More docs cleanup and modernization

docs/code-scanning-tools/_category_.json

@@ -1,5 +1,5 @@
 {
-  "label": "Code scanning tool remediation",
+  "label": "Code scanner support",
   "position": 4,
   "link": {
     "type": "doc",

docs/code-scanning-tools/codeql.md

@@ -5,6 +5,8 @@ sidebar_position: 4
 
 # CodeQL
 
-Pixee can automatically fix issues detected by [CodeQL](https://codeql.github.com/).
+Pixee can automatically fix and triage issues detected by [CodeQL](https://codeql.github.com/).
 
-No setup is required for GitHub Advanced Security users to receive fixes from CodeQL results that are uploaded as Code Scanning alerts.
+# GitHub Advanced Security
+
+No setup is required for GitHub Advanced Security (GHAS) users to receive fixes from CodeQL results that are uploaded as Code Scanning alerts. Triage for GHAS is best experienced through [our dashboard](https://app.pixee.ai).

docs/code-scanning-tools/contrast.md

@@ -0,0 +1,10 @@
+---
+title: "Contrast (IAST)"
+sidebar_position: 4
+---
+
+# Snyk Code
+
+Pixee can automatically fix and triage issues detected by [Contrast Assess (IAST)](https://contrastsecurity.com/).
+
+Use the [pixee/upload-tool-results-action](https://github.com/pixee/upload-tool-results-action) GitHub Action to synchronize Contrast findings with Pixee.

docs/code-scanning-tools/overview.md

@@ -2,33 +2,18 @@
 sidebar_position: 4
 ---
 
-# Code Scanning Tool Fixes
+# Code Scanner support
 
-Pixee automatically triages and fixes issues detected by code scanning tools when synced with the results of those scans. This page explains how to integrate code scanning tools with Pixee, so that Pixee may triage and fix the issues those tools find.
-
-# Supported Languages
-
-Pixee can fix issues in Java and Python repositories "out of the box" without a code scanner integration. But, you'll get the most value out of Pixee by connecting it to your existing code scanning tools and services. This will allow Pixee to provide more accurate and relevant fixes for your codebase and to triage findings from those tools.
-
-When triaging and fixing issues detected by code scanning tools, Pixee supports the following languages:
-
-- Java
-- Python
-- C#/.NET
-- JavaScript
-- TypeScript
-- Node.js
-
-We are continuously working on expanding our language support. If you need support for a language not listed here, please [contact us](https://pixee.ai/demo-landing-page).
+Pixee automatically triages and fixes issues detected by code scanning tools when synced with the results of those scans. This page explains how to integrate code scanning tools with Pixee.
 
 # Supported Tools
 
-- [Sonar, SonarCloud, SonarQube](/code-scanning-tools/sonar)
+- [Sonar (SonarCloud and SonarQube)](/code-scanning-tools/sonar)
 - [Semgrep](/code-scanning-tools/semgrep)
 - [CodeQL](/code-scanning-tools/codeql)
-- Snyk
-- Contrast Security
-- HCL AppScan
+- [Snyk](/code-scanning-tools/snyk)
+- [Contrast Security](/code-scanning-tools/codeql)
+- [HCL AppScan](/code-scanning-tools/codeql)
 - Checkmarx (beta)
 
 # Supported Rules
@@ -45,9 +30,9 @@ Pixee can triage and fix a wide range of security issues detected by code scanni
 - Insecure Configuration
 - Sensitive Data Logging
 - Detailed Error Messages
-- ... and many more
+- ... and many more!
 
-In addition, Pixee can triage and fix a variety of language-specific code issues.
+In addition, Pixee can triage and fix a variety of language-specific and code quality issues, too!
 
 For detailed information about supported rules, or to request additional rule coverage, please [contact us](https://pixee.ai/demo-landing-page).
 

docs/code-scanning-tools/semgrep.md

@@ -7,4 +7,10 @@ sidebar_position: 3
 
 Pixee can automatically triage and fix issues detected by [Semgrep](https://semgrep.dev/).
 
