• Home
• io.codemodder
• core-codemods
• 0.95.0
• source code
• report.json

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

io.codemodder.codemods.UnsafeReflectionRemediationCodemod.report.json Maven / Gradle / Ivy

{
  "summary": "Replaced unsafe usages of `Class.forName` with hardened alternative `Reflection.loadAndVerify`",
  "change": "Replaced unsafe usages of `Class.forName` with hardened alternative `Reflection.loadAndVerify`",
  "reviewGuidanceJustification": "Reflection.loadAndVerify disallows the loading of classes that are well-known to be dangerous paths to remote code execution. Pathological cases aside, the use of Reflection.loadAndVerify will not disrupt the typical operations of an application.",
  "references": [
    "https://rules.sonarsource.com/java/RSPEC-2658/"
  ]
}