package io.codemodder.codemods;

import com.contrastsecurity.sarif.Result;
import com.github.javaparser.ast.CompilationUnit;
import com.github.javaparser.ast.expr.ObjectCreationExpr;
import io.codemodder.Codemod;
import io.codemodder.CodemodInvocationContext;
import io.codemodder.DependencyGAV;
import io.codemodder.ReviewGuidance;
import io.codemodder.RuleSarif;
import io.codemodder.SarifPluginJavaParserChanger;
import io.codemodder.javaparser.JavaParserTransformer;
import io.codemodder.providers.sarif.semgrep.SemgrepScan;
import io.github.pixee.security.XMLDecoderSecurity;
import java.util.List;
import javax.inject.Inject;

@Codemod(id = "pixee:java/harden-xmldecoder-stream", reviewGuidance = ReviewGuidance.MERGE_WITHOUT_REVIEW)
/* loaded from: input_file:io/codemodder/codemods/HardenXMLDecoderCodemod.class */
public final class HardenXMLDecoderCodemod extends SarifPluginJavaParserChanger<ObjectCreationExpr> {
    @Inject
    public HardenXMLDecoderCodemod(@SemgrepScan(ruleId = "harden-xmldecoder-stream") RuleSarif ruleSarif) {
        super(ruleSarif, ObjectCreationExpr.class);
    }

    public boolean onResultFound(CodemodInvocationContext codemodInvocationContext, CompilationUnit compilationUnit, ObjectCreationExpr objectCreationExpr, Result result) {
        JavaParserTransformer.wrap(objectCreationExpr.getArgument(0)).withStaticMethod(XMLDecoderSecurity.class.getName(), "hardenStream", true);
        return true;
    }

    public List<DependencyGAV> dependenciesRequired() {
        return List.of(DependencyGAV.JAVA_SECURITY_TOOLKIT);
    }
}