-No setup is required for GitHub Advanced Security users to receive fixes from Semgrep results that are uploaded as Code Scanning alerts.
+# GitHub Advanced Security
+
+No setup is required for GitHub Advanced Security (GHAS) users to receive fixes from Semgrep results that are uploaded as Code Scanning alerts.
+
+# Others
+
+Use the [pixee/upload-tool-results-action](https://github.com/pixee/upload-tool-results-action) GitHub Action to synchronize Semgrep findings with Pixee.

docs/code-scanning-tools/snyk.md

@@ -0,0 +1,16 @@
+---
+title: "Snyk Code"
+sidebar_position: 4
+---
+
+# Snyk Code
+
+Pixee can automatically fix and triage issues detected by [Snyk Code](https://snyk.io/).
+
+# GitHub Advanced Security
+
+No setup is required for GitHub Advanced Security (GHAS) users to receive fixes from Snyk results that are uploaded as Code Scanning alerts. Triage for GHAS is best experienced through [our dashboard](https://app.pixee.ai).
+
+# Others
+
+Use the [pixee/upload-tool-results-action](https://github.com/pixee/upload-tool-results-action) GitHub Action to synchronize Snyk Code findings with Pixee.

docs/faqs.md

@@ -28,9 +28,9 @@ Each party agrees to hold data and confidential information of the other party i
 
 Pixee works directly with your repositories through pull/merge requests, so you decide when and if you want to accept changes suggested by Pixee. You can find suggestions made by Pixee in the [Pixee Dashboard](https://app.pixee.ai/) as well as your repository's GitHub.com pull requests page. Also, Pixee [cryptographically signs every commit](https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work), which means changes suggested by Pixee are guaranteed to have come from Pixee, were not modified after the fact and are [verified by GitHub](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification).
 
-### Does Pixee work with CodeQL?
+### You said Pixee supports rule X for language Y, but I don't see a fix available. What gives?
 
-Yes! Pixee can help you address issues discovered by [CodeQL](https://docs.github.com/en/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning-with-codeql) and [GitHub Advanced Security](https://docs.github.com/en/get-started/learning-about-github/about-github-advanced-security). For GitHub users, use the [GitHub provided action](https://github.com/github/codeql-action) to trigger CodeQL analysis against your default branch and Pixee will take it from there. If CodeQL discovers issues Pixee can fix, you'll see a pull request from Pixee with suggested changes to your code. Check out our [docs page](code-scanning-tools/codeql) for more information about the types of CodeQL findings Pixee can fix.
+Some "shapes" of vulnerable code may not be fixable in a safe way, or recognized by our remediation logic. Please file a ticket if this happens and you think we should fix it! Providing an anonymized code sample and security finding will help us a lot.
 
 ### How can I apply automatic formatting to PRs generated by Pixee?
 

docs/installing.md

@@ -11,13 +11,13 @@ To try Pixee, visit our [GitHub App page](https://github.com/apps/pixeebot/). Fr
 
 See the [Preferences](/configuring) page for information on how to configure Pixee to suit your needs.
 
-## Pixee Enterprise Server
+## Self-Hosted
 
-Pixee offers self-hosted options for organizations that require additional security or compliance measures. To learn more about Pixee self-hosted solutions, please [contact us](https://pixee.ai/demo-landing-page).
+Pixee offers a self-hosted Pixee Enterprise Server for organizations that require additional security or compliance measures. To learn more about Pixee self-hosted solutions, please [contact us](https://pixee.ai/demo-landing-page).
 
 Also [contact us](https://pixee.ai/demo-landing-page) if you want to partner as early customers for other SCMs, including GitLab, Bitbucket, or Azure DevOps.
 
-## Tool Connections
+## Tool connections
 
 Pixee can provide fixes "out of the box" for Java and Python repositories. But you'll get the most value out of Pixee by [connecting it to your existing code scanning tools and services](/code-scanning-tools/overview). This will allow Pixee to provide more accurate and relevant fixes for your codebase.
 

docs/intro.md

@@ -6,9 +6,7 @@ sidebar_position: 1
 
 Pixee is your automated product security engineer.
 
-Pixee triages and fixes issues detected by your [code scanning tools](/code-scanning-tools/overview). To make the fix, we'll send you a pull request.
-
-Pixee is powered by the open-source [codemodder framework](https://codemodder.io/). These codemods power Pixee's fixes, and are continuously updated to ensure Pixee's recommendations align with industry standards and best practices.
+Pixee triages and fixes issues detected by your [code scanning tools](/code-scanning-tools/overview). To make the fixes, we send you pull requests, just like your other team members.
 
 ### How does Pixee help me?
 
@@ -27,12 +25,14 @@ Pixee can triage and fix a wide range of security issues detected by code scanni
 - XML External Entities (XXE)
 - Insecure Cookie Handling
 - Command Injection
+- JNDI Injection
+- Reflection Injection
 - Insecure Configuration
 - ... and many more!
 
