pixee · clavedeluna · Oct 21, 2025 · Oct 17, 2025 · Oct 21, 2025 · Oct 21, 2025
@@ -18,7 +18,7 @@ jobs:
       - name: Set up Python
         uses: actions/setup-python@v6
         with:
-          python-version: "3.13"
+          python-version: "3.14"
 
       - name: Install black
         run: pip install black

@@ -26,7 +26,7 @@ jobs:
       - name: Set Up Python
         uses: actions/setup-python@v6
         with:
-          python-version: '3.13'
+          python-version: '3.14'
           cache: 'pip'
       - name: Install Codemodder Package
         run: pip install .

@@ -14,7 +14,7 @@ jobs:
       - name: Set Up Python
         uses: actions/setup-python@v6
         with:
-          python-version: '3.13'
+          python-version: '3.14'
       - name: Check out code
         uses: actions/checkout@v5
       - name: Install build dependencies

@@ -22,7 +22,7 @@ jobs:
     timeout-minutes: 15
     strategy:
       matrix:
-        python-version: ['3.10',  '3.11', '3.12']
+        python-version: ['3.12',  '3.13', '3.14']
     steps:
       - name: Check out code
         uses: actions/checkout@v5

@@ -26,7 +26,7 @@ jobs:
       - name: Set Up Python
         uses: actions/setup-python@v6
         with:
-          python-version: '3.13'
+          python-version: '3.14'
           cache: 'pip'
       - name: Install Dependencies
         run: |

@@ -30,7 +30,7 @@ jobs:
       - name: Set Up Python
         uses: actions/setup-python@v6
         with:
-          python-version: '3.13'
+          python-version: '3.14'
           cache: 'pip'
       - name: Install build dependencies
         run: pip install build twine
@@ -49,7 +49,7 @@ jobs:
       - name: Set Up Python
         uses: actions/setup-python@v6
         with:
-          python-version: '3.13'
+          python-version: '3.14'
           cache: 'pip'
       - name: Install Codemodder Package
         # Only install what most users would, not optional dependencies
@@ -62,7 +62,7 @@ jobs:
     timeout-minutes: 25
     strategy:
       matrix:
-        python-version: ['3.10',  '3.11', '3.12']
+        python-version: ['3.12',  '3.13', '3.14']
     steps:
       - name: Check out code
         uses: actions/checkout@v5

@@ -1,4 +1,4 @@
-FROM python:3.13
+FROM python:3.14
 WORKDIR /codemodder
 COPY . .
 

@@ -10,21 +10,21 @@ class TestSonarUseSecureProtocols(SonarIntegrationTest):
     code_path = "tests/samples/use_secure_protocols.py"
     replacement_lines = [
         (
-            5,
+            4,
             """url = "https://example.com"\n""",
         ),
     ]
     # fmt: off
     expected_diff = (
     """--- \n"""
     """+++ \n"""
-    """@@ -2,4 +2,4 @@\n"""
+    """@@ -1,4 +1,4 @@\n"""
+    ''' import ftplib\n'''
     ''' import smtplib\n'''
-    ''' import telnetlib\n'''
     ''' \n'''
     '''-url = "http://example.com"\n'''
     '''+url = "https://example.com"\n'''
     )
     # fmt: on
-    expected_line_change = "5"
+    expected_line_change = "4"
     change_description = SonarUseSecureProtocolsTransformer.change_description
@@ -16,22 +16,24 @@ dependencies = [
     "isort>=6.1,<7",
     "libcst>=1.8,<1.9",
     "packaging>=24.2,<25.1",
-    "pydantic~=2.11.5",
+    "pydantic~=2.12.3",
     "pylint>=4,<4.1",
     "python-json-logger~=4.0.0",
     "PyYAML~=6.0.0",
     "toml~=0.10.2",
     "tomlkit~=0.13.0",
     "wrapt~=1.17.0",
     "chardet~=5.2.0",
-    "sarif-pydantic~=0.5.1",
+    "sarif-pydantic~=0.6.1",
     "setuptools~=80.0",
 ]
 keywords = ["codemod", "codemods", "security", "fix", "fixes"]
 classifiers = [
     "Development Status :: 4 - Beta",
     "Intended Audience :: Developers",
     "License :: OSI Approved :: GNU Affero General Public License v3",
+    "Programming Language :: Python :: 3.14",
+    "Programming Language :: Python :: 3.13",
     "Programming Language :: Python :: 3.12",
     "Programming Language :: Python :: 3.11",
     "Programming Language :: Python :: 3.10",
@@ -51,11 +53,11 @@ get-hashes = 'codemodder.scripts.get_hashes:main'
 
 [project.optional-dependencies]
 semgrep = [
-    "semgrep>=1.134,<1.135",
+    "semgrep>=1.140,<1.141",
 ]
 test = [
     "azure-ai-inference>=1.0.0b1,<2.0",
-    "coverage>=7.10,<7.11",
+    "coverage>=7.11,<7.12",
     "coverage-threshold~=0.4",
     "defusedxml==0.7.1",
     "types-defusedxml==0.7.0.20250822",
@@ -86,7 +88,7 @@ test = [
     "fickling~=0.1.0,>=0.1.3",
     "graphql-server~=3.0.0b9",
     "unidiff>=0.7.5",
-    "semgrep>=1.134,<1.135",
+    "semgrep>=1.140,<1.141",
 ]
 complexity = [
     "radon==6.0.*",

@@ -2,14 +2,19 @@
 
 import functools
 import importlib.resources
+import sys
 from abc import ABCMeta, abstractmethod
 from concurrent.futures import ThreadPoolExecutor
 from dataclasses import dataclass, field
 from enum import Enum
 from functools import cached_property
-from importlib.abc import Traversable
 from pathlib import Path
 
+if sys.version_info >= (3, 14):
+    from importlib.resources.abc import Traversable
+else:
+    from importlib.abc import Traversable
+
 from codemodder.code_directory import file_line_patterns
 from codemodder.codemods.base_detector import BaseDetector
 from codemodder.codemods.base_transformer import BaseTransformerPipeline

@@ -136,13 +136,13 @@
       "securityCategory": "encrypt-data",
       "vulnerabilityProbability": "LOW",
       "status": "TO_REVIEW",
-      "line": 5,
+      "line": 4,
       "message": "Using http protocol is insecure. Use https instead",
       "creationDate": "2025-01-22T13:20:10+0100",
       "updateDate": "2025-01-22T13:29:45+0100",
       "textRange": {
-        "startLine": 5,
-        "endLine": 5,
+        "startLine": 4,
+        "endLine": 4,
         "startOffset": 6,
         "endOffset": 26
       },

@@ -1,5 +1,4 @@
 import ftplib
 import smtplib
-import telnetlib
 
 url = "http://example.com"