Skip to main content

Fix-Only Codemods

You may see the term "Fix-Only Codemod" in our documentation and in our code. This page discusses what differentiates "fix-only" codemods from typical codemods.

It's about how we find the code

Fix-only codemods are a special type of codemod that use code location data that is produced by external tool. We currently support the following external tools:

  • Sonar
  • CodeQL
  • Semgrep

If you want to make a codemod for fixing something these tools find, please look at the documentation for the codemodder project for your language.


To fix issues found by Sonar, take JSON returned by the Issues API, save it to a file, and pass that file to the --sonar-issues CLI argument.

SARIF producing tools

To fix issues generated by CodeQL and Semgrep, pass their SARIF file output to a codemod's --sarif CLI argument.

Let's support more!

Note that these are the "built-in" providers we support and for which we offer easy-to-implement supertypes. We'd be interested in fixing the stuff your favorite tool finds -- just open an issue on the codemodder framework GitHub page (Java, Python).