🎨 Apply Prettier Formatting

.github/workflows/deploy.yml

@@ -39,4 +39,4 @@ jobs:
           git config --global user.email "[email protected]"
           git config --global user.name "gh-actions"
           yarn install --frozen-lockfile
-          yarn deploy
+          yarn deploy

.github/workflows/status.yml

@@ -4,22 +4,22 @@ on:
   workflow_dispatch:
     inputs:
       install:
-        description: 'App Installation'
+        description: "App Installation"
         type: boolean
         required: true
         default: true
       repo:
-        description: 'Repository Review'
+        description: "Repository Review"
         type: boolean
         required: true
         default: true
       pr:
-        description: 'Pull Request Review'
+        description: "Pull Request Review"
         type: boolean
         required: true
         default: true
       command:
-        description: 'Comment Commands'
+        description: "Comment Commands"
         type: boolean
         required: true
         default: true
@@ -45,4 +45,4 @@ jobs:
         uses: ad-m/github-push-action@master
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
-          branch: ${{ github.ref }}
+          branch: ${{ github.ref }}

README.md

@@ -44,5 +44,3 @@ $ GIT_USER=<Your GitHub username> yarn deploy
 ```
 
 If you are using GitHub pages for hosting, this command is a convenient way to build the website and push to the `gh-pages` branch.
-
-

babel.config.js

@@ -1,3 +1,3 @@
 module.exports = {
-  presets: [require.resolve('@docusaurus/core/lib/babel/preset')],
+  presets: [require.resolve("@docusaurus/core/lib/babel/preset")],
 };

docs/codemods/java/codeql_java_database-resource-leak.md

@@ -3,11 +3,11 @@ title: "Prevent database resource leaks (CodeQL)"
 sidebar_position: 1
 ---
 
-## codeql:java/database-resource-leak 
+## codeql:java/database-resource-leak
 
-| Importance  | Review Guidance      | Requires Scanning Tool |
-|-------------|----------------------|------------------------|
-| MEDIUM | Merge Without Review | Yes (CodeQL)     |
+| Importance | Review Guidance      | Requires Scanning Tool |
+| ---------- | -------------------- | ---------------------- |
+| MEDIUM     | Merge Without Review | Yes (CodeQL)           |
 
 This change adds [try-with-resources](https://docs.oracle.com/javase/tutorial/essential/exceptions/tryResourceClose.html) to JDBC code to prevent database resources from being leaked, which could lead to denial-of-service conditions like connection pool or file handle exhaustion.
 
@@ -29,10 +29,8 @@ Our changes look something like this:
 
 This codemod causes database resources to be cleaned up immediately after use instead of at garbage collection time, and we don't believe this change entails any risk.
 
-
-
-
 ## References
- * [https://codeql.github.com/codeql-query-help/java/java-database-resource-leak/](https://codeql.github.com/codeql-query-help/java/java-database-resource-leak/)
- * [https://cwe.mitre.org/data/definitions/404.html](https://cwe.mitre.org/data/definitions/404.html)
- * [https://cwe.mitre.org/data/definitions/772.html](https://cwe.mitre.org/data/definitions/772.html)
+
+- [https://codeql.github.com/codeql-query-help/java/java-database-resource-leak/](https://codeql.github.com/codeql-query-help/java/java-database-resource-leak/)
+- [https://cwe.mitre.org/data/definitions/404.html](https://cwe.mitre.org/data/definitions/404.html)
+- [https://cwe.mitre.org/data/definitions/772.html](https://cwe.mitre.org/data/definitions/772.html)

docs/codemods/java/codeql_java_input-resource-leak.md

@@ -3,11 +3,11 @@ title: "Prevent resource leaks (CodeQL)"
 sidebar_position: 1
 ---
 
-## codeql:java/input-resource-leak 
+## codeql:java/input-resource-leak
 
-| Importance  | Review Guidance      | Requires Scanning Tool |
-|-------------|----------------------|------------------------|
-| MEDIUM | Merge Without Review | Yes (CodeQL)     |
+| Importance | Review Guidance      | Requires Scanning Tool |
+| ---------- | -------------------- | ---------------------- |
+| MEDIUM     | Merge Without Review | Yes (CodeQL)           |
 
 This change adds [try-with-resources](https://docs.oracle.com/javase/tutorial/essential/exceptions/tryResourceClose.html) to code to prevent resources from being leaked, which could lead to denial-of-service conditions like connection pool or file handle exhaustion.
 
