From 82e11fe81f5931bbbe3ee333427093bec9422cd8 Mon Sep 17 00:00:00 2001 From: Tim te Beek Date: Thu, 28 May 2026 20:35:42 +0200 Subject: [PATCH] Regenerate recipes.csv --- .../resources/META-INF/rewrite/recipes.csv | 320 +++++++++--------- 1 file changed, 160 insertions(+), 160 deletions(-) diff --git a/src/main/resources/META-INF/rewrite/recipes.csv b/src/main/resources/META-INF/rewrite/recipes.csv index ff199c980..5d6d2f300 100644 --- a/src/main/resources/META-INF/rewrite/recipes.csv +++ b/src/main/resources/META-INF/rewrite/recipes.csv @@ -1,121 +1,38 @@ ecosystem,packageName,name,displayName,description,recipeCount,category1,category2,category1Description,category2Description,options -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.AbstractClassPublicConstructor,Constructors of an `abstract` class should not be declared `public`,"Constructors of `abstract` classes can only be called in constructors of their subclasses. Therefore the visibility of `public` constructors are reduced to `protected`. Declaring them `public` is misleading since it implies they could be invoked directly, which is never possible.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.AddSerialAnnotationToSerialVersionUID,Add `@Serial` annotation to `serialVersionUID`,Annotate any `serialVersionUID` fields with `@Serial` to indicate it's part of the serialization mechanism.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.AddSerialVersionUidToSerializable,Add `serialVersionUID` to a `Serializable` class when missing,"A `serialVersionUID` field is strongly recommended in all `Serializable` classes. If this is not defined on a `Serializable` class, the compiler will generate this value. If a change is later made to the class, the generated value will change and attempts to deserialize the class will fail. Explicitly declaring this field gives you control over binary compatibility across versions.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""uid"",""type"":""String"",""displayName"":""New serial version UID"",""description"":""Value of the added serial version UID."",""example"":""42L""}]" -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.AnnotateNullableMethods,Annotate methods which may return `null` with `@Nullable`,"Add `@Nullable` to non-private methods that may return `null`. By default `org.jspecify.annotations.Nullable` is used, but through the `nullableAnnotationClass` option a custom annotation can be provided. Both `@Target(TYPE_USE)` and declaration annotations (e.g. `javax.annotation.CheckForNull`) are supported. Methods that already carry a known nullable annotation (matched by simple name) are skipped to avoid duplication. This recipe scans for methods that do not already have a `@Nullable` annotation and checks their return statements for potential null values. It also identifies known methods from standard libraries that may return null, such as methods from `Map`, `Queue`, `Deque`, `NavigableSet`, and `Spliterator`. The return of streams, or lambdas are not taken into account.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""nullableAnnotationClass"",""type"":""String"",""displayName"":""`@Nullable` annotation class"",""description"":""The fully qualified name of the @Nullable annotation to add. Both `@Target(TYPE_USE)` and declaration annotations (e.g. `javax.annotation.CheckForNull`) are supported. Defaults to `org.jspecify.annotations.Nullable`."",""example"":""org.jspecify.annotations.Nullable""}]" -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.AnnotateNullableParameters,Annotate null-checked method parameters with `@Nullable`,"Add `@Nullable` to parameters of public methods that are explicitly checked for `null`. By default `org.jspecify.annotations.Nullable` is used, but through the `nullableAnnotationClass` option a custom annotation can be provided. Both `@Target(TYPE_USE)` and declaration annotations (e.g. `javax.annotation.CheckForNull`) are supported. Parameters that already carry a known nullable annotation are skipped to avoid duplication. This recipe scans for methods that do not already have parameters annotated with a nullable annotation and checks their usages for potential null checks. Additional null-checking methods can be specified via the `additionalNullCheckingMethods` option.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""nullableAnnotationClass"",""type"":""String"",""displayName"":""`@Nullable` annotation class"",""description"":""The fully qualified name of the @Nullable annotation to add. Both `@Target(TYPE_USE)` and declaration annotations (e.g. `javax.annotation.CheckForNull`) are supported. Defaults to `org.jspecify.annotations.Nullable`."",""example"":""org.jspecify.annotations.Nullable""},{""name"":""additionalNullCheckingMethods"",""type"":""List"",""displayName"":""Additional null-checking methods"",""description"":""A list of method patterns (in OpenRewrite MethodMatcher format) that should be considered as null-checking methods. These will be added to the built-in list of known null-checking methods. Use `..` for any parameters, e.g., `com.mycompany.utils.StringUtil isEmpty(..)` or `com.mycompany.utils.CollectionUtil isNullOrEmpty(java.util.Collection)`"",""example"":""com.mycompany.utils.StringUtil isEmpty(..), com.mycompany.utils.CollectionUtil isNullOrEmpty(..)""}]" -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.AnnotateRequiredParameters,Annotate required method parameters with `@NonNull`,"Add `@NonNull` to parameters of public methods that are explicitly checked for `null` and throw an exception if null. By default `org.jspecify.annotations.NonNull` is used, but through the `nonNullAnnotationClass` option a custom annotation can be provided. When providing a custom `nonNullAnnotationClass` that annotation should be meta annotated with `@Target(TYPE_USE)`. This recipe scans for methods that do not already have parameters annotated with `@NonNull` annotation and checks for null validation patterns that throw exceptions, such as `if (param == null) throw new IllegalArgumentException()`.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""nonNullAnnotationClass"",""type"":""String"",""displayName"":""`@NonNull` annotation class"",""description"":""The fully qualified name of the @NonNull annotation. The annotation should be meta annotated with `@Target(TYPE_USE)`. Defaults to `org.jspecify.annotations.NonNull`"",""example"":""org.jspecify.annotations.NonNull""}]" -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.AtomicPrimitiveEqualsUsesGet,"Atomic Boolean, Integer, and Long equality checks compare their values","`AtomicBoolean#equals(Object)`, `AtomicInteger#equals(Object)` and `AtomicLong#equals(Object)` are only equal to their instance. This recipe converts `a.equals(b)` to `a.get() == b.get()`. These atomic classes do not override `equals` from `Object`, so calling it compares object identity rather than the wrapped value, which is almost never the intended behavior.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.AvoidBoxedBooleanExpressions,Avoid boxed boolean expressions,"Under certain conditions the `java.lang.Boolean` type is used as an expression, and it may throw a `NullPointerException` if the value is null. Using `Boolean.TRUE.equals(...)` guards against unboxing a `null` reference in control flow positions like `if` conditions and ternary operators.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.BigDecimalDoubleConstructorRecipe,`new BigDecimal(double)` should not be used,"Use of `new BigDecimal(double)` constructor can lead to loss of precision. Use `BigDecimal.valueOf(double)` instead. -For example writing `new BigDecimal(0.1)` does not create a `BigDecimal` which is exactly equal to `0.1`, but it is equal to `0.1000000000000000055511151231257827021181583404541015625`. This is because `0.1` cannot be represented exactly as a double (or, for that matter, as a binary fraction of any finite length). `BigDecimal.valueOf` avoids this by converting through a string representation, preserving the value you actually intended.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.BigDecimalRoundingConstantsToEnums,`BigDecimal` rounding constants to `RoundingMode` enums,Convert `BigDecimal` rounding constants to the equivalent `RoundingMode` enum. The integer-based rounding constants on `BigDecimal` are deprecated and lack type safety; the `RoundingMode` enum makes the rounding behavior self-documenting and prevents invalid values.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.BooleanChecksNotInverted,Boolean checks should not be inverted,"Ensures that boolean checks are not unnecessarily inverted. Also fixes double negative boolean expressions. Negating a comparison and then inverting it adds cognitive overhead; using the direct operator (e.g., `>=` instead of `!(... < ...)`) is clearer and easier to reason about.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.BufferedWriterCreationRecipes,Modernize `BufferedWriter` creation & prevent file descriptor leaks,The code `new BufferedWriter(new FileWriter(f))` creates a `BufferedWriter` that does not close the underlying `FileWriter` when it is closed. This can lead to file descriptor leaks as per [CWE-755](https://cwe.mitre.org/data/definitions/755.html). Use `Files.newBufferedWriter` to create a `BufferedWriter` that closes the underlying file descriptor when it is closed.,5,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.BufferedWriterCreationRecipes$BufferedWriterFromNewFileWriterWithFileAndBooleanArgumentsRecipe,"Convert `new BufferedWriter(new FileWriter(File, boolean))` to `Files.newBufferedWriter(Path, StandardOpenOption)`","Convert `new BufferedWriter(new FileWriter(f, b))` to `Files.newBufferedWriter(f.toPath(), b ? StandardOpenOption.APPEND : StandardOpenOption.CREATE)`.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.BufferedWriterCreationRecipes$BufferedWriterFromNewFileWriterWithFileArgumentRecipe,Convert `new BufferedWriter(new FileWriter(File))` to `Files.newBufferedWriter(Path)`,Convert `new BufferedWriter(new FileWriter(f))` to `Files.newBufferedWriter(f.toPath())`.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.BufferedWriterCreationRecipes$BufferedWriterFromNewFileWriterWithStringAndBooleanArgumentsRecipe,"Convert `new BufferedWriter(new FileWriter(String, boolean))` to `Files.newBufferedWriter(Path, StandardOpenOption)`","Convert `new BufferedWriter(new FileWriter(s, b))` to `Files.newBufferedWriter(new java.io.File(s).toPath(), b ? StandardOpenOption.APPEND : StandardOpenOption.CREATE)`.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.BufferedWriterCreationRecipes$BufferedWriterFromNewFileWriterWithStringArgumentRecipe,Convert `new BufferedWriter(new FileWriter(String))` to `Files.newBufferedWriter(Path)`,Convert `new BufferedWriter(new FileWriter(s))` to `Files.newBufferedWriter(new java.io.File(s).toPath())`.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.CompareEnumsWithEqualityOperator,Enum values should be compared with "==","Replaces `Enum equals(java.lang.Object)` with `Enum == java.lang.Object`. An `!Enum equals(java.lang.Object)` will change to `!=`. Using `==` for enum comparison is null-safe, catches type mismatches at compile time, and is idiomatic since each enum constant is guaranteed to be a singleton.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.HideUtilityClassConstructor,Hide utility class constructor,"Ensures utility classes (classes containing only static methods or fields in their API) do not have a public constructor. Instantiating a utility class is almost certainly a mistake, and a private constructor makes that intent clear while preventing misuse.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.MissingOverrideAnnotation,Add missing `@Override` to overriding and implementing methods,"Adds `@Override` to methods overriding superclass methods or implementing interface methods. Annotating methods improves readability by showing the author's intent to override. Additionally, when annotated, the compiler will emit an error when a signature of the overridden method does not match the superclass method.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""ignoreAnonymousClassMethods"",""type"":""Boolean"",""displayName"":""Ignore methods in anonymous classes"",""description"":""When enabled, ignore missing annotations on methods which override methods when the class definition is within an anonymous class.""}]" +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.DefaultComesLast,Default comes last,"Ensure the `default` case comes last after all the cases in a switch statement. Placing `default` at the end follows a widely expected convention, making it easy to find the fallback behavior at a glance.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.OnlyCatchDeclaredExceptions,Replace `catch(Exception)` with specific declared exceptions thrown in the try block,"Replaces `catch(Exception e)` blocks with a multi-catch block (`catch (SpecificException1 | SpecificException2 e)`) containing only the exceptions declared thrown by method or constructor invocations within the `try` block that are not already caught by more specific `catch` clauses. Catching a broad `Exception` type can unintentionally swallow runtime exceptions that indicate programming errors, making bugs harder to detect and diagnose.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UnnecessaryReturnAsLastStatement,Unnecessary `return` as last statement in void method,Removes `return` from a `void` method if it's the last statement. A trailing `return` in a void method has no effect on control flow and is just noise that distracts from the meaningful logic.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveRedundantNullCheckBeforeInstanceof,Remove redundant null checks before instanceof,Removes redundant null checks before instanceof operations since instanceof returns false for null. Removing the extra check simplifies the conditional and makes the null-safety guarantee of `instanceof` more visible to readers.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.CaseInsensitiveComparisonsDoNotChangeCase,CaseInsensitive comparisons do not alter case,Remove `String#toLowerCase()` or `String#toUpperCase()` from `String#equalsIgnoreCase(..)` comparisons. Changing case before a case-insensitive comparison is redundant and allocates unnecessary intermediate `String` objects.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveToStringCallsFromArrayInstances,Remove `toString()` calls on arrays,"The result from `toString()` calls on arrays is largely useless. The output does not actually reflect the contents of the array. `Arrays.toString(array)` should be used instead as it gives the contents of the array. Since arrays do not override `toString()` from `Object`, calling it produces only the type name and memory address, which is rarely what was intended.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.AnnotateRequiredParameters,Annotate required method parameters with `@NonNull`,"Add `@NonNull` to parameters of public methods that are explicitly checked for `null` and throw an exception if null. By default `org.jspecify.annotations.NonNull` is used, but through the `nonNullAnnotationClass` option a custom annotation can be provided. When providing a custom `nonNullAnnotationClass` that annotation should be meta annotated with `@Target(TYPE_USE)`. This recipe scans for methods that do not already have parameters annotated with `@NonNull` annotation and checks for null validation patterns that throw exceptions, such as `if (param == null) throw new IllegalArgumentException()`.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""nonNullAnnotationClass"",""type"":""String"",""displayName"":""`@NonNull` annotation class"",""description"":""The fully qualified name of the @NonNull annotation. The annotation should be meta annotated with `@Target(TYPE_USE)`. Defaults to `org.jspecify.annotations.NonNull`"",""example"":""org.jspecify.annotations.NonNull""}]" +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.TernaryOperatorsShouldNotBeNested,Ternary operators should not be nested,"Nested ternary operators can be hard to read quickly. Prefer simpler constructs for improved readability. If supported, this recipe will try to replace nested ternaries with switch expressions. Deeply nested conditional expressions obscure the branching logic and make it easy to misread which value corresponds to which condition.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseTryWithResources,Use try-with-resources,"Refactor try/finally blocks to use try-with-resources when the finally block only closes an `AutoCloseable` resource. Try-with-resources guarantees that resources are closed even when exceptions occur, eliminating an entire class of resource-leak bugs that manual `finally` blocks are prone to.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseStandardCharset,Use `StandardCharset` constants,Replaces `Charset.forName(java.lang.String)` with the equivalent `StandardCharset` constant. Using the predefined constants is both compile-time safe and avoids the need to handle `UnsupportedEncodingException` for charsets that are guaranteed to exist on every JVM.