
+        True if remediation else argv.dry_run,
         argv.output,
         argv.output_format,
         argv.verbose,
@@ -287,22 +287,22 @@ def _run_cli(original_args, hardening=False) -> int:
         codemod_registry=codemod_registry,
         sast_only=argv.sonar_issues_json or argv.sarif,
         log_matched_files=True,
-        hardening=hardening,
+        remediation=remediation,
     )
     return status
 
 
-def harden():
+def main():
     """
     Hardens a project. The application will write all the fixes into the files.
     """
     sys_argv = sys.argv[1:]
-    sys.exit(_run_cli(sys_argv, True))
+    sys.exit(_run_cli(sys_argv))
 
 
-def main():
+def remediate():
     """
     Remediates a project. The application will suggest fix for each separate issue found. No files will be written.
     """
     sys_argv = sys.argv[1:]
-    sys.exit(_run_cli(sys_argv))
+    sys.exit(_run_cli(sys_argv, True))

src/codemodder/codemods/base_codemod.py

@@ -189,7 +189,7 @@ def _apply(
         self,
         context: CodemodExecutionContext,
         rules: list[str],
-        hardening: bool,
+        remediation: bool,
     ) -> None | TokenUsage:
         if self.provider and (
             not (provider := context.providers.get_provider(self.provider))
@@ -228,7 +228,7 @@ def _apply(
             return None
 
         # Do each result independently and outputs the diffs
-        if not hardening:
+        if remediation:
             # gather positional arguments for the map
             resultset_arguments: list[ResultSet | None] = []
             path_arguments = []
@@ -283,7 +283,7 @@ def _apply(
         return None
 
     def apply(
-        self, context: CodemodExecutionContext, hardening: bool = False
+        self, context: CodemodExecutionContext, remediation: bool = False
     ) -> None | TokenUsage:
         """
         Apply the codemod with the given codemod execution context
@@ -300,7 +300,7 @@ def apply(
 
         :param context: The codemod execution context
         """
-        return self._apply(context, [self._internal_name], hardening)
+        return self._apply(context, [self._internal_name], remediation)
 
     def _process_file(
         self,
@@ -399,9 +399,9 @@ def __init__(
             self.requested_rules.extend(requested_rules)
 
     def apply(
-        self, context: CodemodExecutionContext, hardening: bool = False
+        self, context: CodemodExecutionContext, remediation: bool = False
     ) -> None | TokenUsage:
-        return self._apply(context, self.requested_rules, hardening)
+        return self._apply(context, self.requested_rules, remediation)
 
     def get_files_to_analyze(
         self,

src/codemodder/codemods/test/integration_utils.py

@@ -144,7 +144,7 @@ def setup_class(cls):
     def _assert_command_line(self, run, output_path):
         assert run[
             "commandLine"
-        ] == f'codemodder {self.code_dir} --output {output_path} --codemod-include={self.codemod_instance.id} --path-include={self.code_filename} --path-exclude=""' + (
+        ] == f'codemodder-remediation {self.code_dir} --output {output_path} --codemod-include={self.codemod_instance.id} --path-include={self.code_filename} --path-exclude=""' + (
             f" --sonar-issues-json={self.sonar_issues_json}"
             if self.sonar_issues_json
             else ""
@@ -184,7 +184,7 @@ def test_codetf_output(self, codetf_schema):
         """
 
         command = [
-            "codemodder",
+            "codemodder-remediation",
             self.code_dir,
             "--output",
             self.output_path,
@@ -350,7 +350,7 @@ def teardown_class(cls):
     def _assert_command_line(self, run, output_path):
         assert run[
             "commandLine"
-        ] == f'codemodder_hardening {self.code_dir} --output {output_path} --codemod-include={self.codemod_instance.id} --path-include={self.code_filename} --path-exclude=""' + (
+        ] == f'codemodder {self.code_dir} --output {output_path} --codemod-include={self.codemod_instance.id} --path-include={self.code_filename} --path-exclude=""' + (
             f" --sonar-issues-json={self.sonar_issues_json}"
             if self.sonar_issues_json
             else ""
@@ -396,7 +396,7 @@ def test_file_rewritten(self, codetf_schema):
         output files
         """
         command = [
-            "codemodder_hardening",
+            "codemodder",
             self.code_dir,
             "--output",
             self.output_path,

src/codemodder/codemods/test/utils.py

@@ -73,7 +73,6 @@ def run_and_assert(
 
         path_exclude = [f"{tmp_file_path}:{line}" for line in lines_to_exclude or []]
 
-        print(expected_diff_per_change)
         self.execution_context = CodemodExecutionContext(
             directory=root,
             dry_run=True if expected_diff_per_change else False,
@@ -85,7 +84,10 @@ def run_and_assert(
             path_exclude=path_exclude,
         )
 
-        self.codemod.apply(self.execution_context)
+        self.codemod.apply(
+            self.execution_context,
+            remediation=True if expected_diff_per_change else False,
+        )
         changes = self.execution_context.get_changesets(self.codemod.id)
 
         self.changeset = changes
@@ -219,7 +221,6 @@ def run_and_assert(
 
         path_exclude = [f"{tmp_file_path}:{line}" for line in lines_to_exclude or []]
 
-        print(expected_diff_per_change)
         self.execution_context = CodemodExecutionContext(
             directory=root,
             dry_run=True if expected_diff_per_change else False,
@@ -232,7 +233,10 @@ def run_and_assert(
             path_exclude=path_exclude,
         )
 
-        self.codemod.apply(self.execution_context)
+        self.codemod.apply(
+            self.execution_context,
+            remediation=True if expected_diff_per_change else False,
+        )
         changes = self.execution_context.get_changesets(self.codemod.id)
 
         if input_code == expected:

src/core_codemods/defectdojo/api.py

@@ -76,11 +76,11 @@ def from_core_codemod(
     def apply(
         self,
         context: CodemodExecutionContext,
-        hardening: bool = False,
+        remediation: bool = False,
     ) -> None:
         self._apply(
             context,
             # We know this has a tool because we created it with `from_core_codemod`
             cast(ToolMetadata, self._metadata.tool).rule_ids,
-            hardening,
+            remediation,
         )

tests/codemods/test_base_codemod.py

@@ -81,7 +81,7 @@ def test_core_codemod_filter_apply_by_extension(mocker, ext, call_count):
         Path("file2.py"),
     ]
 
-    codemod.apply(context, hardening=True)
+    codemod.apply(context)
 
     assert process_file.call_count == call_count