@@ -27,8 +27,8 @@ Our changes look something like this:
 
 This codemod causes resources to be cleaned up immediately after use instead of at garbage collection time, and we don't believe this change entails any risk.
 
-
 ## References
- * [https://codeql.github.com/codeql-query-help/java/java-input-resource-leak/](https://codeql.github.com/codeql-query-help/java/java-input-resource-leak/)
- * [https://cwe.mitre.org/data/definitions/404.html](https://cwe.mitre.org/data/definitions/404.html)
- * [https://cwe.mitre.org/data/definitions/772.html](https://cwe.mitre.org/data/definitions/772.html)
+
+- [https://codeql.github.com/codeql-query-help/java/java-input-resource-leak/](https://codeql.github.com/codeql-query-help/java/java-input-resource-leak/)
+- [https://cwe.mitre.org/data/definitions/404.html](https://cwe.mitre.org/data/definitions/404.html)
+- [https://cwe.mitre.org/data/definitions/772.html](https://cwe.mitre.org/data/definitions/772.html)

docs/codemods/java/codeql_java_insecure-cookie.md

@@ -3,11 +3,11 @@ title: "Added secure flag to HTTP cookies (CodeQL)"
 sidebar_position: 1
 ---
 
-## codeql:java/insecure-cookie 
+## codeql:java/insecure-cookie
 
-| Importance  | Review Guidance      | Requires Scanning Tool |
-|-------------|----------------------|------------------------|
-| LOW | Merge Without Review | Yes (CodeQL)     |
+| Importance | Review Guidance      | Requires Scanning Tool |
+| ---------- | -------------------- | ---------------------- |
+| LOW        | Merge Without Review | Yes (CodeQL)           |
 
 This change marks new cookies sent in the HTTP with the ["secure" flag](https://owasp.org/www-community/controls/SecureCookieAttribute). This flag, despite its ambitious name, only provides one type of protection: confidentiality. Cookies with this flag are guaranteed by the browser never to be sent over a cleartext channel ("http://") and only sent over secure channels ("https://").
 
@@ -27,9 +27,9 @@ Note: this code change **may cause issues** with the application if any of the p
 
 This code change may cause issues with the application if any of the places this code runs (in CI, pre-production or in production) are running over plaintext HTTP.
 
-
 ## References
- * [https://codeql.github.com/codeql-query-help/java/java-insecure-cookie/](https://codeql.github.com/codeql-query-help/java/java-insecure-cookie/)
- * [https://owasp.org/www-community/controls/SecureCookieAttribute](https://owasp.org/www-community/controls/SecureCookieAttribute)
- * [https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies)
- * [https://cwe.mitre.org/data/definitions/614.html](https://cwe.mitre.org/data/definitions/614.html)
+
+- [https://codeql.github.com/codeql-query-help/java/java-insecure-cookie/](https://codeql.github.com/codeql-query-help/java/java-insecure-cookie/)
+- [https://owasp.org/www-community/controls/SecureCookieAttribute](https://owasp.org/www-community/controls/SecureCookieAttribute)
+- [https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies)
+- [https://cwe.mitre.org/data/definitions/614.html](https://cwe.mitre.org/data/definitions/614.html)

docs/codemods/java/codeql_java_jexl-expression-injection.md

@@ -3,11 +3,11 @@ title: "Expression language injection (JEXL) (CodeQL)"
 sidebar_position: 1
 ---
 
-## codeql:java/jexl-expression-injection 
+## codeql:java/jexl-expression-injection
 
-| Importance  | Review Guidance      | Requires Scanning Tool |
-|-------------|----------------------|------------------------|
-| MEDIUM | Merge Without Review | Yes (CodeQL)     |
+| Importance | Review Guidance      | Requires Scanning Tool |
+| ---------- | -------------------- | ---------------------- |
+| MEDIUM     | Merge Without Review | Yes (CodeQL)           |
 
 This change adds [a sandbox](https://commons.apache.org/proper/commons-jexl/apidocs/org/apache/commons/jexl3/introspection/JexlSandbox.html) to JEXL expression evaluation. This sandbox prevents access to many types that don't appear in typical usage, but are very common in exploits.
 
@@ -29,9 +29,9 @@ Our changes look something like this:
   expression.evaluate(context);
 ```
 