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NestedEnumsAreNotStatic,Nested enums are not static,Remove static modifier from nested enum types since they are implicitly static. The redundant modifier adds visual noise and may mislead readers into thinking there is a non-static alternative.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.IndexOfChecksShouldUseAStartPosition,"Use `indexOf(String, int)`","Replaces `indexOf(String)` in binary operations if the compared value is an int and not less than 1. Using the two-argument `indexOf(String, int)` form with a start position avoids redundantly scanning the beginning of the string when you already know the match must occur after a certain index.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.CatchClauseOnlyRethrows,Catch clause should do more than just rethrow,A `catch` clause that only rethrows the caught exception is unnecessary. Letting the exception bubble up as normal achieves the same result with less code. Such catch blocks add visual noise and indentation without changing program behavior.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.PreferSystemGetPropertyOverGetenv,Prefer `System.getProperty("user.home")` over `System.getenv("HOME")`,Replaces `System.getenv("HOME")` with `System.getProperty("user.home")` for better portability.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceValidateNotNullHavingVarargsWithObjectsRequireNonNull,Replace `org.apache.commons.lang3.Validate#notNull` with `Objects#requireNonNull`,"Replace `org.apache.commons.lang3.Validate.notNull(Object, String, Object[])` with `Objects.requireNonNull(Object, String)`.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ChainStringBuilderAppendCalls,Chain `StringBuilder.append()` calls,"String concatenation within calls to `StringBuilder.append()` causes unnecessary memory allocation. Except for concatenations of String literals, which are joined together at compile time. Replaces inefficient concatenations with chained calls to `StringBuilder.append()`. Using `+` inside `append()` defeats the purpose of the `StringBuilder`, since the concatenation creates a temporary `String` before appending.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.CollectionToArrayShouldHaveProperType,'Collection.toArray()' should be passed an array of the proper type,"Using `Collection.toArray()` without parameters returns an `Object[]`, which requires casting. It is more efficient and clearer to use `Collection.toArray(new T[0])` instead. The parameterless form can cause a `ClassCastException` at runtime when the returned `Object[]` is cast to a more specific array type.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.CombineSemanticallyEqualCatchBlocks,Combine semantically equal catch blocks,Combine catches in a try that contain semantically equivalent blocks. No change will be made when a caught exception exists if combining catches may change application behavior or type attribution is missing. Merging duplicate catch bodies into multi-catch blocks reduces repetition and makes the exception handling strategy easier to follow.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.CompareEnumsWithEqualityOperator,Enum values should be compared with "==","Replaces `Enum equals(java.lang.Object)` with `Enum == java.lang.Object`. An `!Enum equals(java.lang.Object)` will change to `!=`. Using `==` for enum comparison is null-safe, catches type mismatches at compile time, and is idiomatic since each enum constant is guaranteed to be a singleton.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ControlFlowIndentation,Control flow statement indentation,"Program flow control statements like `if`, `while`, and `for` can omit curly braces when they apply to only a single statement. This recipe ensures that any statements which follow that statement are correctly indented to show they are not part of the flow control statement. Misleading indentation can give the false impression that a line executes conditionally when it actually runs unconditionally, which is a common source of logic errors.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.CovariantEquals,Covariant equals,"Checks that classes and records which define a covariant `equals()` method also override method `equals(Object)`. Covariant `equals()` means a method that is similar to `equals(Object)`, but with a covariant parameter type (any subtype of `Object`). Without a proper `equals(Object)` override, collections and other framework code that rely on the standard signature will silently use `Object.equals`, leading to incorrect behavior.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.DeclarationSiteTypeVariance,Properly use declaration-site type variance,"Currently, Java requires use-site type variance, so if someone has `Function` method parameter, it should rather be `Function`. Unfortunately, it is not easy to notice that `? super` and `? extends` is missing, so this recipe adds it where that would improve the situation.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""variantTypes"",""type"":""List"",""displayName"":""Variant types"",""description"":""A list of well-known classes that have in/out type variance."",""example"":""java.util.function.Function"",""required"":true},{""name"":""excludedBounds"",""type"":""List"",""displayName"":""Excluded bounds"",""description"":""A list of bounds that should not receive explicit variance. Globs supported."",""example"":""java.lang.*""},{""name"":""excludeFinalClasses"",""type"":""Boolean"",""displayName"":""Exclude final classes"",""description"":""If true, do not add `? extends` variance to final classes. `? super` variance will be added regardless of finality.""}]" -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.DefaultComesLast,Default comes last,"Ensure the `default` case comes last after all the cases in a switch statement. Placing `default` at the end follows a widely expected convention, making it easy to find the fallback behavior at a glance.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.EmptyBlock,Remove empty blocks,Remove empty blocks that effectively do nothing. Empty blocks are ambiguous -- they may indicate incomplete implementation or accidentally deleted code -- and removing them makes the intent of the surrounding code explicit.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.EqualsAvoidsNull,Equals avoids null,"Checks that any combination of String literals is on the left side of an `equals()` comparison. Also checks for String literals assigned to some field (such as `someString.equals(anotherString = ""text""))`. And removes redundant null checks in conjunction with equals comparisons. Placing the literal on the left side prevents `NullPointerException`s, since a literal can never be null and its `equals` method handles null arguments safely.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.EqualsToContentEquals,Use `String.contentEquals(CharSequence)` instead of `String.equals(CharSequence.toString())`,Use `String.contentEquals(CharSequence)` instead of `String.equals(CharSequence.toString())`.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ExplicitCharsetOnStringGetBytes,Set charset encoding explicitly when calling `String#getBytes`,"This makes the behavior of the code platform neutral. It will not override any existing explicit encodings, even if they don't match the default encoding option. Relying on the platform default charset can produce different results across environments, leading to subtle data corruption bugs.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""encoding"",""type"":""String"",""displayName"":""Default encoding"",""description"":""The default encoding to supply to the `getBytes` call"",""example"":""UTF_8""}]" +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceTextBlockWithString,Replace text block with regular string,Replace text block with a regular multi-line string. Text blocks that fit on a single line without concatenation or escaped newlines gain no readability benefit from the triple-quote syntax and are clearer as plain string literals.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveUnneededAssertion,Remove unneeded assertions,"Remove unneeded assertions like `assert true`, `assertTrue(true)`, or `assertFalse(false)`.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyDurationCreationUnits,Simplify `java.time.Duration` units,Simplifies `java.time.Duration` units to be more human-readable.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.URLEqualsHashCodeRecipes,URL Equals and Hash Code,"Uses of `equals()` and `hashCode()` cause `java.net.URL` to make blocking internet connections. Instead, use `java.net.URI`.",3,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ForLoopControlVariablePostfixOperators,`for` loop counters should use postfix operators,Replace `for` loop control variables using pre-increment (`++i`) or pre-decrement (`--i`) operators with their post-increment (`i++`) or post-decrement (`i++`) notation equivalents.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyBooleanExpression,Simplify boolean expression,"Checks for overly complicated boolean expressions, such as `if (b == true)`, `b || true`, `!false`, etc. Needlessly complex boolean logic makes code harder to reason about and increases the chance of introducing errors during future modifications.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ObjectFinalizeCallsSuper,`finalize()` calls super,Overrides of `Object#finalize()` should call super. Skipping the super call can prevent parent classes from releasing critical system resources during garbage collection.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceStringBuilderWithString,Replace `StringBuilder#append` with `String`,"Replace `StringBuilder.append()` with String if you are only concatenating a small number of strings and the code is simple and easy to read, as the compiler can optimize simple string concatenation expressions into a single String object, which can be more efficient than using StringBuilder.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ExplicitInitialization,Explicit initialization,"Checks if any class or object member is explicitly initialized to default for its type value: - `null` for object references - zero for numeric types and `char` - and `false` for `boolean` Removes explicit initializations where they aren't necessary. Since the JVM already guarantees these defaults, restating them adds visual noise and can obscure fields that are intentionally initialized to non-default values.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ExplicitLambdaArgumentTypes,Use explicit types on lambda arguments,"Adds explicit types on lambda arguments, which are otherwise optional. This can make the code clearer and easier to read. This does not add explicit types on arguments when the lambda has one or two parameters and does not have a block body, as things are considered more readable in those cases. For example, `stream.map((a, b) -> a.length);` will not have explicit types added.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ExplicitThis,Use explicit `this.field` and `this.method()`,Add explicit 'this.' prefix to field and method access.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ExternalizableHasNoArgsConstructor,`Externalizable` classes have no-arguments constructor,"`Externalizable` classes handle both serialization and deserialization and must have a no-args constructor for the deserialization process. Without a public no-argument constructor, the JVM cannot instantiate the object during deserialization and will throw an `InvalidClassException` at runtime.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.FallThrough,Fall through,"Checks for fall-through in switch statements, adding `break` statements in locations where a case contains Java code but does not have a `break`, `return`, `throw`, or `continue` statement. Unintentional fall-through is a common source of bugs, as execution silently continues into the next case branch.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.FinalClass,Finalize classes with private constructors,"Adds the `final` modifier to classes that expose no public or package-private constructors. If a class cannot be instantiated from the outside, marking it `final` communicates that it was not designed for inheritance and prevents accidental subclassing.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.FinalizeLocalVariables,Finalize local variables,Adds the `final` modifier keyword to local variables which are not reassigned.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.FinalizeMethodArguments,Finalize method arguments,Adds the `final` modifier keyword to method parameters.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.FinalizePrivateFields,Finalize private fields,Adds the `final` modifier keyword to private instance variables which are not reassigned.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.FixStringFormatExpressions,Fix `String#format` and `String#formatted` expressions,"Fix `String#format` and `String#formatted` expressions by replacing `\n` newline characters with `%n` and removing any unused arguments. Note this recipe is scoped to only transform format expressions which do not specify the argument index. Using `%n` ensures the correct platform-specific line separator, and removing unused arguments eliminates dead code that may mask a mismatch between the format string and its parameters.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ForLoopControlVariablePostfixOperators,`for` loop counters should use postfix operators,Replace `for` loop control variables using pre-increment (`++i`) or pre-decrement (`--i`) operators with their post-increment (`i++`) or post-decrement (`i++`) notation equivalents.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ForLoopIncrementInUpdate,`for` loop counters incremented in update,The increment should be moved to the loop's increment clause if possible. Placing the counter update in the loop body rather than the update clause obscures the loop's control flow and makes it harder to reason about termination.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.HiddenField,Hidden field,"Refactor local variables or parameters which shadow a field defined in the same class. Shadowing a field with a local variable of the same name makes it easy to accidentally reference the wrong one, leading to confusing bugs.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.HideUtilityClassConstructor,Hide utility class constructor,"Ensures utility classes (classes containing only static methods or fields in their API) do not have a public constructor. Instantiating a utility class is almost certainly a mistake, and a private constructor makes that intent clear while preventing misuse.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.IndexOfChecksShouldUseAStartPosition,"Use `indexOf(String, int)`","Replaces `indexOf(String)` in binary operations if the compared value is an int and not less than 1. Using the two-argument `indexOf(String, int)` form with a start position avoids redundantly scanning the beginning of the string when you already know the match must occur after a certain index.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.IndexOfReplaceableByContains,`indexOf()` replaceable by `contains()`,Checking if a value is included in a `String` or `List` using `indexOf(value)>-1` or `indexOf(value)>=0` can be replaced with `contains(value)`. Using `contains()` expresses the intent more directly and avoids the mental overhead of interpreting index comparisons.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.IndexOfShouldNotCompareGreaterThanZero,`indexOf` should not compare greater than zero,"Replaces `String#indexOf(String) > 0` and `List#indexOf(Object) > 0` with `>=1`. Checking `indexOf` against `>0` ignores the first element, whereas `>-1` is inclusive of the first element. For clarity, `>=1` is used, because `>0` and `>=1` are semantically equal. Using `>0` may appear to be a mistake with the intent of including all elements. If the intent is to check whether a value in included in a `String` or `List`, the `String#contains(String)` or `List#contains(Object)` methods may be better options altogether.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.InlineVariable,Inline variable,Inline variables when they are immediately used to return or throw. Supports both variable declarations and assignments to local variables. A variable that is declared only to be returned or thrown on the very next line adds an unnecessary level of indirection without improving readability.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.InstanceOfPatternMatch,Changes code to use Java 17's `instanceof` pattern matching,"Adds pattern variables to `instanceof` expressions wherever the same (side effect free) expression is referenced in a corresponding type cast expression within the flow scope of the `instanceof`. Currently, this recipe supports `if` statements and ternary operator expressions. Pattern matching for `instanceof` collapses the type check, cast, and variable declaration into a single expression, reducing boilerplate and eliminating the risk of an incorrect cast.