Releases: pixee/codemodder-java
Releases · pixee/codemodder-java
v0.90.1
:sparkles: Support multiple rule names for AppScan (#428) - **:sparkles: support muitiple rule names in AppScan** - **:bulb: Improve docs for AppScan getRule accessor**
v0.90.0
:bug: Defensive null check (#424) - **:recycle: provide messageText to all RuleSarifFactory impls** - **Bind AppScan sarif to rule by rule name from message text** - **:bug: fix distinct rule ID bug** - **:bug: defensive null check**
v0.89.2
:sparkles: allow SARIF to be bound from multiple rule IDs (#421)
v0.89.1
Skip SensitiveDataLoggingCodemod when LLM not available (#419) This codemod does not inherit from the base class with the existing check so it did not benefit from the work in #418.
v0.89.0
Skip LLM codemods when no service is available (#418)
v0.88.1
Add gpt-4-turbo model; use for code changing (#416) Without function calling, we need to use models that support `json_object` as a response format. At some point we should revisit function calling with the new client, but it seems substantially more complicated than the old API. It also appears to be deprecated in favor of "tool calling"": > For function call sample, see [function call](https://github.com/Azure/azure-sdk-for-java/tree/azure-ai-openai_1.0.0-beta.10/sdk/openai/azure-ai-openai/src/samples/java/com/azure/ai/openai/ChatCompletionsFunctionCall.java). However, they are considered a legacy feature. Using tools is the preferred way. For more details see sample [tool calls](https://github.com/Azure/azure-sdk-for-java/blob/azure-ai-openai_1.0.0-beta.10/sdk/openai/azure-ai-openai/src/samples/java/com/azure/ai/openai/usage/GetChatCompletionsToolCallSample.java). https://learn.microsoft.com/en-us/java/api/overview/azure/ai-openai-readme?view=azure-java-preview#chat-completions
v0.88.0
Enable compatibility with Azure OpenAI (#415)
v0.86.1
Fix shared CST state for injected method (#411) This method fixes a subtle bug that occurs when the CST for a pre-cached node is shared between codemod uses.
v0.86.0
Build generic XSS remediator (#410) Also included some Semgrep maintenance to make this easier to test in downstream projects.
v0.85.0
Add overlapping fix logic (#409) This adds more the ability to group fixes by location and more tests for all the fix candidate searcher logic.