Honor new combined Sonar flag

core-codemods/src/test/java/io/codemodder/codemods/AddMissingI18nCodemodTest.java

@@ -254,7 +254,6 @@ private CodemodLoader createLoader(final Class<? extends CodeChanger> codemodTyp
         Files.list(dir).toList(),
         Map.of(),
         List.of(),
-        List.of(),
         null,
         null,
         null);

core-codemods/src/test/java/io/codemodder/codemods/JSPScriptletXSSCodemodTest.java

@@ -50,7 +50,6 @@ void it_fixes_jsp(
             List.of(jsp),
             Map.of(),
             List.of(),
-            List.of(),
             null,
             null,
             null);

core-codemods/src/test/java/io/codemodder/codemods/VerbTamperingCodemodTest.java

@@ -60,7 +60,6 @@ void it_removes_verb_tampering(
             List.of(webxml),
             Map.of(),
             List.of(),
-            List.of(),
             null,
             null,
             null);

core-codemods/src/test/java/io/codemodder/codemods/sonar/AddMissingOverrideCodemodTest.java

@@ -8,5 +8,5 @@
     testResourceDir = "add-missing-override-s1161",
     renameTestFile = "src/main/java/SqlInjectionLesson10b.java",
     dependencies = {},
-    sonarIssuesJsonFiles = {"sonar-issues_1.json", "sonar-issues_2.json"})
+    sonarJsonFiles = {"sonar-issues_1.json", "sonar-issues_2.json"})
 final class AddMissingOverrideCodemodTest implements CodemodTestMixin {}

framework/codemodder-base/src/main/java/io/codemodder/CLI.java

@@ -116,25 +116,18 @@ final class CLI implements Callable<Integer> {
   private String projectName;
 
   @CommandLine.Option(
-      names = {"--sonar-issues-json"},
+      names = {"--sonar-json"},
       description =
-          "comma-separated set of path(s) to file(s) containing the result of a call to the Sonar Web API Issues endpoint",
+          "comma-separated set of path(s) to file(s) containing the result of a call to the Sonar Web API Issues or Hotspots endpoint (or both such files merged together)",
       split = ",")
-  private List<String> sonarIssuesJsonFilePaths;
+  private List<String> sonarJsons;
 
   @CommandLine.Option(
       names = {"--defectdojo-findings-json"},
       description =
           "a path to a file containing the result of a call to the DefectDojo v2 Findings API endpoint")
   private Path defectDojoFindingsJsonFilePath;
 
-  @CommandLine.Option(
-      names = {"--sonar-hotspots-json"},
-      description =
-          "comma-separated set of path(s) to file(s) containing the result of a call to the Sonar Web API Hotspots endpoint",
-      split = ",")
-  private List<String> sonarHotspotsJsonFilePaths;
-
   @CommandLine.Option(
       names = {"--contrast-vulnerabilities-xml"},
       description =
@@ -394,8 +387,7 @@ public Integer call() throws IOException {
       log.debug("Loading input files");
       CodeDirectory codeDirectory = new DefaultCodeDirectory(projectPath);
       List<Path> sarifFiles = convertToPaths(sarifs);
-      List<Path> sonarIssuesJsonFiles = convertToPaths(sonarIssuesJsonFilePaths);
-      List<Path> sonarHotspotJsonFiles = convertToPaths(sonarHotspotsJsonFilePaths);
+      List<Path> sonarJsonFiles = convertToPaths(sonarJsons);
 
       log.debug("Parsing SARIFs");
       Map<String, List<RuleSarif>> pathSarifMap =
@@ -412,8 +404,7 @@ public Integer call() throws IOException {
               filePaths,
               pathSarifMap,
               codemodParameters,
-              sonarIssuesJsonFiles,
-              sonarHotspotJsonFiles,
+              sonarJsonFiles,
               defectDojoFindingsJsonFilePath,
               contrastVulnerabilitiesXmlFilePath);
       List<CodemodIdPair> codemods = loader.getCodemods();

framework/codemodder-base/src/main/java/io/codemodder/CodemodLoader.java

@@ -30,8 +30,7 @@ public CodemodLoader(
       final List<Path> includedFiles,
       final Map<String, List<RuleSarif>> ruleSarifByTool,
       final List<ParameterArgument> codemodParameters,
-      final List<Path> sonarIssuesJsonFiles,
-      final List<Path> sonarHotspotsJsonFiles,
+      final List<Path> sonarJsonFiles,
       final Path defectDojoFindingsJsonFile,
       final Path contrastVulnerabilitiesXmlFilePath) {
 