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.InterruptedExceptionHandling,Restore interrupted state in catch blocks,"When `InterruptedException` is caught, `Thread.currentThread().interrupt()` should be called to restore the thread's interrupted state. Failing to do so can suppress the interruption signal and prevent proper thread cancellation.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.IsEmptyCallOnCollections,Use `Collection#isEmpty()` instead of comparing `size()`,"Also check for _not_ `isEmpty()` when testing for not equal to zero size. Using `isEmpty()` communicates intent more clearly than comparing `size()` to zero, and for some collection implementations `isEmpty()` can be more efficient since `size()` may require traversal.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.LambdaBlockToExpression,Simplify lambda blocks to expressions,"Single-line statement lambdas returning a value can be replaced with expression lambdas. Expression-form lambdas are more concise and consistent with a functional programming style, making the code easier to scan.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.MaskCreditCardNumbers,Mask credit card numbers,"When encountering string literals which appear to be credit card numbers, mask the last eight digits with the letter 'X'.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.MemberNameCaseInsensitiveDuplicates,Members should not have names differing only by capitalization,"Looking at the set of methods and fields in a class and all of its parents, no two members should have names that differ only in capitalization. This rule will not report if a method overrides a parent method. Members with near-identical names are easily confused, leading to bugs where the wrong field or method is referenced.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.MinimumSwitchCases,`switch` statements should have at least 3 `case` clauses,"`switch` statements are useful when many code paths branch depending on the value of a single expression. For just one or two code paths, the code will be more readable with `if` statements. Using `switch` for trivial branching adds unnecessary syntactic overhead and obscures the simplicity of the logic.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.MissingOverrideAnnotation,Add missing `@Override` to overriding and implementing methods,"Adds `@Override` to methods overriding superclass methods or implementing interface methods. Annotating methods improves readability by showing the author's intent to override. Additionally, when annotated, the compiler will emit an error when a signature of the overridden method does not match the superclass method.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""ignoreAnonymousClassMethods"",""type"":""Boolean"",""displayName"":""Ignore methods in anonymous classes"",""description"":""When enabled, ignore missing annotations on methods which override methods when the class definition is within an anonymous class.""}]" -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ModifierOrder,Modifier order,Modifiers should be declared in the correct order as recommended by the JLS. Ordering modifiers consistently reduces cognitive load for developers who are accustomed to the standard sequence.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.MoveConditionsToWhile,Convert `while (true)` with initial `if` break to loop condition,Simplifies `while (true)` loops where the first statement is an `if` statement that only contains a `break`. The condition is inverted and moved to the loop condition for better readability.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.MultipleVariableDeclarations,No multiple variable declarations,"Places each variable declaration in its own statement and on its own line. Using one variable declaration per line encourages commenting and can increase readability. Multi-variable declarations also make it harder to track individual types and initializers, increasing the risk of subtle errors.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NeedBraces,Fix missing braces,"Adds missing braces around code such as single-line `if`, `for`, `while`, and `do-while` block bodies. Omitting braces can lead to dangling-statement bugs when additional lines are later added to a block without realizing they fall outside the control structure.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NestedEnumsAreNotStatic,Nested enums are not static,Remove static modifier from nested enum types since they are implicitly static. The redundant modifier adds visual noise and may mislead readers into thinking there is a non-static alternative.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NewStringBuilderBufferWithCharArgument,Change `StringBuilder` and `StringBuffer` character constructor argument to `String`,Instantiating a `StringBuilder` or a `StringBuffer` with a `Character` results in the `int` representation of the character being used for the initial size. This is almost never the developer's intent and silently produces a buffer with an arbitrary capacity instead of the expected initial content.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NoDoubleBraceInitialization,No double brace initialization,"Replace `List`, `Map`, and `Set` double brace initialization with an initialization block. Double brace initialization creates an anonymous inner class that holds a hidden reference to the enclosing instance, which can cause memory leaks and serialization issues.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NoEmptyCollectionWithRawType,"Use `Collections#emptyList()`, `emptyMap()`, and `emptySet()`","Replaces `Collections#EMPTY_...` with methods that return generic types. The raw-typed constant fields bypass generics checks, which can hide type mismatches that only surface as `ClassCastException` at runtime.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NoEqualityInForCondition,Use comparison rather than equality checks in for conditions,"Testing for loop termination using an equality operator (`==` and `!=`) is dangerous, because it could set up an infinite loop. Using a relational operator instead makes it harder to accidentally write an infinite loop.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NoFinalizedLocalVariables,Don't use final on local variables,Remove the `final` modifier keyword from local variables regardless of whether they are used within a local class or an anonymous class.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""excludeMethodParameters"",""type"":""Boolean"",""displayName"":""Exclude method parameters"",""description"":""If true, do not remove final from method parameters.""}]" -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NoFinalizer,Remove `finalize()` method,"Finalizers are deprecated. Use of `finalize()` can lead to performance issues, deadlocks, hangs, and other undesirable behavior.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NoPrimitiveWrappersForToStringOrCompareTo,No primitive wrappers for #toString() or #compareTo(..),Primitive wrappers should not be instantiated only for `#toString()` or `#compareTo(..)` invocations. Allocating a wrapper object just to call a method that has a static equivalent is wasteful; the static versions avoid the unnecessary object creation.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NoRedundantJumpStatements,Jump statements should not be redundant,"Jump statements such as return and continue let you change the default flow of program execution, but jump statements that direct the control flow to the original direction are just a waste of keystrokes.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NoToStringOnStringType,Unnecessary `String#toString`,Remove unnecessary `String#toString` invocations on objects which are already a string. Calling `toString()` on something that is already a `String` is redundant and clutters the code.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NoValueOfOnStringType,Unnecessary `String#valueOf(..)`,"Replace unnecessary `String#valueOf(..)` method invocations with the argument directly. This occurs when the argument to `String#valueOf(arg)` is a string literal, such as `String.valueOf(""example"")`. Or, when the `String#valueOf(..)` invocation is used in a concatenation, such as `""example"" + String.valueOf(""example"")`. The wrapping call is redundant since Java already performs the conversion implicitly in these contexts.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NullableOnMethodReturnType,Move `@Nullable` method annotations to the return type,This is the way the cool kids do it.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ObjectFinalizeCallsSuper,`finalize()` calls super,Overrides of `Object#finalize()` should call super. Skipping the super call can prevent parent classes from releasing critical system resources during garbage collection.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.OnlyCatchDeclaredExceptions,Replace `catch(Exception)` with specific declared exceptions thrown in the try block,"Replaces `catch(Exception e)` blocks with a multi-catch block (`catch (SpecificException1 | SpecificException2 e)`) containing only the exceptions declared thrown by method or constructor invocations within the `try` block that are not already caught by more specific `catch` clauses. Catching a broad `Exception` type can unintentionally swallow runtime exceptions that indicate programming errors, making bugs harder to detect and diagnose.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.OperatorWrap,Operator wrapping,Fixes line wrapping policies on operators.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""wrapOption"",""type"":""WrapOption"",""displayName"":""Operator wrapping style"",""description"":""The operator wrapping style to enforce, which may differ from the configured or detected style."",""example"":""NL"",""valid"":[""EOL"",""NL""]}]" -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.PreferEqualityComparisonOverDifferenceCheck,Prefer direct comparison of numbers,"Replace `a - b == 0` with `a == b`, `a - b != 0` with `a != b`, `a - b < 0` with `a < b`, and similar transformations for all comparison operators to improve readability and avoid overflow issues.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.PreferIncrementOperator,Prefer increment/decrement and compound assignment operators,"Prefer the use of increment and decrement operators (`++`, `--`, `+=`, `-=`) over their more verbose equivalents.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.PreferSystemGetPropertyOverGetenv,Prefer `System.getProperty("user.home")` over `System.getenv("HOME")`,Replaces `System.getenv("HOME")` with `System.getProperty("user.home")` for better portability.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.PrimitiveWrapperClassConstructorToValueOf,Use primitive wrapper `valueOf` method,"The constructor of all primitive types has been deprecated in favor of using the static factory method `valueOf` available for each of the primitive type wrappers. Using `valueOf` enables object caching for frequently used values, reducing unnecessary heap allocations.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RedundantFileCreation,Redundant file creation,Remove unnecessary intermediate creations of files.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReferentialEqualityToObjectEquals,Replace referential equality operators with Object equals method invocations when the operands both override `Object.equals(Object obj)`,"Using `==` or `!=` compares object references, not the equality of two objects. This modifies code where both sides of a binary operation (`==` or `!=`) override `Object.equals(Object obj)` except when the comparison is within an overridden `Object.equals(Object obj)` method declaration itself. The resulting transformation must be carefully reviewed since any modifications change the program's semantics. When a class defines its own notion of equality through `equals`, using reference comparison is almost always a bug that causes logically identical objects to be treated as different.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveCallsToObjectFinalize,Remove `Object.finalize()` invocations,"Remove calls to `Object.finalize()`. This method is called during garbage collection and calling it manually is misleading. Explicit finalize invocations can trigger resource cleanup prematurely while the object is still in use, leading to unpredictable behavior.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveCallsToSystemGc,Remove garbage collection invocations,Removes calls to `System.gc()` and `Runtime.gc()`. When to invoke garbage collection is best left to the JVM. Manual GC calls produce unpredictable results across different JVM implementations and can cause unnecessary application pauses.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveEmptyJavaDocParameters,"Remove JavaDoc `@param`, `@return`, and `@throws` with no description","Removes `@param`, `@return`, and `@throws` with no description from JavaDocs.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveExtraSemicolons,Remove extra semicolons,"Removes not needed semicolons. Semicolons are considered not needed: - * Optional semicolons at the end of try-with-resources, - * after the last enum value if no field or method is defined, - * no statement between two semicolon. - -Stray semicolons are typically typos or remnants of refactoring and can mislead readers into thinking a statement is present.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveHashCodeCallsFromArrayInstances,`hashCode()` should not be called on array instances,"Replace `hashCode()` calls on arrays with `Arrays.hashCode()` because the results from `hashCode()` are not helpful. Arrays inherit `hashCode()` from `Object`, which returns an identity-based value unrelated to the array contents, so two arrays with identical elements will produce different hash codes.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveInstanceOfPatternMatch,Removes from code Java 14's `instanceof` pattern matching,Adds an explicit variable declaration at the beginning of `if` statement instead of `instanceof` pattern matching.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveJavaDocAuthorTag,Remove author tags from JavaDocs,Removes author tags from JavaDocs to reduce code maintenance.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveMethodsOnlyCallSuper,Remove methods that only call super,Methods that override a parent method but only call `super` with the same arguments are redundant and should be removed.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveRedundantNullCheckBeforeInstanceof,Remove redundant null checks before instanceof,Removes redundant null checks before instanceof operations since instanceof returns false for null. Removing the extra check simplifies the conditional and makes the null-safety guarantee of `instanceof` more visible to readers.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveRedundantNullCheckBeforeLiteralEquals,Remove redundant null checks before literal equals,"Removes redundant null checks before `equals()` comparisons when the receiver is a literal string, since literals can never be null and `equals()` returns false for null arguments.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveRedundantTypeCast,Remove redundant casts,"Removes unnecessary type casts. Does not currently check casts in lambdas and class constructors. Redundant casts add visual noise and can obscure the actual type relationships in the code, making it harder to follow the data flow.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveSystemOutPrintln,Remove `System.out#println` statements,"Print statements are often left accidentally after debugging an issue. This recipe removes all `System.out#println` and `System.err#println` statements from the code. Production code should use a proper logging framework which provides consistent formatting, configurable log levels, and centralized output control.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveToStringCallsFromArrayInstances,Remove `toString()` calls on arrays,"The result from `toString()` calls on arrays is largely useless. The output does not actually reflect the contents of the array. `Arrays.toString(array)` should be used instead as it gives the contents of the array. Since arrays do not override `toString()` from `Object`, calling it produces only the type name and memory address, which is rarely what was intended.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveUnneededAssertion,Remove unneeded assertions,"Remove unneeded assertions like `assert true`, `assertTrue(true)`, or `assertFalse(false)`.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveUnneededBlock,Remove unneeded block,"Flatten blocks into inline statements when possible. Unnecessary nested blocks add indentation and scope boundaries that obscure the control flow, often indicating code that should be extracted into its own method.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveUnusedLabels,Remove unused labels,Remove labels that are not referenced by any `break` or `continue` statement.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveUnusedLocalVariables,Remove unused local variables,"If a local variable is declared but not used, it is dead code and should be removed. Unused variables increase cognitive load for readers who must determine whether the variable matters, and they may signal incomplete implementations or missed refactoring.