Project Setup

This page walks through adding the right dependencies on your project. Create an empty project in either Maven or Gradle, then add our base dependency:

Gradle
Maven

implementation("io.codemodder:codemodder-base:$VERSION")

<dependency>
    <groupId>io.codemodder</groupId>
    <artifactId>codemodder-base</artifactId>
    <version>$VERSION</version>
</dependency>

Decide how to find the code we want to change

Codemodder is designed to leverage common third-party tools to identify issues to fix. So, our next step is to choose which static analysis tool (if any) we'll use to find the problem we want to fix. Some simple changes may not require anything more than the basic AST traversal features provided by JavaParser (which is in the base dependency). Other more complicated changes will require the use of third-party static analysis tools.

A good option for many use cases is to use Semgrep to find the code we want to change. This tool is excellent at finding different shapes of code, with tools for suppressing common false positives cases. Let's add the Semgrep plugin to our build so we can act on Semgrep findings.

Gradle
Maven

implementation("io.codemodder:codemodder-plugin-semgrep:$VERSION")

<dependency>
    <groupId>io.codemodder</groupId>
    <artifactId>codemodder-plugin-semgrep</artifactId>
    <version>$VERSION</version>
</dependency>

In order to test and run, you will have to install Semgrep as well:

$ pip install semgrep

With our setup done, our next step is to write the codemod!

Decide how to find the code we want to change​

Decide how to find the code we want to change