-
 ## References
- * [https://codeql.github.com/codeql-query-help/java/java-jexl-expression-injection/](https://codeql.github.com/codeql-query-help/java/java-jexl-expression-injection/)
- * [https://commons.apache.org/proper/commons-jexl/apidocs/org/apache/commons/jexl3/introspection/JexlSandbox.html](https://commons.apache.org/proper/commons-jexl/apidocs/org/apache/commons/jexl3/introspection/JexlSandbox.html)
- * [https://cwe.mitre.org/data/definitions/693.html](https://cwe.mitre.org/data/definitions/693.html)
- * [https://cwe.mitre.org/data/definitions/94.html](https://cwe.mitre.org/data/definitions/94.html)
+
+- [https://codeql.github.com/codeql-query-help/java/java-jexl-expression-injection/](https://codeql.github.com/codeql-query-help/java/java-jexl-expression-injection/)
+- [https://commons.apache.org/proper/commons-jexl/apidocs/org/apache/commons/jexl3/introspection/JexlSandbox.html](https://commons.apache.org/proper/commons-jexl/apidocs/org/apache/commons/jexl3/introspection/JexlSandbox.html)
+- [https://cwe.mitre.org/data/definitions/693.html](https://cwe.mitre.org/data/definitions/693.html)
+- [https://cwe.mitre.org/data/definitions/94.html](https://cwe.mitre.org/data/definitions/94.html)

docs/codemods/java/codeql_java_maven_non-https-url.md

@@ -3,11 +3,11 @@ title: "Failure to use HTTPS or SFTP URL in Maven artifact upload/download (Code
 sidebar_position: 1
 ---
 
-## codeql:java/maven/non-https-url 
+## codeql:java/maven/non-https-url
 
-| Importance  | Review Guidance      | Requires Scanning Tool |
-|-------------|----------------------|------------------------|
-| MEDIUM | Merge Without Review | Yes (CodeQL)     |
+| Importance | Review Guidance      | Requires Scanning Tool |
+| ---------- | -------------------- | ---------------------- |
+| MEDIUM     | Merge Without Review | Yes (CodeQL)           |
 
 This change replaces any HTTP URLs found in `<repository>` definitions with HTTPS URLs. Without this change, Maven will make requests to either publish or retrieve artifacts over a plaintext channel.
 
@@ -30,8 +30,8 @@ Our changes look something like this:
   </project>
 ```
 
-
 ## References
- * [https://codeql.github.com/codeql-query-help/java/java-maven-non-https-url](https://codeql.github.com/codeql-query-help/java/java-maven-non-https-url)
- * [https://cwe.mitre.org/data/definitions/494.html](https://cwe.mitre.org/data/definitions/494.html)
- * [https://en.wikipedia.org/wiki/Man-in-the-middle_attack](https://en.wikipedia.org/wiki/Man-in-the-middle_attack)
+
+- [https://codeql.github.com/codeql-query-help/java/java-maven-non-https-url](https://codeql.github.com/codeql-query-help/java/java-maven-non-https-url)
+- [https://cwe.mitre.org/data/definitions/494.html](https://cwe.mitre.org/data/definitions/494.html)
+- [https://en.wikipedia.org/wiki/Man-in-the-middle_attack](https://en.wikipedia.org/wiki/Man-in-the-middle_attack)

docs/codemods/java/codeql_java_missing-jwt-signature-check.md

@@ -3,11 +3,11 @@ title: "Switch JWT calls to versions that enforce signature validity (CodeQL)"
 sidebar_position: 1
 ---
 
-## codeql:java/missing-jwt-signature-check 
+## codeql:java/missing-jwt-signature-check
 
-| Importance  | Review Guidance      | Requires Scanning Tool |
-|-------------|----------------------|------------------------|
-| MEDIUM | Merge Without Review | Yes (CodeQL)     |
+| Importance | Review Guidance      | Requires Scanning Tool |
+| ---------- | -------------------- | ---------------------- |
+| MEDIUM     | Merge Without Review | Yes (CodeQL)           |
 
 This change switches to Json Web Token (JWT) parsing APIs that perform signature validation.
 
@@ -22,7 +22,7 @@ Changing out these methods is easy and our changes look something like this:
 + Jwt<Header, Claims> jwt = jwtParser.parseClaimsJwt(token);
 ```
 