@@ -119,8 +118,7 @@ public CodemodLoader(
               pathExcludes,
               orderedCodemodTypes,
               allWantedSarifs,
-              sonarIssuesJsonFiles,
-              sonarHotspotsJsonFiles,
+              sonarJsonFiles,
               defectDojoFindingsJsonFile,
               contrastVulnerabilitiesXmlFilePath);
       allModules.addAll(modules);

framework/codemodder-base/src/main/java/io/codemodder/CodemodProvider.java

@@ -22,8 +22,8 @@ public interface CodemodProvider {
    *     their own analysis)
    * @param codemodTypes the codemod types that are being run
    * @param sarifs the SARIF output of tools that are being run
-   * @param sonarIssuesJsonPaths the path to a Sonar issues JSON file retrieved from their web API
-   *     -- may be null
+   * @param sonarJsonPaths the path to a Sonar issues/hotspots or combined JSON file retrieved from
+   *     their web API -- may be null
    * @param contrastFindingsJsonPath the path to a Contrast findings JSON file retrieved from their
    *     web API -- may be null
    * @return a set of modules that perform dependency injection
@@ -35,15 +35,14 @@ Set<AbstractModule> getModules(
       List<String> pathExcludes,
       List<Class<? extends CodeChanger>> codemodTypes,
       List<RuleSarif> sarifs,
-      List<Path> sonarIssuesJsonPaths,
-      List<Path> sonarHotspotsJsonPaths,
+      List<Path> sonarJsonPaths,
       Path defectDojoFindingsJsonPath,
       Path contrastFindingsJsonPath);
 
   /**
    * Tools this provider is interested in processing the SARIF output of. Codemodder CLI will look
    * for the SARIF outputted by tools in this list in the repository root and then provide the
-   * results to {@link #getModules(Path, List, List, List, List, List, List, List, Path, Path)} as a
+   * results to {@link #getModules(Path, List, List, List, List, List, List, Path, Path)} as a
    * {@link List} of {@link RuleSarif}s.
    *
    * <p>By default, this returns an empty list.

framework/codemodder-base/src/test/java/io/codemodder/CodemodLoaderTest.java

@@ -257,7 +257,6 @@ void it_handles_codemod_orders(final @TempDir Path tmpDir) throws IOException {
             Files.list(tmpDir).toList(),
             Map.of(),
             List.of(),
-            List.of(),
             null,
             null,
             null);
@@ -282,7 +281,6 @@ void it_handles_codemod_orders(final @TempDir Path tmpDir) throws IOException {
             Files.list(tmpDir).toList(),
             Map.of(),
             List.of(),
-            List.of(),
             null,
             null,
             null);
@@ -510,7 +508,6 @@ private CodemodLoader createLoader(final Class<? extends CodeChanger> codemodTyp
         Files.list(dir).toList(),
         Map.of(),
         List.of(),
-        List.of(),
         null,
         null,
         null);
@@ -527,7 +524,6 @@ private CodemodLoader createLoader(
         Files.list(dir).toList(),
         Map.of(),
         List.of(),
-        List.of(),
         null,
         null,
         null);
@@ -549,7 +545,6 @@ private CodemodLoader createLoader(
         params,
         null,
         null,
-        null,
         null);
   }
 }

framework/codemodder-testutils/src/main/java/io/codemodder/testutils/CodemodTestMixin.java

@@ -83,8 +83,7 @@ default Stream<DynamicTest> generateTestCases(@TempDir final Path tmpDir) throws
               metadata.doRetransformTest(),
               metadata.expectingFixesAtLines(),
               metadata.expectingFailedFixesAtLines(),
-              metadata.sonarIssuesJsonFiles(),
-              metadata.sonarHotspotsJsonFiles());
+              metadata.sonarJsonFiles());
         };
 
     final Predicate<String> displayNameFilter =
@@ -104,8 +103,7 @@ private void verifyCodemod(
       final boolean doRetransformTest,
       final int[] expectedFixLines,
       final int[] expectingFailedFixesAtLines,
-      final String[] sonarIssuesJsonFiles,
-      final String[] sonarHotspotsJsonFiles)
+      final String[] sonarJsonFiles)
       throws IOException {
 