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""ignoreVariablesNamed"",""type"":""String[]"",""displayName"":""Ignore matching variable names"",""description"":""An array of variable identifier names for local variables to ignore, even if the local variable is unused."",""example"":""[unused, notUsed, IGNORE_ME]""},{""name"":""withType"",""type"":""String"",""displayName"":""Only remove variables of a given type"",""description"":""A fully qualified class name. Only unused local variables whose type matches this will be removed. If empty or not set, all unused local variables are considered for removal."",""example"":""java.lang.String""},{""name"":""withSideEffects"",""type"":""Boolean"",""displayName"":""Remove unused local variables with side effects in initializer"",""description"":""Whether to remove unused local variables despite side effects in the initializer. Default false.""}]" -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveUnusedPrivateFields,Remove unused private fields,"If a private field is declared but not used in the program, it can be considered dead code and should therefore be removed. Dead fields clutter the class, increase its memory footprint, and can mislead developers into thinking they are part of the class's behavior.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveUnusedPrivateMethods,Remove unused private methods,`private` methods that are never executed are dead code and should be removed. Keeping unreachable methods around adds maintenance burden and can give a false impression of the class's capabilities.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RenameExceptionInEmptyCatch,Rename caught exceptions in empty catch blocks to `ignored`,Renames caught exceptions in empty catch blocks to `ignored`. `ignored` will be incremented by 1 if a namespace conflict exists.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RenameLocalVariablesToCamelCase,Reformat local variable names to camelCase,"Reformat local variable and method parameter names to camelCase to comply with Java naming convention. The recipe will not rename variables declared in for loop controls or catches with a single character. The first character is set to lower case and existing capital letters are preserved. Special characters that are allowed in java field names `$` and `_` are removed (unless the name starts with one). If a special character is removed the next valid alphanumeric will be capitalized. Currently, does not support renaming members of classes. The recipe will not rename a variable if the result already exists in the class, conflicts with a java reserved keyword, or the result is blank. Consistent naming conventions improve readability and reduce friction when navigating unfamiliar code.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RenameMethodsNamedHashcodeEqualOrToString,"Rename methods named `hashcode`, `equal`, or `tostring`","Methods should not be named `hashcode`, `equal`, or `tostring`. Any of these are confusing as they appear to be intended as overridden methods from the `Object` base class, despite being case-insensitive. These near-miss names are almost certainly spelling mistakes that silently introduce a new method instead of overriding the intended one.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RenamePrivateFieldsToCamelCase,Reformat private field names to camelCase,"Reformat private field names to camelCase to comply with Java naming convention. The recipe will not rename fields with default, protected or public access modifiers. The recipe will not rename private constants. The first character is set to lower case and existing capital letters are preserved. Special characters that are allowed in java field names `$` and `_` are removed. If a special character is removed the next valid alphanumeric will be capitalized. The recipe will not rename a field if the result already exists in the class, conflicts with a java reserved keyword, or the result is blank. Consistent naming conventions improve code readability and help developers quickly understand the purpose and scope of fields.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReorderAnnotationAttributes,Reorder annotation attributes alphabetically,Reorder annotation attributes to be alphabetical. Positional arguments (those without explicit attribute names) are left in their original position.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReorderAnnotations,Reorder annotations alphabetically,Consistently order annotations by comparing their simple name.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceClassIsInstanceWithInstanceof,Replace `A.class.isInstance(a)` with `a instanceof A`,"There should be no `A.class.isInstance(a)`, it should be replaced by `a instanceof A`. Using `instanceof` enables the compiler to catch type incompatibilities at compile time rather than silently passing at runtime, which helps detect dead code early.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceDuplicateStringLiterals,Replace duplicate `String` literals,"Replaces `String` literals with a length of 5 or greater repeated a minimum of 3 times. Qualified `String` literals include final Strings, method invocations, and new class invocations. Adds a new `private static final String` or uses an existing equivalent class field. A new variable name will be generated based on the literal value if an existing field does not exist. The generated name will append a numeric value to the variable name if a name already exists in the compilation unit. Centralizing repeated string values into constants makes refactoring safer and reduces the risk of inconsistent updates.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""includeTestSources"",""type"":""Boolean"",""displayName"":""Apply recipe to test source set"",""description"":""Changes only apply to main by default. `includeTestSources` will apply the recipe to `test` source files.""}]" +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SingleLineCommentSpacing,Add space after // in single-line comments,Ensures there is exactly one space after // in single-line comments when missing.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceCollectionToArrayArgWithEmptyArray,Use Empty Array for `Collection.toArray()`,"Changes new array creation with `Collection#toArray(T[])` to use an empty array argument, which is better for performance. According to the `Collection#toArray(T[])` documentation: @@ -125,50 +42,85 @@ According to the `Collection#toArray(T[])` documentation: However, although it's not intuitive, allocating a right-sized array ahead of time to pass to the API appears to be [generally worse for performance](https://shipilev.net/blog/2016/arrays-wisdom-ancients/#_conclusion) according to benchmarking and JVM developers due to a number of implementation details in both Java and the virtual machine. H2 achieved significant performance gains by [switching to empty arrays instead pre-sized ones](https://github.com/h2database/h2database/issues/311).",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceDeprecatedRuntimeExecMethods,Replace deprecated `Runtime#exec()` methods,Replace `Runtime#exec(String)` methods to use `exec(String[])` instead because the former is deprecated after Java 18 and is no longer recommended for use by the Java documentation.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceDuplicateStringLiterals,Replace duplicate `String` literals,"Replaces `String` literals with a length of 5 or greater repeated a minimum of 3 times. Qualified `String` literals include final Strings, method invocations, and new class invocations. Adds a new `private static final String` or uses an existing equivalent class field. A new variable name will be generated based on the literal value if an existing field does not exist. The generated name will append a numeric value to the variable name if a name already exists in the compilation unit. Centralizing repeated string values into constants makes refactoring safer and reduces the risk of inconsistent updates.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""includeTestSources"",""type"":""Boolean"",""displayName"":""Apply recipe to test source set"",""description"":""Changes only apply to main by default. `includeTestSources` will apply the recipe to `test` source files.""}]" -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceLambdaWithMethodReference,Use method references in lambda,"Replaces the single statement lambdas `o -> o instanceOf X`, `o -> (A) o`, `o -> System.out.println(o)`, `o -> o != null`, `o -> o == null` with the equivalent method reference. Method references are often more concise and readable than their lambda equivalents, making the code's intent clearer at a glance.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyTernaryRecipes$SimplifyTernaryFalseTrueRecipe,Replace `booleanExpression ? false : true` with `!booleanExpression`,Replace ternary expressions like `booleanExpression ? false : true` with `!booleanExpression`.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.FinalizeMethodArguments,Finalize method arguments,Adds the `final` modifier keyword to method parameters.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceOptionalIsPresentWithIfPresent,Replace `Optional#isPresent()` with `Optional#ifPresent()`,Replace `Optional#isPresent()` with `Optional#ifPresent()`. Please note that this recipe is only suitable for if-blocks that lack an Else-block and have a single condition applied.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceRedundantFormatWithPrintf,Replace redundant String format invocations that are wrapped with PrintStream operations,"Replaces `PrintStream.print(String.format(format, ...args))` with `PrintStream.printf(format, ...args)` (and for `println`, appends a newline to the format string).",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceStringConcatenationWithStringValueOf,Replace String concatenation with `String.valueOf()`,"Replace inefficient string concatenation patterns like `"""" + ...` with `String.valueOf(...)`. This improves code readability and may have minor performance benefits. The empty string prefix `"""" +` is an indirect way to convert a value to a `String`, while `String.valueOf()` clearly communicates the conversion intent.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.StringLiteralEquality,Use `String.equals()` on `String` literals,"`String.equals()` should be used when checking value equality on String literals. Using `==` or `!=` compares object references, not the actual value of the Strings. This only modifies code where at least one side of the binary operation (`==` or `!=`) is a String literal, such as `""someString"" == someVariable;`. This is to prevent inadvertently changing code where referential equality is the user's intent. Reference equality on strings is fragile because it depends on JVM string interning behavior, which can vary across runtimes and is not guaranteed for dynamically constructed strings.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseStringReplace,Use `String::replace()` when first parameter is not a real regular expression,"When `String::replaceAll` is used, the first argument should be a real regular expression. If it’s not the case, `String::replace` does exactly the same thing as `String::replaceAll` without the performance drawback of the regex.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.AddSerialAnnotationToSerialVersionUID,Add `@Serial` annotation to `serialVersionUID`,Annotate any `serialVersionUID` fields with `@Serial` to indicate it's part of the serialization mechanism.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RenameExceptionInEmptyCatch,Rename caught exceptions in empty catch blocks to `ignored`,Renames caught exceptions in empty catch blocks to `ignored`. `ignored` will be incremented by 1 if a namespace conflict exists.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RenameMethodsNamedHashcodeEqualOrToString,"Rename methods named `hashcode`, `equal`, or `tostring`","Methods should not be named `hashcode`, `equal`, or `tostring`. Any of these are confusing as they appear to be intended as overridden methods from the `Object` base class, despite being case-insensitive. These near-miss names are almost certainly spelling mistakes that silently introduce a new method instead of overriding the intended one.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseObjectNotifyAll,Replaces `Object.notify()` with `Object.notifyAll()`,"`Object.notifyAll()` and `Object.notify()` both wake up sleeping threads, but `Object.notify()` only rouses one while `Object.notifyAll()` rouses all of them. Since `Object.notify()` might not wake up the right thread, `Object.notifyAll()` should be used instead. See [this](https://wiki.sei.cmu.edu/confluence/display/java/THI02-J.+Notify+all+waiting+threads+rather+than+a+single+thread) for more information. Using `notify()` in a multi-waiter scenario risks leaving threads permanently stalled when the wrong one is awakened.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.InterruptedExceptionHandling,Restore interrupted state in catch blocks,"When `InterruptedException` is caught, `Thread.currentThread().interrupt()` should be called to restore the thread's interrupted state. Failing to do so can suppress the interruption signal and prevent proper thread cancellation.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.DeclarationSiteTypeVariance,Properly use declaration-site type variance,"Currently, Java requires use-site type variance, so if someone has `Function` method parameter, it should rather be `Function`. Unfortunately, it is not easy to notice that `? super` and `? extends` is missing, so this recipe adds it where that would improve the situation.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""variantTypes"",""type"":""List"",""displayName"":""Variant types"",""description"":""A list of well-known classes that have in/out type variance."",""example"":""java.util.function.Function"",""required"":true},{""name"":""excludedBounds"",""type"":""List"",""displayName"":""Excluded bounds"",""description"":""A list of bounds that should not receive explicit variance. Globs supported."",""example"":""java.lang.*""},{""name"":""excludeFinalClasses"",""type"":""Boolean"",""displayName"":""Exclude final classes"",""description"":""If true, do not add `? extends` variance to final classes. `? super` variance will be added regardless of finality.""}]" +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NoEmptyCollectionWithRawType,"Use `Collections#emptyList()`, `emptyMap()`, and `emptySet()`","Replaces `Collections#EMPTY_...` with methods that return generic types. The raw-typed constant fields bypass generics checks, which can hide type mismatches that only surface as `ClassCastException` at runtime.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReorderAnnotationAttributes,Reorder annotation attributes alphabetically,Reorder annotation attributes to be alphabetical. Positional arguments (those without explicit attribute names) are left in their original position.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveRedundantTypeCast,Remove redundant casts,"Removes unnecessary type casts. Does not currently check casts in lambdas and class constructors. Redundant casts add visual noise and can obscure the actual type relationships in the code, making it harder to follow the data flow.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.URLEqualsHashCodeRecipes$URLEqualsRecipe,URL Equals,"Uses of `equals()` cause `java.net.URL` to make blocking internet connections. Instead, use `java.net.URI`.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveUnusedLocalVariables,Remove unused local variables,"If a local variable is declared but not used, it is dead code and should be removed. Unused variables increase cognitive load for readers who must determine whether the variable matters, and they may signal incomplete implementations or missed refactoring.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""ignoreVariablesNamed"",""type"":""String[]"",""displayName"":""Ignore matching variable names"",""description"":""An array of variable identifier names for local variables to ignore, even if the local variable is unused."",""example"":""[unused, notUsed, IGNORE_ME]""},{""name"":""withType"",""type"":""String"",""displayName"":""Only remove variables of a given type"",""description"":""A fully qualified class name. Only unused local variables whose type matches this will be removed. If empty or not set, all unused local variables are considered for removal."",""example"":""java.lang.String""},{""name"":""withSideEffects"",""type"":""Boolean"",""displayName"":""Remove unused local variables with side effects in initializer"",""description"":""Whether to remove unused local variables despite side effects in the initializer. Default false.""}]" +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SortedSetStreamToLinkedHashSet,Sorted set stream should be collected to LinkedHashSet,Converts `set.stream().sorted().collect(Collectors.toSet())` to `set.stream().sorted().collect(LinkedHashSet::new)`.