-
 ## References
- * [https://codeql.github.com/codeql-query-help/java/java-missing-jwt-signature-check/](https://codeql.github.com/codeql-query-help/java/java-missing-jwt-signature-check/)
- * [https://cwe.mitre.org/data/definitions/347.html](https://cwe.mitre.org/data/definitions/347.html)
+
+- [https://codeql.github.com/codeql-query-help/java/java-missing-jwt-signature-check/](https://codeql.github.com/codeql-query-help/java/java-missing-jwt-signature-check/)
+- [https://cwe.mitre.org/data/definitions/347.html](https://cwe.mitre.org/data/definitions/347.html)

docs/codemods/java/codeql_java_output-resource-leak.md

@@ -3,11 +3,11 @@ title: "Prevent resource leaks (CodeQL)"
 sidebar_position: 1
 ---
 
-## codeql:java/output-resource-leak 
+## codeql:java/output-resource-leak
 
-| Importance  | Review Guidance      | Requires Scanning Tool |
-|-------------|----------------------|------------------------|
-| MEDIUM | Merge Without Review | Yes (CodeQL)     |
+| Importance | Review Guidance      | Requires Scanning Tool |
+| ---------- | -------------------- | ---------------------- |
+| MEDIUM     | Merge Without Review | Yes (CodeQL)           |
 
 This change adds [try-with-resources](https://docs.oracle.com/javase/tutorial/essential/exceptions/tryResourceClose.html) to code to prevent resources from being leaked, which could lead to denial-of-service conditions like connection pool or file handle exhaustion.
 
@@ -16,13 +16,13 @@ Our changes look something like this:
 ```diff
 - BufferedWriter bw = new BufferedWriter(new FileWriter("C:\\test.txt"));
 - bw.write("Hello world!");
-+ try(FileWriter input = new FileWriter("C:\\test.txt")); BufferedWriter bw = new BufferedWriter(input)){ 
++ try(FileWriter input = new FileWriter("C:\\test.txt")); BufferedWriter bw = new BufferedWriter(input)){
 +   bw.write("Hello world!");
 + }
 ```
 
-
 ## References
- * [https://codeql.github.com/codeql-query-help/java/java-output-resource-leak/](https://codeql.github.com/codeql-query-help/java/java-output-resource-leak/)
- * [https://cwe.mitre.org/data/definitions/404.html](https://cwe.mitre.org/data/definitions/404.html)
- * [https://cwe.mitre.org/data/definitions/772.html](https://cwe.mitre.org/data/definitions/772.html)
+
+- [https://codeql.github.com/codeql-query-help/java/java-output-resource-leak/](https://codeql.github.com/codeql-query-help/java/java-output-resource-leak/)
+- [https://cwe.mitre.org/data/definitions/404.html](https://cwe.mitre.org/data/definitions/404.html)
+- [https://cwe.mitre.org/data/definitions/772.html](https://cwe.mitre.org/data/definitions/772.html)

docs/codemods/java/codeql_java_stack-trace-exposure.md

@@ -3,11 +3,11 @@ title: "Prevent information leak of stack trace details to HTTP responses (CodeQ
 sidebar_position: 1
 ---
 
-## codeql:java/stack-trace-exposure 
+## codeql:java/stack-trace-exposure
 
-| Importance  | Review Guidance      | Requires Scanning Tool |
-|-------------|----------------------|------------------------|
-| MEDIUM | Merge Without Review | Yes (CodeQL)     |
+| Importance | Review Guidance      | Requires Scanning Tool |
+| ---------- | -------------------- | ---------------------- |
+| MEDIUM     | Merge Without Review | Yes (CodeQL)           |
 
 This change prevents stack trace information from reaching the HTTP response, which could leak code internals to an attacker and aid in further profiling and attacks.
 