     // create a copy of the test file in the temp directory to serve as our "repository"
@@ -125,10 +123,11 @@ private void verifyCodemod(
       pathToJavaFile = newPathToJavaFile;
     }
 
-    final List<Path> sonarIssuesJsonsPaths =
-        buildSonarJsonPaths(testResourceDir, sonarIssuesJsonFiles, "sonar-issues.json");
-    final List<Path> sonarHotspotsJsonPaths =
-        buildSonarJsonPaths(testResourceDir, sonarHotspotsJsonFiles, "sonar-hotspots.json");
+    final List<Path> sonarJsonsPaths =
+        buildSonarJsonPaths(
+            testResourceDir,
+            sonarJsonFiles,
+            List.of("sonar.json", "sonar-issues.json", "sonar-hotspots.json"));
 
     // Check for any sarif files and build the RuleSarif map
     CodeDirectory codeDir = CodeDirectory.from(tmpDir);
@@ -155,8 +154,7 @@ private void verifyCodemod(
             List.of(pathToJavaFile),
             map,
             List.of(),
-            sonarIssuesJsonsPaths,
-            sonarHotspotsJsonPaths,
+            sonarJsonsPaths,
             Files.exists(defectDojo) ? defectDojo : null,
             Files.exists(contrastXml) ? contrastXml : null);
 
@@ -242,8 +240,7 @@ private void verifyCodemod(
             List.of(pathToJavaFile),
             map,
             List.of(),
-            null,
-            null,
+            List.of(),
             null,
             null);
     CodemodIdPair codemod2 = loader2.getCodemods().get(0);
@@ -275,7 +272,7 @@ private void verifyCodemod(
   private List<Path> buildSonarJsonPaths(
       final Path testResourceDir,
       final String[] sonarJsonFiles,
-      final String defaultSonarFilename) {
+      final List<String> defaultSonarFilenames) {
     final List<String> sonarJsons =
         sonarJsonFiles != null ? Arrays.asList(sonarJsonFiles) : new ArrayList<>();
 
@@ -286,9 +283,11 @@ private List<Path> buildSonarJsonPaths(
             .collect(Collectors.toList());
 
     if (sonarIssuesJsonsPaths.isEmpty()) {
-      Path defaultPath = testResourceDir.resolve(defaultSonarFilename);
-      if (Files.exists(defaultPath)) {
-        sonarIssuesJsonsPaths.add(defaultPath);
+      for (String defaultSonarFilename : defaultSonarFilenames) {
+        Path defaultPath = testResourceDir.resolve(defaultSonarFilename);
+        if (Files.exists(defaultPath)) {
+          sonarIssuesJsonsPaths.add(defaultPath);
+        }
       }
     }
 

framework/codemodder-testutils/src/main/java/io/codemodder/testutils/Metadata.java

@@ -50,10 +50,7 @@
   int[] expectingFailedFixesAtLines() default {};
 
   /** Sonar issues file names for testing multiple json files */
-  String[] sonarIssuesJsonFiles() default {};
-
-  /** Sonar hotspots file names for testing multiple json files */
-  String[] sonarHotspotsJsonFiles() default {};
+  String[] sonarJsonFiles() default {};
 
   /**
    * Used to filter test execution to only the tests with a display name that matches the given

framework/codemodder-testutils/src/main/java/io/codemodder/testutils/RawFileCodemodTest.java

@@ -71,7 +71,6 @@ private void verifySingleCase(
             List.of(),
             null,
             null,
-            null,
             null);
     List<CodemodIdPair> codemods = loader.getCodemods();
     assertThat("Only expecting 1 codemod per test", codemods.size(), equalTo(1));

plugins/codemodder-plugin-appscan/src/main/java/io/codemodder/providers/sarif/appscan/AppScanProvider.java

@@ -19,8 +19,7 @@ public Set<AbstractModule> getModules(
       final List<String> excludePaths,
       final List<Class<? extends CodeChanger>> codemodTypes,
       final List<RuleSarif> sarifs,
-      final List<Path> sonarIssuesJsonPaths,
-      final List<Path> sonarHotspotsJsonPaths,
+      final List<Path> sonarJsonPaths,
       final Path defectDojoFindingsJsonFile,
       final Path contrastFindingsJsonPath) {
     return Set.of(new AppScanModule(codemodTypes, sarifs));

plugins/codemodder-plugin-aws/src/main/java/io/codemodder/plugins/aws/AwsProvider.java