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NoEqualityInForCondition,Use comparison rather than equality checks in for conditions,"Testing for loop termination using an equality operator (`==` and `!=`) is dangerous, because it could set up an infinite loop. Using a relational operator instead makes it harder to accidentally write an infinite loop.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyBooleanReturn,Simplify boolean return,"Simplifies Boolean expressions by removing redundancies. For example, `a && true` simplifies to `a`. Wrapping a boolean expression in an if-then-else just to return `true` or `false` adds unnecessary control flow that obscures the straightforward intent of the expression.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyForLoopBoundaryComparison,Simplify for loop boundary comparisons,"Replace `<=` with `<` in for loop conditions by adjusting the comparison operands. For example, `i <= n - 1` simplifies to `i < n`, and `i <= n` becomes `i < n + 1`.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.LowercasePackage,Rename packages to lowercase,"By convention all Java package names should contain only lowercase letters, numbers, and dashes. This recipe converts any uppercase letters in package names to be lowercase. Consistent package naming prevents confusion and potential issues on case-insensitive file systems.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceStackWithDeque,Replace `java.util.Stack` with `java.util.Deque`,"From the Javadoc of `Stack`: > A more complete and consistent set of LIFO stack operations is provided by the Deque interface and its implementations, which should be used in preference to this class. `Stack` inherits from `Vector`, which carries unnecessary synchronization overhead in single-threaded contexts and exposes non-stack operations like random index access.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceStringBuilderWithString,Replace `StringBuilder#append` with `String`,"Replace `StringBuilder.append()` with String if you are only concatenating a small number of strings and the code is simple and easy to read, as the compiler can optimize simple string concatenation expressions into a single String object, which can be more efficient than using StringBuilder.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceStringConcatenationWithStringValueOf,Replace String concatenation with `String.valueOf()`,"Replace inefficient string concatenation patterns like `"""" + ...` with `String.valueOf(...)`. This improves code readability and may have minor performance benefits. The empty string prefix `"""" +` is an indirect way to convert a value to a `String`, while `String.valueOf()` clearly communicates the conversion intent.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceTextBlockWithString,Replace text block with regular string,Replace text block with a regular multi-line string. Text blocks that fit on a single line without concatenation or escaped newlines gain no readability benefit from the triple-quote syntax and are clearer as plain string literals.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceValidateNotNullHavingVarargsWithObjectsRequireNonNull,Replace `org.apache.commons.lang3.Validate#notNull` with `Objects#requireNonNull`,"Replace `org.apache.commons.lang3.Validate.notNull(Object, String, Object[])` with `Objects.requireNonNull(Object, String)`.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceWeekYearWithYear,Week Year (YYYY) should not be used for date formatting,"For most dates Week Year (YYYY) and Year (yyyy) yield the same results. However, on the last week of December and the first week of January, Week Year could produce unexpected results. This is a common source of off-by-one-year bugs that typically only manifest around New Year's Eve, making them difficult to catch during development and testing.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SillyEqualsCheck,Silly equality checks should not be made,Detects `.equals()` calls that compare incompatible types and will always return `false`. Replaces `.equals(null)` with `== null` and array `.equals()` with `Arrays.equals()`. Flags comparisons between unrelated types or between arrays and non-arrays.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyArraysAsList,Simplify `Arrays.asList(..)` with varargs,"Simplifies `Arrays.asList()` method calls that use explicit array creation to use varargs instead. For example, `Arrays.asList(new String[]{""a"", ""b"", ""c""})` becomes `Arrays.asList(""a"", ""b"", ""c"")`. Explicitly constructing an array to pass to a varargs parameter adds visual clutter without changing behavior, since the compiler generates the array automatically.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyBooleanExpression,Simplify boolean expression,"Checks for overly complicated boolean expressions, such as `if (b == true)`, `b || true`, `!false`, etc. Needlessly complex boolean logic makes code harder to reason about and increases the chance of introducing errors during future modifications.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyBooleanExpressionWithDeMorgan,Simplify boolean expressions using De Morgan's laws,"Applies De Morgan's laws to simplify boolean expressions with negation. Transforms `!(a && b)` to `!a || !b` and `!(a || b)` to `!a && !b`. Distributing negations inward eliminates the outer `!` and makes each individual condition's polarity immediately visible, which aids comprehension.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyBooleanReturn,Simplify boolean return,"Simplifies Boolean expressions by removing redundancies. For example, `a && true` simplifies to `a`. Wrapping a boolean expression in an if-then-else just to return `true` or `false` adds unnecessary control flow that obscures the straightforward intent of the expression.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyCompoundStatement,Simplify compound statement,"Fixes or removes useless compound statements. For example, removing `b &= true`, and replacing `b &= false` with `b = false`.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ControlFlowIndentation,Control flow statement indentation,"Program flow control statements like `if`, `while`, and `for` can omit curly braces when they apply to only a single statement. This recipe ensures that any statements which follow that statement are correctly indented to show they are not part of the flow control statement. Misleading indentation can give the false impression that a line executes conditionally when it actually runs unconditionally, which is a common source of logic errors.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveUnneededBlock,Remove unneeded block,"Flatten blocks into inline statements when possible. Unnecessary nested blocks add indentation and scope boundaries that obscure the control flow, often indicating code that should be extracted into its own method.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyConsecutiveAssignments,Simplify consecutive assignments,Combine consecutive assignments into a single statement where possible.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyConstantIfBranchExecution,Simplify constant if branch execution,Checks for if expressions that are always `true` or `false` and simplifies them. Branches that can never execute are dead code that misleads readers and may mask logic errors introduced during refactoring.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyDurationCreationUnits,Simplify `java.time.Duration` units,Simplifies `java.time.Duration` units to be more human-readable.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyElseBranch,Simplify `else` branch if it only has a single `if`,Simplify `else` branch if it only has a single `if`.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyForLoopBoundaryComparison,Simplify for loop boundary comparisons,"Replace `<=` with `<` in for loop conditions by adjusting the comparison operands. For example, `i <= n - 1` simplifies to `i < n`, and `i <= n` becomes `i < n + 1`.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyTernaryRecipes,Simplify ternary expressions,Simplifies various types of ternary expressions to improve code readability. Ternaries that simply select between `true` and `false` are redundant wrappers around the condition itself and add unnecessary complexity.,3,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyTernaryRecipes$SimplifyTernaryFalseTrueRecipe,Replace `booleanExpression ? false : true` with `!booleanExpression`,Replace ternary expressions like `booleanExpression ? false : true` with `!booleanExpression`.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyTernaryRecipes$SimplifyTernaryTrueFalseRecipe,Replace `booleanExpression ? true : false` with `booleanExpression`,Replace ternary expressions like `booleanExpression ? true : false` with `booleanExpression`.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SingleLineCommentSpacing,Add space after // in single-line comments,Ensures there is exactly one space after // in single-line comments when missing.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SortedSetStreamToLinkedHashSet,Sorted set stream should be collected to LinkedHashSet,Converts `set.stream().sorted().collect(Collectors.toSet())` to `set.stream().sorted().collect(LinkedHashSet::new)`.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.StaticAccessViaInstance,Static members should be accessed via the class name,Accessing static fields or calling static methods on an instance reference is misleading. Static members should be accessed using the declaring class name instead.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.StaticMethodNotFinal,Static methods need not be final,Static methods do not need to be declared final because they cannot be overridden. Redundant modifiers add noise to the code and can suggest a misunderstanding of the language's dispatch model.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.StringLiteralEquality,Use `String.equals()` on `String` literals,"`String.equals()` should be used when checking value equality on String literals. Using `==` or `!=` compares object references, not the actual value of the Strings. This only modifies code where at least one side of the binary operation (`==` or `!=`) is a String literal, such as `""someString"" == someVariable;`. This is to prevent inadvertently changing code where referential equality is the user's intent. Reference equality on strings is fragile because it depends on JVM string interning behavior, which can vary across runtimes and is not guaranteed for dynamically constructed strings.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.TernaryOperatorsShouldNotBeNested,Ternary operators should not be nested,"Nested ternary operators can be hard to read quickly. Prefer simpler constructs for improved readability. If supported, this recipe will try to replace nested ternaries with switch expressions. Deeply nested conditional expressions obscure the branching logic and make it easy to misread which value corresponds to which condition.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.TypecastParenPad,Typecast parenthesis padding,"Fixes whitespace padding between a typecast type identifier and the enclosing left and right parentheses. For example, when configured to remove spacing, `( int ) 0L;` becomes `(int) 0L;`.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.URLEqualsHashCodeRecipes,URL Equals and Hash Code,"Uses of `equals()` and `hashCode()` cause `java.net.URL` to make blocking internet connections. Instead, use `java.net.URI`.",3,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.URLEqualsHashCodeRecipes$URLEqualsRecipe,URL Equals,"Uses of `equals()` cause `java.net.URL` to make blocking internet connections. Instead, use `java.net.URI`.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.URLEqualsHashCodeRecipes$URLHashCodeRecipe,URL Hash Code,"Uses of `hashCode()` cause `java.net.URL` to make blocking internet connections. Instead, use `java.net.URI`.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.BigDecimalRoundingConstantsToEnums,`BigDecimal` rounding constants to `RoundingMode` enums,Convert `BigDecimal` rounding constants to the equivalent `RoundingMode` enum. The integer-based rounding constants on `BigDecimal` are deprecated and lack type safety; the `RoundingMode` enum makes the rounding behavior self-documenting and prevents invalid values.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.BufferedWriterCreationRecipes$BufferedWriterFromNewFileWriterWithFileAndBooleanArgumentsRecipe,"Convert `new BufferedWriter(new FileWriter(File, boolean))` to `Files.newBufferedWriter(Path, StandardOpenOption)`","Convert `new BufferedWriter(new FileWriter(f, b))` to `Files.newBufferedWriter(f.toPath(), b ? StandardOpenOption.APPEND : StandardOpenOption.CREATE)`.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NoToStringOnStringType,Unnecessary `String#toString`,Remove unnecessary `String#toString` invocations on objects which are already a string. Calling `toString()` on something that is already a `String` is redundant and clutters the code.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.FinalClass,Finalize classes with private constructors,"Adds the `final` modifier to classes that expose no public or package-private constructors. If a class cannot be instantiated from the outside, marking it `final` communicates that it was not designed for inheritance and prevents accidental subclassing.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.FallThrough,Fall through,"Checks for fall-through in switch statements, adding `break` statements in locations where a case contains Java code but does not have a `break`, `return`, `throw`, or `continue` statement. Unintentional fall-through is a common source of bugs, as execution silently continues into the next case branch.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.MethodNameCasing,Standardize method name casing,"Fixes method names that do not follow standard naming conventions. For example, `String getFoo_bar()` would be adjusted to `String getFooBar()` and `int DoSomething()` would be adjusted to `int doSomething()`. Following a consistent casing convention for method names improves code readability and helps developers quickly distinguish methods from classes or constants.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""includeTestSources"",""type"":""Boolean"",""displayName"":""Apply recipe to test source set"",""description"":""Changes only apply to main by default. `includeTestSources` will apply the recipe to `test` source files.""},{""name"":""renamePublicMethods"",""type"":""Boolean"",""displayName"":""Rename public methods"",""description"":""Changes are not applied to public methods unless specified.""}]" +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UpperCaseLiteralSuffixes,Upper case literal suffixes,"Using upper case literal suffixes for declaring literals is less ambiguous, e.g., `1l` versus `1L`. A lowercase `l` is easily mistaken for the digit `1` in many fonts, which can lead to incorrect assumptions about the value.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.AddSerialVersionUidToSerializable,Add `serialVersionUID` to a `Serializable` class when missing,"A `serialVersionUID` field is strongly recommended in all `Serializable` classes. If this is not defined on a `Serializable` class, the compiler will generate this value. If a change is later made to the class, the generated value will change and attempts to deserialize the class will fail. Explicitly declaring this field gives you control over binary compatibility across versions.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""uid"",""type"":""String"",""displayName"":""New serial version UID"",""description"":""Value of the added serial version UID."",""example"":""42L""}]" maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UnnecessaryCatch,Remove catch for a checked exception if the try block does not throw that exception,A refactoring operation may result in a checked exception that is no longer thrown from a `try` block. This recipe will find and remove unnecessary catch blocks.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""includeJavaLangException"",""type"":""boolean"",""displayName"":""Include `java.lang.Exception`"",""description"":""Whether to include `java.lang.Exception` in the list of checked exceptions to remove. Unlike other checked exceptions, `java.lang.Exception` is also the superclass of unchecked exceptions. So removing `catch(Exception e)` may result in changed runtime behavior in the presence of unchecked exceptions. Default `false`"",""value"":false},{""name"":""includeJavaLangThrowable"",""type"":""boolean"",""displayName"":""Include `java.lang.Throwable`"",""description"":""Whether to include `java.lang.Throwable` in the list of exceptions to remove. Unlike other checked exceptions, `java.lang.Throwable` is also the superclass of unchecked exceptions. So removing `catch(Throwable e)` may result in changed runtime behavior in the presence of unchecked exceptions. Default `false`"",""value"":false}]" +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.PreferEqualityComparisonOverDifferenceCheck,Prefer direct comparison of numbers,"Replace `a - b == 0` with `a == b`, `a - b != 0` with `a != b`, `a - b < 0` with `a < b`, and similar transformations for all comparison operators to improve readability and avoid overflow issues.