@@ -24,8 +24,8 @@ Switching to a safe signature that doesn't leak anything is easy and the changes
   }
 ```
 
-
 ## References
- * [https://codeql.github.com/codeql-query-help/java/java-stack-trace-exposure/](https://codeql.github.com/codeql-query-help/java/java-stack-trace-exposure/)
- * [https://cwe.mitre.org/data/definitions/209.html](https://cwe.mitre.org/data/definitions/209.html)
- * [https://cwe.mitre.org/data/definitions/497.html](https://cwe.mitre.org/data/definitions/497.html)
+
+- [https://codeql.github.com/codeql-query-help/java/java-stack-trace-exposure/](https://codeql.github.com/codeql-query-help/java/java-stack-trace-exposure/)
+- [https://cwe.mitre.org/data/definitions/209.html](https://cwe.mitre.org/data/definitions/209.html)
+- [https://cwe.mitre.org/data/definitions/497.html](https://cwe.mitre.org/data/definitions/497.html)

docs/codemods/java/pixee_java_add-clarifying-braces.md

@@ -3,15 +3,16 @@ title: "Add clarifying braces to misleading code"
 sidebar_position: 1
 ---
 
-## pixee:java/add-clarifying-braces 
+## pixee:java/add-clarifying-braces
 
-| Importance  | Review Guidance      | Requires Scanning Tool |
-|-------------|----------------------|------------------------|
-| HIGH | Merge Without Review | No     |
+| Importance | Review Guidance      | Requires Scanning Tool |
+| ---------- | -------------------- | ---------------------- |
+| HIGH       | Merge Without Review | No                     |
 
 This change adds clarifying braces to misleading code blocks that look like they may be executing unintended code.
 
 Consider the following code:
+
 ```java
 if (isAdmin)
   doFirstThing();
@@ -21,23 +22,24 @@ if (isAdmin)
 Although the code formatting makes it look like `doSecondThing()` only executes if `isAdmin` is true, it actually executes regardless of the value of the condition. This pattern of not having curly braces in combination with misaligned indentation leads to security bugs, including the famous [Apple iOS goto fail bug](https://www.synopsys.com/blogs/software-security/understanding-apple-goto-fail-vulnerability-2/) from their SSL library which allowed attackers to intercept and modify encrypted traffic.
 
 This codemod will add braces to control flow statements to make the code more clear, but only in situations in which there is confusing formatting. Our changes look something like this:
+
 ```diff
 - if (isAdmin)
 + if (isAdmin) {
     doFirstThing();
-+ }    
++ }
     doSecondThing();
 ```
 
-Note that these changes illuminate situations in which there may be bugs and help make the control flow more clear. 
+Note that these changes illuminate situations in which there may be bugs and help make the control flow more clear.
 
 ## F.A.Q.
 
 ### Why is this codemod marked as Merge Without Review?
 
 The intention of the changes introduced by this codemod is to illuminate situations where they may be bugs and format the code to make it more clear. Therefore, we invite review of this codemod's output not to double check the changed logic, but to see if any bugs have been found.
 
-
 ## References
- * [https://cwe.mitre.org/data/definitions/483.html](https://cwe.mitre.org/data/definitions/483.html)
- * [https://www.synopsys.com/blogs/software-security/understanding-apple-goto-fail-vulnerability-2/](https://www.synopsys.com/blogs/software-security/understanding-apple-goto-fail-vulnerability-2/)
+
+- [https://cwe.mitre.org/data/definitions/483.html](https://cwe.mitre.org/data/definitions/483.html)
+- [https://www.synopsys.com/blogs/software-security/understanding-apple-goto-fail-vulnerability-2/](https://www.synopsys.com/blogs/software-security/understanding-apple-goto-fail-vulnerability-2/)