 ### How can I test Pixee?
 
-Pixee is most easily tried as a GitHub App on the [GitHub Marketplace](https://github.com/apps/pixeebot/). We provide a free tier on our cloud offering that can be installed on any public or private repository. After adding Pixee, you need to get some code scanning results to show a breadth of fixes available. To do that, try adding [SonarCloud](https://www.sonarsource.com/products/sonarcloud/) to it. This is a great way to get started with Pixee and see how it can help to harden and secure your code, and triage your code scanner alerts.
+Pixee is most easily tried as a GitHub App on the [GitHub Marketplace](https://github.com/apps/pixeebot/). We provide a free tier on our cloud offering that can be installed on any public or private repository. After adding Pixee, you need to get some code scanning results to show the breadth of fixes available. To do that, try adding [SonarCloud](https://www.sonarsource.com/products/sonarcloud/) to it. This is a great way to get started with Pixee and see how it can help to harden and secure your code, and triage your code scanner alerts.
 
 If you need a repository to test with, we recommend trying Pixee out with a deliberately insecure application. Template repositories containing Java and Python test applications are available in PixeeSandbox: [https://github.com/PixeeSandbox](https://github.com/PixeeSandbox).
 
@@ -42,10 +42,6 @@ For additional details, see the [Installation](/installing) page.
 
 Pixee also supports self-hosted deployments for organizations that require additional security or compliance measures. To learn more about Pixee self-hosted solutions, please [contact us](https://pixee.ai/demo-landing-page).
 
-### What environment & languages does Pixee support?
-
-Pixee supports a wide variety of languages and code scanning tools. For a full list of supported languages, tools, and rules, see the [Code Scanning Tools](/code-scanning-tools/overview) page.
-
 ### What does Pixee cost?
 
 Please see https://www.pixee.ai/pricing.

docs/languages.md

@@ -0,0 +1,18 @@
+---
+sidebar_position: 3
+---
+
+# Language support
+
+Pixee can fix issues in Java and Python repositories "out of the box" without a code scanner integration. But, you'll get the most value out of Pixee by connecting it to your existing code scanning tools. This will allow Pixee to provide more accurate and relevant fixes for your codebase and to triage findings from those tools.
+
+When triaging and fixing issues detected by code scanning tools, Pixee supports the following languages:
+
+- Java
+- Python
+- C#/.NET
+- JavaScript
+- TypeScript
+- Node.js
+
+We are continuously working on expanding our language support. If you need support for a language not listed here, please [contact us](https://pixee.ai/demo-landing-page).

docs/open-pixee.md

@@ -5,15 +5,15 @@ title: Open source
 
 # Open Source
 
-Pixee believes in open source. We leverage tools from the community and strive to contribute where there are gaps and where we can provide unique solutions.
+Pixee believes in open source! We leverage tools from the community and strive to give back when possible.
 
 ## Codemodder
 
 The fixes we make in Pixee are powered by our open source (and open format!) project called [Codemodder](https://codemodder.io) -- check it out!
 
 ## Contributions
 
-We've made contributions to the following OSS projects, either directly or as users of Pixee:
+We've made contributions to the following OSS projects, either directly, or as part of being Pixee free tier users:
 
 - [JavaParser](https://github.com/javaparser/javaparser) (we're a sponsor as well!)
 - [LibCST](https://github.com/Instagram/LibCST/)
@@ -22,3 +22,4 @@ We've made contributions to the following OSS projects, either directly or as us
 - [JUnit](https://github.com/junit-team)
 - [Spring Framework](https://github.com/spring-projects/spring-framework)
 - [StirlingPDF](https://github.com/Stirling-Tools/Stirling-PDF)
+- ... and more!

docs/release-notes.md

@@ -4,9 +4,7 @@ sidebar_position: 8
 
 # Release notes
 
-We're working hard to bring you new features, enhancements, and reliability to the Pixee Platform. We'd ❤️ to hear from you. Drop us a note at [[email protected]](mailto:[email protected])!
-
-We've made some changes to how we do releases, and aren't recording our release notes here anymore, but left this here for posterity! We hope to bring our release notes back here soon.
+We're working hard to bring you new features, enhancements, and reliability to Pixee. But, we've made some changes to how we do releases, and aren't recording our release notes here anymore. We have left this here for posterity! We hope to bring our release notes back here soon.
 
 ## April 19, 2024
 

src/components/HomepageFeatures/index.js

@@ -69,6 +69,8 @@ export default function HomepageFeatures() {
           </p>
         </div>
       </div>
+      <br />
+      <br />
     </>
   );
 }