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.CovariantEquals,Covariant equals,"Checks that classes and records which define a covariant `equals()` method also override method `equals(Object)`. Covariant `equals()` means a method that is similar to `equals(Object)`, but with a covariant parameter type (any subtype of `Object`). Without a proper `equals(Object)` override, collections and other framework code that rely on the standard signature will silently use `Object.equals`, leading to incorrect behavior.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.InstanceOfPatternMatch,Changes code to use Java 17's `instanceof` pattern matching,"Adds pattern variables to `instanceof` expressions wherever the same (side effect free) expression is referenced in a corresponding type cast expression within the flow scope of the `instanceof`. Currently, this recipe supports `if` statements and ternary operator expressions. Pattern matching for `instanceof` collapses the type check, cast, and variable declaration into a single expression, reducing boilerplate and eliminating the risk of an incorrect cast.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NullableOnMethodReturnType,Move `@Nullable` method annotations to the return type,This is the way the cool kids do it.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ForLoopIncrementInUpdate,`for` loop counters incremented in update,The increment should be moved to the loop's increment clause if possible. Placing the counter update in the loop body rather than the update clause obscures the loop's control flow and makes it harder to reason about termination.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NoPrimitiveWrappersForToStringOrCompareTo,No primitive wrappers for #toString() or #compareTo(..),Primitive wrappers should not be instantiated only for `#toString()` or `#compareTo(..)` invocations. Allocating a wrapper object just to call a method that has a static equivalent is wasteful; the static versions avoid the unnecessary object creation.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveSystemOutPrintln,Remove `System.out#println` statements,"Print statements are often left accidentally after debugging an issue. This recipe removes all `System.out#println` and `System.err#println` statements from the code. Production code should use a proper logging framework which provides consistent formatting, configurable log levels, and centralized output control.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveJavaDocAuthorTag,Remove author tags from JavaDocs,Removes author tags from JavaDocs to reduce code maintenance.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyArraysAsList,Simplify `Arrays.asList(..)` with varargs,"Simplifies `Arrays.asList()` method calls that use explicit array creation to use varargs instead. For example, `Arrays.asList(new String[]{""a"", ""b"", ""c""})` becomes `Arrays.asList(""a"", ""b"", ""c"")`. Explicitly constructing an array to pass to a varargs parameter adds visual clutter without changing behavior, since the compiler generates the array automatically.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NewStringBuilderBufferWithCharArgument,Change `StringBuilder` and `StringBuffer` character constructor argument to `String`,Instantiating a `StringBuilder` or a `StringBuffer` with a `Character` results in the `int` representation of the character being used for the initial size. This is almost never the developer's intent and silently produces a buffer with an arbitrary capacity instead of the expected initial content.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RenamePrivateFieldsToCamelCase,Reformat private field names to camelCase,"Reformat private field names to camelCase to comply with Java naming convention. The recipe will not rename fields with default, protected or public access modifiers. The recipe will not rename private constants. The first character is set to lower case and existing capital letters are preserved. Special characters that are allowed in java field names `$` and `_` are removed. If a special character is removed the next valid alphanumeric will be capitalized. The recipe will not rename a field if the result already exists in the class, conflicts with a java reserved keyword, or the result is blank. Consistent naming conventions improve code readability and help developers quickly understand the purpose and scope of fields.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseAsBuilder,Chain calls to builder methods,Chain calls to builder methods that are on separate lines into one chain of builder calls.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""builderType"",""type"":""String"",""displayName"":""Builder Type"",""description"":""Fully qualified name of the Builder"",""example"":""org.example.Buildable.Builder"",""required"":true},{""name"":""immutable"",""type"":""Boolean"",""displayName"":""Immutable state"",""description"":""The builder is immutable if you must assign the result of calls to intermediate variables or use directly. Defaults to true as many purpose-built builders will be immutable.""},{""name"":""builderCreator"",""type"":""String"",""displayName"":""Builder creator method"",""description"":""The method that creates the builder instance, which may not be a method of the builder itself."",""example"":""org.example.Buildable builder()""}]" +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.TypecastParenPad,Typecast parenthesis padding,"Fixes whitespace padding between a typecast type identifier and the enclosing left and right parentheses. For example, when configured to remove spacing, `( int ) 0L;` becomes `(int) 0L;`.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ExplicitLambdaArgumentTypes,Use explicit types on lambda arguments,"Adds explicit types on lambda arguments, which are otherwise optional. This can make the code clearer and easier to read. This does not add explicit types on arguments when the lambda has one or two parameters and does not have a block body, as things are considered more readable in those cases. For example, `stream.map((a, b) -> a.length);` will not have explicit types added.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceDeprecatedRuntimeExecMethods,Replace deprecated `Runtime#exec()` methods,Replace `Runtime#exec(String)` methods to use `exec(String[])` instead because the former is deprecated after Java 18 and is no longer recommended for use by the Java documentation.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NoRedundantJumpStatements,Jump statements should not be redundant,"Jump statements such as return and continue let you change the default flow of program execution, but jump statements that direct the control flow to the original direction are just a waste of keystrokes.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UnnecessaryCloseInTryWithResources,Unnecessary close in try-with-resources,"Remove unnecessary `AutoCloseable#close()` statements in try-with-resources. Try-with-resources already guarantees that each declared resource is closed when the block exits, so an explicit `close()` call is redundant and can be confusing.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UnnecessaryExplicitTypeArguments,Unnecessary explicit type arguments,"When explicit type arguments are inferable by the compiler, they may be removed.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UnnecessaryParentheses,Remove unnecessary parentheses,"Removes unnecessary parentheses from code where extra parentheses pairs are redundant. Redundant parentheses add visual noise and can obscure the actual structure of an expression, making code harder to read at a glance.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UnnecessaryPrimitiveAnnotations,Remove `@Nullable` and `@CheckForNull` annotations from primitives,"Primitives can't be null anyway, so these annotations are not useful in this context. Leaving them in place gives the false impression that a null value is possible, which can confuse readers and static analysis tools alike.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UnnecessaryReturnAsLastStatement,Unnecessary `return` as last statement in void method,Removes `return` from a `void` method if it's the last statement. A trailing `return` in a void method has no effect on control flow and is just noise that distracts from the meaningful logic.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.AbstractClassPublicConstructor,Constructors of an `abstract` class should not be declared `public`,"Constructors of `abstract` classes can only be called in constructors of their subclasses. Therefore the visibility of `public` constructors are reduced to `protected`. Declaring them `public` is misleading since it implies they could be invoked directly, which is never possible.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.FinalizePrivateFields,Finalize private fields,Adds the `final` modifier keyword to private instance variables which are not reassigned.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReferentialEqualityToObjectEquals,Replace referential equality operators with Object equals method invocations when the operands both override `Object.equals(Object obj)`,"Using `==` or `!=` compares object references, not the equality of two objects. This modifies code where both sides of a binary operation (`==` or `!=`) override `Object.equals(Object obj)` except when the comparison is within an overridden `Object.equals(Object obj)` method declaration itself. The resulting transformation must be carefully reviewed since any modifications change the program's semantics. When a class defines its own notion of equality through `equals`, using reference comparison is almost always a bug that causes logically identical objects to be treated as different.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveUnusedPrivateMethods,Remove unused private methods,`private` methods that are never executed are dead code and should be removed. Keeping unreachable methods around adds maintenance burden and can give a false impression of the class's capabilities.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RenameLocalVariablesToCamelCase,Reformat local variable names to camelCase,"Reformat local variable and method parameter names to camelCase to comply with Java naming convention. The recipe will not rename variables declared in for loop controls or catches with a single character. The first character is set to lower case and existing capital letters are preserved. Special characters that are allowed in java field names `$` and `_` are removed (unless the name starts with one). If a special character is removed the next valid alphanumeric will be capitalized. Currently, does not support renaming members of classes. The recipe will not rename a variable if the result already exists in the class, conflicts with a java reserved keyword, or the result is blank. Consistent naming conventions improve readability and reduce friction when navigating unfamiliar code.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.HiddenField,Hidden field,"Refactor local variables or parameters which shadow a field defined in the same class. Shadowing a field with a local variable of the same name makes it easy to accidentally reference the wrong one, leading to confusing bugs.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UnwrapRepeatableAnnotations,Unwrap `@Repeatable` annotations,"Java 8 introduced the concept of `@Repeatable` annotations, making the wrapper annotation unnecessary. Using the repeatable form directly reduces nesting and makes the individual annotations easier to scan.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.WriteOctalValuesAsDecimal,Write octal values as decimal,"Developers may not recognize octal values as such, mistaking them instead for decimal values. Because a leading zero silently switches the literal to base-8, what looks like `010` actually represents `8`, which is a common source of subtle numeric bugs.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.BufferedWriterCreationRecipes$BufferedWriterFromNewFileWriterWithStringArgumentRecipe,Convert `new BufferedWriter(new FileWriter(String))` to `Files.newBufferedWriter(Path)`,Convert `new BufferedWriter(new FileWriter(s))` to `Files.newBufferedWriter(new java.io.File(s).toPath())`.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveCallsToObjectFinalize,Remove `Object.finalize()` invocations,"Remove calls to `Object.finalize()`. This method is called during garbage collection and calling it manually is misleading. Explicit finalize invocations can trigger resource cleanup prematurely while the object is still in use, leading to unpredictable behavior.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NoValueOfOnStringType,Unnecessary `String#valueOf(..)`,"Replace unnecessary `String#valueOf(..)` method invocations with the argument directly. This occurs when the argument to `String#valueOf(arg)` is a string literal, such as `String.valueOf(""example"")`. Or, when the `String#valueOf(..)` invocation is used in a concatenation, such as `""example"" + String.valueOf(""example"")`. The wrapping call is redundant since Java already performs the conversion implicitly in these contexts.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.MoveConditionsToWhile,Convert `while (true)` with initial `if` break to loop condition,Simplifies `while (true)` loops where the first statement is an `if` statement that only contains a `break`. The condition is inverted and moved to the loop condition for better readability.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.IndexOfReplaceableByContains,`indexOf()` replaceable by `contains()`,Checking if a value is included in a `String` or `List` using `indexOf(value)>-1` or `indexOf(value)>=0` can be replaced with `contains(value)`. Using `contains()` expresses the intent more directly and avoids the mental overhead of interpreting index comparisons.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NeedBraces,Fix missing braces,"Adds missing braces around code such as single-line `if`, `for`, `while`, and `do-while` block bodies. Omitting braces can lead to dangling-statement bugs when additional lines are later added to a block without realizing they fall outside the control structure.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveRedundantNullCheckBeforeLiteralEquals,Remove redundant null checks before literal equals,"Removes redundant null checks before `equals()` comparisons when the receiver is a literal string, since literals can never be null and `equals()` returns false for null arguments.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.OperatorWrap,Operator wrapping,Fixes line wrapping policies on operators.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""wrapOption"",""type"":""WrapOption"",""displayName"":""Operator wrapping style"",""description"":""The operator wrapping style to enforce, which may differ from the configured or detected style."",""example"":""NL"",""valid"":[""EOL"",""NL""]}]" +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseListSort,"Replace invocations of `Collections#sort(List, Comparator)` with `List#sort(Comparator)`","The `java.util.Collections#sort(..)` implementation defers to the `java.util.List#sort(Comparator)`, replaced it with the `java.util.List#sort(Comparator)` implementation for better readability.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyElseBranch,Simplify `else` branch if it only has a single `if`,Simplify `else` branch if it only has a single `if`.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.BooleanChecksNotInverted,Boolean checks should not be inverted,"Ensures that boolean checks are not unnecessarily inverted. Also fixes double negative boolean expressions. Negating a comparison and then inverting it adds cognitive overhead; using the direct operator (e.g., `>=` instead of `!(... < ...)`) is clearer and easier to reason about.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.AvoidBoxedBooleanExpressions,Avoid boxed boolean expressions,"Under certain conditions the `java.lang.Boolean` type is used as an expression, and it may throw a `NullPointerException` if the value is null. Using `Boolean.TRUE.equals(...)` guards against unboxing a `null` reference in control flow positions like `if` conditions and ternary operators.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseDiamondOperator,Use the diamond operator,"The diamond operator (`<>`) should be used. Java 7 introduced the diamond operator to reduce the verbosity of generics code. For instance, instead of having to declare a `List`'s type in both its declaration and its constructor, you can now simplify the constructor declaration with `<>`, and the compiler will infer the type. Repeating type arguments that the compiler can already deduce is unnecessary boilerplate that clutters the code.