@@ -19,8 +19,7 @@ public Set<AbstractModule> getModules(
       final List<String> excludePaths,
       final List<Class<? extends CodeChanger>> codemodTypes,
       final List<RuleSarif> sarifs,
-      final List<Path> sonarIssuesJsonPaths,
-      final List<Path> sonarHotspotsJsonPaths,
+      final List<Path> sonarJsonPaths,
       final Path defectDojoFindingsJsonFile,
       final Path contrastFindingsJsonPath) {
     return Set.of(new AwsClientModule());

plugins/codemodder-plugin-codeql/src/main/java/io/codemodder/providers/sarif/codeql/CodeQLProvider.java

@@ -19,8 +19,7 @@ public Set<AbstractModule> getModules(
       final List<String> excludePaths,
       final List<Class<? extends CodeChanger>> codemodTypes,
       final List<RuleSarif> sarifs,
-      final List<Path> sonarIssuesJsonPaths,
-      final List<Path> sonarHotspotsJsonPaths,
+      final List<Path> sonarJsonPaths,
       final Path defectDojoFindingsJsonFile,
       final Path contrastFindingsJsonPath) {
     return Set.of(new CodeQLModule(codemodTypes, sarifs));

plugins/codemodder-plugin-codeql/src/test/java/io/codemodder/providers/sarif/codeql/ConflictingSarifTest.java

@@ -37,7 +37,6 @@ void it_combines_sarifs_with_overlapping_keys(@TempDir Path tempDir) {
         pathSarifMap,
         List.of(),
         List.of(),
-        List.of(),
         null,
         null);
   }

plugins/codemodder-plugin-defectdojo/src/main/java/io/codemodder/providers/defectdojo/DefectDojoProvider.java

@@ -19,8 +19,7 @@ public Set<AbstractModule> getModules(
       final List<String> pathExcludes,
       final List<Class<? extends CodeChanger>> codemodTypes,
       final List<RuleSarif> sarifs,
-      final List<Path> sonarIssuesJsonPaths,
-      final List<Path> sonarHotspotsJsonPaths,
+      final List<Path> sonarJsonPaths,
       final Path defectDojoFindingsJsonFile,
       final Path contrastFindingsJsonPath) {
     return Set.of(new DefectDojoModule(codemodTypes, repository, defectDojoFindingsJsonFile));

plugins/codemodder-plugin-llm/src/main/java/io/codemodder/plugins/llm/LLMProvider.java

@@ -19,8 +19,7 @@ public Set<AbstractModule> getModules(
       final List<String> excludePaths,
       final List<Class<? extends CodeChanger>> codemodTypes,
       final List<RuleSarif> sarifs,
-      final List<Path> sonarIssuesJsonPaths,
-      final List<Path> sonarHotspotsJsonPaths,
+      final List<Path> sonarJsonPaths,
       final Path defectDojoFindingsJsonFile,
       final Path contrastFindingsJsonPath) {
     return Set.of(new LLMServiceModule());

plugins/codemodder-plugin-pmd/src/main/java/io/codemodder/providers/sarif/pmd/PmdProvider.java

@@ -19,8 +19,7 @@ public Set<AbstractModule> getModules(
       final List<String> excludePaths,
       final List<Class<? extends CodeChanger>> codemodTypes,
       final List<RuleSarif> sarifs,
-      final List<Path> sonarIssuesJsonPaths,
-      final List<Path> sonarHotspotsJsonPaths,
+      final List<Path> sonarJsonPaths,
       final Path defectDojoFindingsJsonFile,
       final Path contrastFindingsJsonPath) {
     return Set.of(new PmdModule(codeDirectory, includedFiles, codemodTypes));

plugins/codemodder-plugin-semgrep/src/main/java/io/codemodder/providers/sarif/semgrep/SemgrepProvider.java

@@ -19,8 +19,7 @@ public Set<AbstractModule> getModules(
       final List<String> excludePaths,
       final List<Class<? extends CodeChanger>> codemodTypes,
       final List<RuleSarif> sarifs,
-      final List<Path> sonarIssuesJsonPaths,
-      final List<Path> sonarHotspotsJsonPaths,
+      final List<Path> sonarJsonPaths,
       final Path defectDojoFindingsJsonFile,
       final Path contrastFindingsJsonPath) {
     return Set.of(