Package io.codemodder.plugins.llm
Class SarifToLLMForMultiOutcomeCodemod
java.lang.Object
io.codemodder.RawFileChanger
io.codemodder.SarifPluginRawFileChanger
io.codemodder.plugins.llm.SarifPluginLLMCodemod
io.codemodder.plugins.llm.SarifToLLMForMultiOutcomeCodemod
- All Implemented Interfaces:
io.codemodder.CodeChanger
An extension of
SarifPluginRawFileChanger that uses large language models (LLMs) to
perform some analysis and categorize what's found to drive different potential code changes.
The inspiration for this type was the "remediate something found by tool X" use case. For example, if a tool cites a vulnerability on a given line, we may want to take any of the following actions:
- Fix the identified issue by doing A
- Fix the identified issue by doing B
- Add a suppression comment to the given line since it's likely a false positive
- Refactor the code so it doesn't trip the rule anymore, without actually "fixing it"
- Do nothing, since the LLM can't determine which case the code is
To accomplish that, we need the analysis to "bucket" the code into one of the above categories.
-
Field Summary
Fields inherited from class io.codemodder.plugins.llm.SarifPluginLLMCodemod
openAIFields inherited from class io.codemodder.RawFileChanger
reporter -
Constructor Summary
ConstructorsModifierConstructorDescriptionprotectedSarifToLLMForMultiOutcomeCodemod(io.codemodder.RuleSarif sarif, OpenAIService openAI, List<LLMRemediationOutcome> remediationOutcomes) protectedSarifToLLMForMultiOutcomeCodemod(io.codemodder.RuleSarif sarif, OpenAIService openAI, List<LLMRemediationOutcome> remediationOutcomes, Model categorizationModel, Model codeChangingModel) -
Method Summary
Modifier and TypeMethodDescriptionprotected io.codemodder.CodemodChangecreateCodemodChange(com.contrastsecurity.sarif.Result result, int line, String fixDescription) Create aCodemodChangefrom the given code change data.protected abstract StringInstructs the LLM on how to assess the risk of the threat.io.codemodder.CodemodFileScanningResultonFileFound(io.codemodder.CodemodInvocationContext context, List<com.contrastsecurity.sarif.Result> results) Methods inherited from class io.codemodder.plugins.llm.SarifPluginLLMCodemod
shouldRunMethods inherited from class io.codemodder.SarifPluginRawFileChanger
supports, visitFileMethods inherited from class io.codemodder.RawFileChanger
getDescription, getIndividualChangeDescription, getReferences, getSummaryMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface io.codemodder.CodeChanger
getIncludesExcludesPattern
-
Constructor Details
-
SarifToLLMForMultiOutcomeCodemod
protected SarifToLLMForMultiOutcomeCodemod(io.codemodder.RuleSarif sarif, OpenAIService openAI, List<LLMRemediationOutcome> remediationOutcomes) -
SarifToLLMForMultiOutcomeCodemod
protected SarifToLLMForMultiOutcomeCodemod(io.codemodder.RuleSarif sarif, OpenAIService openAI, List<LLMRemediationOutcome> remediationOutcomes, Model categorizationModel, Model codeChangingModel)
-
-
Method Details
-
onFileFound
public io.codemodder.CodemodFileScanningResult onFileFound(io.codemodder.CodemodInvocationContext context, List<com.contrastsecurity.sarif.Result> results) - Specified by:
onFileFoundin classio.codemodder.SarifPluginRawFileChanger
-
createCodemodChange
protected io.codemodder.CodemodChange createCodemodChange(com.contrastsecurity.sarif.Result result, int line, String fixDescription) Create aCodemodChangefrom the given code change data.- Parameters:
line- the line number of the changefixDescription- the description of the change
-
getThreatPrompt
Instructs the LLM on how to assess the risk of the threat.- Returns:
- The prompt.
-