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.IndexOfShouldNotCompareGreaterThanZero,`indexOf` should not compare greater than zero,"Replaces `String#indexOf(String) > 0` and `List#indexOf(Object) > 0` with `>=1`. Checking `indexOf` against `>0` ignores the first element, whereas `>-1` is inclusive of the first element. For clarity, `>=1` is used, because `>0` and `>=1` are semantically equal. Using `>0` may appear to be a mistake with the intent of including all elements. If the intent is to check whether a value in included in a `String` or `List`, the `String#contains(String)` or `List#contains(Object)` methods may be better options altogether.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceClassIsInstanceWithInstanceof,Replace `A.class.isInstance(a)` with `a instanceof A`,"There should be no `A.class.isInstance(a)`, it should be replaced by `a instanceof A`. Using `instanceof` enables the compiler to catch type incompatibilities at compile time rather than silently passing at runtime, which helps detect dead code early.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UnnecessaryThrows,Unnecessary throws,"Remove unnecessary `throws` declarations. This recipe will only remove unused, checked exceptions if: - The declaring class or the method declaration is `final`. @@ -177,26 +129,74 @@ maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanaly - The method is `public` or `protected` and the exception is not documented via a JavaDoc as a `@throws` tag. Declaring exceptions that are never thrown misleads callers into writing unnecessary error-handling code and obscures the method's true behavior.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveHashCodeCallsFromArrayInstances,`hashCode()` should not be called on array instances,"Replace `hashCode()` calls on arrays with `Arrays.hashCode()` because the results from `hashCode()` are not helpful. Arrays inherit `hashCode()` from `Object`, which returns an identity-based value unrelated to the array contents, so two arrays with identical elements will produce different hash codes.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveEmptyJavaDocParameters,"Remove JavaDoc `@param`, `@return`, and `@throws` with no description","Removes `@param`, `@return`, and `@throws` with no description from JavaDocs.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.AnnotateNullableParameters,Annotate null-checked method parameters with `@Nullable`,"Add `@Nullable` to parameters of public methods that are explicitly checked for `null`. By default `org.jspecify.annotations.Nullable` is used, but through the `nullableAnnotationClass` option a custom annotation can be provided. Both `@Target(TYPE_USE)` and declaration annotations (e.g. `javax.annotation.CheckForNull`) are supported. Parameters that already carry a known nullable annotation are skipped to avoid duplication. This recipe scans for methods that do not already have parameters annotated with a nullable annotation and checks their usages for potential null checks. Additional null-checking methods can be specified via the `additionalNullCheckingMethods` option.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""nullableAnnotationClass"",""type"":""String"",""displayName"":""`@Nullable` annotation class"",""description"":""The fully qualified name of the @Nullable annotation to add. Both `@Target(TYPE_USE)` and declaration annotations (e.g. `javax.annotation.CheckForNull`) are supported. Defaults to `org.jspecify.annotations.Nullable`."",""example"":""org.jspecify.annotations.Nullable""},{""name"":""additionalNullCheckingMethods"",""type"":""List"",""displayName"":""Additional null-checking methods"",""description"":""A list of method patterns (in OpenRewrite MethodMatcher format) that should be considered as null-checking methods. These will be added to the built-in list of known null-checking methods. Use `..` for any parameters, e.g., `com.mycompany.utils.StringUtil isEmpty(..)` or `com.mycompany.utils.CollectionUtil isNullOrEmpty(java.util.Collection)`"",""example"":""com.mycompany.utils.StringUtil isEmpty(..), com.mycompany.utils.CollectionUtil isNullOrEmpty(..)""}]" +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.StaticAccessViaInstance,Static members should be accessed via the class name,Accessing static fields or calling static methods on an instance reference is misleading. Static members should be accessed using the declaring class name instead.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.EqualsToContentEquals,Use `String.contentEquals(CharSequence)` instead of `String.equals(CharSequence.toString())`,Use `String.contentEquals(CharSequence)` instead of `String.equals(CharSequence.toString())`.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.AtomicPrimitiveEqualsUsesGet,"Atomic Boolean, Integer, and Long equality checks compare their values","`AtomicBoolean#equals(Object)`, `AtomicInteger#equals(Object)` and `AtomicLong#equals(Object)` are only equal to their instance. This recipe converts `a.equals(b)` to `a.get() == b.get()`. These atomic classes do not override `equals` from `Object`, so calling it compares object identity rather than the wrapped value, which is almost never the intended behavior.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.PrimitiveWrapperClassConstructorToValueOf,Use primitive wrapper `valueOf` method,"The constructor of all primitive types has been deprecated in favor of using the static factory method `valueOf` available for each of the primitive type wrappers. Using `valueOf` enables object caching for frequently used values, reducing unnecessary heap allocations. Note that this changes identity semantics: `valueOf` may return cached instances (such as `Boolean.TRUE` or `Integer` values in `[-128, 127]`), so code that compares boxed values with `==`/`!=`, relies on `System.identityHashCode`, or synchronizes on the boxed value may behave differently after this change.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.WhileInsteadOfFor,Prefer `while` over `for` loops,"When only the condition expression is defined in a for loop, and the initialization and increment expressions are missing, a while loop should be used instead to increase readability. A `for` loop with empty init and update sections signals iteration mechanics that do not exist, whereas `while` clearly communicates a simple conditional loop.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UnnecessaryParentheses,Remove unnecessary parentheses,"Removes unnecessary parentheses from code where extra parentheses pairs are redundant. Redundant parentheses add visual noise and can obscure the actual structure of an expression, making code harder to read at a glance.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RedundantFileCreation,Redundant file creation,Remove unnecessary intermediate creations of files.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UsePortableNewlines,Use %n instead of \n in format strings,"Format strings should use %n rather than \n to produce platform-specific line separators. Hard-coded `\n` characters produce incorrect line endings on Windows, whereas `%n` adapts to the runtime platform automatically.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NoFinalizer,Remove `finalize()` method,"Finalizers are deprecated. Use of `finalize()` can lead to performance issues, deadlocks, hangs, and other undesirable behavior.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.FinalizeLocalVariables,Finalize local variables,Adds the `final` modifier keyword to local variables which are not reassigned.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.FixStringFormatExpressions,Fix `String#format` and `String#formatted` expressions,"Fix `String#format` and `String#formatted` expressions by replacing `\n` newline characters with `%n` and removing any unused arguments. Note this recipe is scoped to only transform format expressions which do not specify the argument index. Using `%n` ensures the correct platform-specific line separator, and removing unused arguments eliminates dead code that may mask a mismatch between the format string and its parameters.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveMethodsOnlyCallSuper,Remove methods that only call super,Methods that override a parent method but only call `super` with the same arguments are redundant and should be removed.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.BufferedWriterCreationRecipes,Modernize `BufferedWriter` creation & prevent file descriptor leaks,The code `new BufferedWriter(new FileWriter(f))` creates a `BufferedWriter` that does not close the underlying `FileWriter` when it is closed. This can lead to file descriptor leaks as per [CWE-755](https://cwe.mitre.org/data/definitions/755.html). Use `Files.newBufferedWriter` to create a `BufferedWriter` that closes the underlying file descriptor when it is closed.,5,,Static analysis and remediation,,Remediations for issues identified by SAST tools., maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UnwrapElseAfterReturn,Unwrap else block after return or throw statement,"Unwraps the else block when the if block ends with a return or throw statement, reducing nesting and improving code readability.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UnwrapRepeatableAnnotations,Unwrap `@Repeatable` annotations,"Java 8 introduced the concept of `@Repeatable` annotations, making the wrapper annotation unnecessary. Using the repeatable form directly reduces nesting and makes the individual annotations easier to scan.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UpperCaseLiteralSuffixes,Upper case literal suffixes,"Using upper case literal suffixes for declaring literals is less ambiguous, e.g., `1l` versus `1L`. A lowercase `l` is easily mistaken for the digit `1` in many fonts, which can lead to incorrect assumptions about the value.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseAsBuilder,Chain calls to builder methods,Chain calls to builder methods that are on separate lines into one chain of builder calls.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""builderType"",""type"":""String"",""displayName"":""Builder Type"",""description"":""Fully qualified name of the Builder"",""example"":""org.example.Buildable.Builder"",""required"":true},{""name"":""immutable"",""type"":""Boolean"",""displayName"":""Immutable state"",""description"":""The builder is immutable if you must assign the result of calls to intermediate variables or use directly. Defaults to true as many purpose-built builders will be immutable.""},{""name"":""builderCreator"",""type"":""String"",""displayName"":""Builder creator method"",""description"":""The method that creates the builder instance, which may not be a method of the builder itself."",""example"":""org.example.Buildable builder()""}]" +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveUnusedLabels,Remove unused labels,Remove labels that are not referenced by any `break` or `continue` statement.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.MultipleVariableDeclarations,No multiple variable declarations,"Places each variable declaration in its own statement and on its own line. Using one variable declaration per line encourages commenting and can increase readability. Multi-variable declarations also make it harder to track individual types and initializers, increasing the risk of subtle errors.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NoDoubleBraceInitialization,No double brace initialization,"Replace `List`, `Map`, and `Set` double brace initialization with an initialization block. Double brace initialization creates an anonymous inner class that holds a hidden reference to the enclosing instance, which can cause memory leaks and serialization issues.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.MinimumSwitchCases,`switch` statements should have at least 3 `case` clauses,"`switch` statements are useful when many code paths branch depending on the value of a single expression. For just one or two code paths, the code will be more readable with `if` statements. Using `switch` for trivial branching adds unnecessary syntactic overhead and obscures the simplicity of the logic.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseJavaStyleArrayDeclarations,No C-style array declarations,"Change C-Style array declarations `int i[];` to `int[] i;`. Keeping the brackets with the type groups all type information in one place, so readers do not have to inspect both the type and the variable name to determine whether something is an array.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseCollectionInterfaces,Use `Collection` interfaces,"Use `Deque`, `List`, `Map`, `ConcurrentMap`, `Queue`, and `Set` instead of implemented collections. Replaces the return type of public method declarations and the variable type public variable declarations. Programming to an interface rather than a concrete collection type decouples callers from a specific implementation, making it easier to swap data structures later without breaking dependent code.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseDiamondOperator,Use the diamond operator,"The diamond operator (`<>`) should be used. Java 7 introduced the diamond operator to reduce the verbosity of generics code. For instance, instead of having to declare a `List`'s type in both its declaration and its constructor, you can now simplify the constructor declaration with `<>`, and the compiler will infer the type. Repeating type arguments that the compiler can already deduce is unnecessary boilerplate that clutters the code.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyCompoundStatement,Simplify compound statement,"Fixes or removes useless compound statements. For example, removing `b &= true`, and replacing `b &= false` with `b = false`.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveInstanceOfPatternMatch,Removes from code Java 14's `instanceof` pattern matching,Adds an explicit variable declaration at the beginning of `if` statement instead of `instanceof` pattern matching.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.IsEmptyCallOnCollections,Use `Collection#isEmpty()` instead of comparing `size()`,"Also check for _not_ `isEmpty()` when testing for not equal to zero size. Using `isEmpty()` communicates intent more clearly than comparing `size()` to zero, and for some collection implementations `isEmpty()` can be more efficient since `size()` may require traversal.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveUnusedPrivateFields,Remove unused private fields,"If a private field is declared but not used in the program, it can be considered dead code and should therefore be removed. Dead fields clutter the class, increase its memory footprint, and can mislead developers into thinking they are part of the class's behavior.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveExtraSemicolons,Remove extra semicolons,"Removes not needed semicolons. Semicolons are considered not needed: + * Optional semicolons at the end of try-with-resources, + * after the last enum value if no field or method is defined, + * no statement between two semicolon. + +Stray semicolons are typically typos or remnants of refactoring and can mislead readers into thinking a statement is present.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ExplicitCharsetOnStringGetBytes,Set charset encoding explicitly when calling `String#getBytes`,"This makes the behavior of the code platform neutral. It will not override any existing explicit encodings, even if they don't match the default encoding option. Relying on the platform default charset can produce different results across environments, leading to subtle data corruption bugs.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""encoding"",""type"":""String"",""displayName"":""Default encoding"",""description"":""The default encoding to supply to the `getBytes` call"",""example"":""UTF_8""}]" +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReorderAnnotations,Reorder annotations alphabetically,Consistently order annotations by comparing their simple name.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.CollectionToArrayShouldHaveProperType,'Collection.toArray()' should be passed an array of the proper type,"Using `Collection.toArray()` without parameters returns an `Object[]`, which requires casting. It is more efficient and clearer to use `Collection.toArray(new T[0])` instead. The parameterless form can cause a `ClassCastException` at runtime when the returned `Object[]` is cast to a more specific array type.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.InlineVariable,Inline variable,Inline variables when they are immediately used to return or throw. Supports both variable declarations and assignments to local variables. A variable that is declared only to be returned or thrown on the very next line adds an unnecessary level of indirection without improving readability.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.PreferIncrementOperator,Prefer increment/decrement and compound assignment operators,"Prefer the use of increment and decrement operators (`++`, `--`, `+=`, `-=`) over their more verbose equivalents.