io.codemodder.codemods.StackTraceExposureCodemod.report.json Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of core-codemods Show documentation
Show all versions of core-codemods Show documentation
Codemods for fixing common errors across many Java projects
{
"summary" : "Prevent information leak of stack trace details to HTTP responses (CodeQL)",
"change": "Removed the argument which would end up exposed in the HTTP response and leak implementation details of our application to the user",
"reviewGuidanceJustification" : "This codemod prevents internal coding details from reaching the HTTP response body, and we believe that fixing it presents zero risk.",
"references" : [
"https://codeql.github.com/codeql-query-help/java/java-stack-trace-exposure/",
"https://cwe.mitre.org/data/definitions/209.html",
"https://cwe.mitre.org/data/definitions/497.html"
]
}