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceWeekYearWithYear,Week Year (YYYY) should not be used for date formatting,"For most dates Week Year (YYYY) and Year (yyyy) yield the same results. However, on the last week of December and the first week of January, Week Year could produce unexpected results. This is a common source of off-by-one-year bugs that typically only manifest around New Year's Eve, making them difficult to catch during development and testing.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.CombineSemanticallyEqualCatchBlocks,Combine semantically equal catch blocks,Combine catches in a try that contain semantically equivalent blocks. No change will be made when a caught exception exists if combining catches may change application behavior or type attribution is missing. Merging duplicate catch bodies into multi-catch blocks reduces repetition and makes the exception handling strategy easier to follow.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.URLEqualsHashCodeRecipes$URLHashCodeRecipe,URL Hash Code,"Uses of `hashCode()` cause `java.net.URL` to make blocking internet connections. Instead, use `java.net.URI`.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceRedundantFormatWithPrintf,Replace redundant String format invocations that are wrapped with PrintStream operations,"Replaces `PrintStream.print(String.format(format, ...args))` with `PrintStream.printf(format, ...args)` (and for `println`, appends a newline to the format string).",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseSystemLineSeparator,Use `System.lineSeparator()`,Replace calls to `System.getProperty("line.separator")` with `System.lineSeparator()`.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyTernaryRecipes,Simplify ternary expressions,Simplifies various types of ternary expressions to improve code readability. Ternaries that simply select between `true` and `false` are redundant wrappers around the condition itself and add unnecessary complexity.,3,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.RemoveCallsToSystemGc,Remove garbage collection invocations,Removes calls to `System.gc()` and `Runtime.gc()`. When to invoke garbage collection is best left to the JVM. Manual GC calls produce unpredictable results across different JVM implementations and can cause unnecessary application pauses.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyConstantIfBranchExecution,Simplify constant if branch execution,Checks for if expressions that are always `true` or `false` and simplifies them. Branches that can never execute are dead code that misleads readers and may mask logic errors introduced during refactoring.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.MemberNameCaseInsensitiveDuplicates,Members should not have names differing only by capitalization,"Looking at the set of methods and fields in a class and all of its parents, no two members should have names that differ only in capitalization. This rule will not report if a method overrides a parent method. Members with near-identical names are easily confused, leading to bugs where the wrong field or method is referenced.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.EqualsAvoidsNull,Equals avoids null,"Checks that any combination of String literals is on the left side of an `equals()` comparison. Also checks for String literals assigned to some field (such as `someString.equals(anotherString = ""text""))`. And removes redundant null checks in conjunction with equals comparisons. Placing the literal on the left side prevents `NullPointerException`s, since a literal can never be null and its `equals` method handles null arguments safely.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SillyEqualsCheck,Silly equality checks should not be made,Detects `.equals()` calls that compare incompatible types and will always return `false`. Replaces `.equals(null)` with `== null` and array `.equals()` with `Arrays.equals()`. Flags comparisons between unrelated types or between arrays and non-arrays.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyTernaryRecipes$SimplifyTernaryTrueFalseRecipe,Replace `booleanExpression ? true : false` with `booleanExpression`,Replace ternary expressions like `booleanExpression ? true : false` with `booleanExpression`.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.BufferedWriterCreationRecipes$BufferedWriterFromNewFileWriterWithStringAndBooleanArgumentsRecipe,"Convert `new BufferedWriter(new FileWriter(String, boolean))` to `Files.newBufferedWriter(Path, StandardOpenOption)`","Convert `new BufferedWriter(new FileWriter(s, b))` to `Files.newBufferedWriter(new java.io.File(s).toPath(), b ? StandardOpenOption.APPEND : StandardOpenOption.CREATE)`.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ModifierOrder,Modifier order,Modifiers should be declared in the correct order as recommended by the JLS. Ordering modifiers consistently reduces cognitive load for developers who are accustomed to the standard sequence.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseForEachRemoveInsteadOfSetRemoveAll,Replace `java.util.Set#removeAll(java.util.Collection)` with `java.util.Collection#forEach(Set::remove)`,Using `java.util.Collection#forEach(Set::remove)` rather than `java.util.Set#removeAll(java.util.Collection)` may improve performance due to a possible O(n^2) complexity.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseJavaStyleArrayDeclarations,No C-style array declarations,"Change C-Style array declarations `int i[];` to `int[] i;`. Keeping the brackets with the type groups all type information in one place, so readers do not have to inspect both the type and the variable name to determine whether something is an array.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ExternalizableHasNoArgsConstructor,`Externalizable` classes have no-arguments constructor,"`Externalizable` classes handle both serialization and deserialization and must have a no-args constructor for the deserialization process. Without a public no-argument constructor, the JVM cannot instantiate the object during deserialization and will throw an `InvalidClassException` at runtime.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.MaskCreditCardNumbers,Mask credit card numbers,"When encountering string literals which appear to be credit card numbers, mask the last eight digits with the letter 'X'.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ReplaceLambdaWithMethodReference,Use method references in lambda,"Replaces the single statement lambdas `o -> o instanceOf X`, `o -> (A) o`, `o -> System.out.println(o)`, `o -> o != null`, `o -> o == null` with the equivalent method reference. Method references are often more concise and readable than their lambda equivalents, making the code's intent clearer at a glance.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.BigDecimalDoubleConstructorRecipe,`new BigDecimal(double)` should not be used,"Use of `new BigDecimal(double)` constructor can lead to loss of precision. Use `BigDecimal.valueOf(double)` instead. +For example writing `new BigDecimal(0.1)` does not create a `BigDecimal` which is exactly equal to `0.1`, but it is equal to `0.1000000000000000055511151231257827021181583404541015625`. This is because `0.1` cannot be represented exactly as a double (or, for that matter, as a binary fraction of any finite length). `BigDecimal.valueOf` avoids this by converting through a string representation, preserving the value you actually intended.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.EmptyBlock,Remove empty blocks,Remove empty blocks that effectively do nothing. Empty blocks are ambiguous -- they may indicate incomplete implementation or accidentally deleted code -- and removing them makes the intent of the surrounding code explicit.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UnnecessaryExplicitTypeArguments,Unnecessary explicit type arguments,"When explicit type arguments are inferable by the compiler, they may be removed.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.LambdaBlockToExpression,Simplify lambda blocks to expressions,"Single-line statement lambdas returning a value can be replaced with expression lambdas. Expression-form lambdas are more concise and consistent with a functional programming style, making the code easier to scan.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.ExplicitThis,Use explicit `this.field` and `this.method()`,Add explicit 'this.' prefix to field and method access.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.NoFinalizedLocalVariables,Don't use final on local variables,Remove the `final` modifier keyword from local variables regardless of whether they are used within a local class or an anonymous class.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""excludeMethodParameters"",""type"":""Boolean"",""displayName"":""Exclude method parameters"",""description"":""If true, do not remove final from method parameters.""}]" +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.BufferedWriterCreationRecipes$BufferedWriterFromNewFileWriterWithFileArgumentRecipe,Convert `new BufferedWriter(new FileWriter(File))` to `Files.newBufferedWriter(Path)`,Convert `new BufferedWriter(new FileWriter(f))` to `Files.newBufferedWriter(f.toPath())`.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.AnnotateNullableMethods,Annotate methods which may return `null` with `@Nullable`,"Add `@Nullable` to non-private methods that may return `null`. By default `org.jspecify.annotations.Nullable` is used, but through the `nullableAnnotationClass` option a custom annotation can be provided. Both `@Target(TYPE_USE)` and declaration annotations (e.g. `javax.annotation.CheckForNull`) are supported. Methods that already carry a known nullable annotation (matched by simple name) are skipped to avoid duplication. This recipe scans for methods that do not already have a `@Nullable` annotation and checks their return statements for potential null values. It also identifies known methods from standard libraries that may return null, such as methods from `Map`, `Queue`, `Deque`, `NavigableSet`, and `Spliterator`. The return of streams, or lambdas are not taken into account.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""nullableAnnotationClass"",""type"":""String"",""displayName"":""`@Nullable` annotation class"",""description"":""The fully qualified name of the @Nullable annotation to add. Both `@Target(TYPE_USE)` and declaration annotations (e.g. `javax.annotation.CheckForNull`) are supported. Defaults to `org.jspecify.annotations.Nullable`."",""example"":""org.jspecify.annotations.Nullable""}]" maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseLambdaForFunctionalInterface,Use lambda expressions instead of anonymous classes,"Instead of anonymous class declarations, use a lambda where possible. Using lambdas to replace anonymous classes can lead to more expressive and maintainable code, improve code readability, reduce code duplication, and achieve better performance in some cases.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseListSort,"Replace invocations of `Collections#sort(List, Comparator)` with `List#sort(Comparator)`","The `java.util.Collections#sort(..)` implementation defers to the `java.util.List#sort(Comparator)`, replaced it with the `java.util.List#sort(Comparator)` implementation for better readability.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseObjectNotifyAll,Replaces `Object.notify()` with `Object.notifyAll()`,"`Object.notifyAll()` and `Object.notify()` both wake up sleeping threads, but `Object.notify()` only rouses one while `Object.notifyAll()` rouses all of them. Since `Object.notify()` might not wake up the right thread, `Object.notifyAll()` should be used instead. See [this](https://wiki.sei.cmu.edu/confluence/display/java/THI02-J.+Notify+all+waiting+threads+rather+than+a+single+thread) for more information. Using `notify()` in a multi-waiter scenario risks leaving threads permanently stalled when the wrong one is awakened.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UsePortableNewlines,Use %n instead of \n in format strings,"Format strings should use %n rather than \n to produce platform-specific line separators. Hard-coded `\n` characters produce incorrect line endings on Windows, whereas `%n` adapts to the runtime platform automatically.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseStandardCharset,Use `StandardCharset` constants,Replaces `Charset.forName(java.lang.String)` with the equivalent `StandardCharset` constant. Using the predefined constants is both compile-time safe and avoids the need to handle `UnsupportedEncodingException` for charsets that are guaranteed to exist on every JVM.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseStringReplace,Use `String::replace()` when first parameter is not a real regular expression,"When `String::replaceAll` is used, the first argument should be a real regular expression. If it’s not the case, `String::replace` does exactly the same thing as `String::replaceAll` without the performance drawback of the regex.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseSystemLineSeparator,Use `System.lineSeparator()`,Replace calls to `System.getProperty("line.separator")` with `System.lineSeparator()`.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseTryWithResources,Use try-with-resources,"Refactor try/finally blocks to use try-with-resources when the finally block only closes an `AutoCloseable` resource. Try-with-resources guarantees that resources are closed even when exceptions occur, eliminating an entire class of resource-leak bugs that manual `finally` blocks are prone to.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.WhileInsteadOfFor,Prefer `while` over `for` loops,"When only the condition expression is defined in a for loop, and the initialization and increment expressions are missing, a while loop should be used instead to increase readability. A `for` loop with empty init and update sections signals iteration mechanics that do not exist, whereas `while` clearly communicates a simple conditional loop.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.WriteOctalValuesAsDecimal,Write octal values as decimal,"Developers may not recognize octal values as such, mistaking them instead for decimal values. Because a leading zero silently switches the literal to base-8, what looks like `010` actually represents `8`, which is a common source of subtle numeric bugs.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.LowercasePackage,Rename packages to lowercase,"By convention all Java package names should contain only lowercase letters, numbers, and dashes. This recipe converts any uppercase letters in package names to be lowercase. Consistent package naming prevents confusion and potential issues on case-insensitive file systems.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., -maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.MethodNameCasing,Standardize method name casing,"Fixes method names that do not follow standard naming conventions. For example, `String getFoo_bar()` would be adjusted to `String getFooBar()` and `int DoSomething()` would be adjusted to `int doSomething()`. Following a consistent casing convention for method names improves code readability and helps developers quickly distinguish methods from classes or constants.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,"[{""name"":""includeTestSources"",""type"":""Boolean"",""displayName"":""Apply recipe to test source set"",""description"":""Changes only apply to main by default. `includeTestSources` will apply the recipe to `test` source files.""},{""name"":""renamePublicMethods"",""type"":""Boolean"",""displayName"":""Rename public methods"",""description"":""Changes are not applied to public methods unless specified.""}]" +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.SimplifyBooleanExpressionWithDeMorgan,Simplify boolean expressions using De Morgan's laws,"Applies De Morgan's laws to simplify boolean expressions with negation. Transforms `!(a && b)` to `!a || !b` and `!(a || b)` to `!a && !b`. Distributing negations inward eliminates the outer `!` and makes each individual condition's polarity immediately visible, which aids comprehension.",1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., +maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.StaticMethodNotFinal,Static methods need not be final,Static methods do not need to be declared final because they cannot be overridden. Redundant modifiers add noise to the code and can suggest a misunderstanding of the language's dispatch model.,1,,Static analysis and remediation,,Remediations for issues identified by SAST tools., maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.CommonStaticAnalysis,Common static analysis issues,Resolve common static analysis issues (also known as SAST issues).,71,,Static analysis and remediation,,Remediations for issues identified by SAST tools., maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.JavaApiBestPractices,Java API best practices,Use the Java standard library in a way that is most idiomatic.,3,,Static analysis and remediation,,Remediations for issues identified by SAST tools., maven,org.openrewrite.recipe:rewrite-static-analysis,org.openrewrite.staticanalysis.UseMapContainsKey,Use `Map#containsKey`,`map.keySet().contains(a)` can be simplified to `map.containsKey(a)`.,2,,Static analysis and remediation,,Remediations for issues identified by SAST tools.,