Drop Recipe suffix from security recipe class names

src/main/java/org/openrewrite/github/security/AnonymousJobsRecipe.java → src/main/java/org/openrewrite/github/security/AnonymousJobs.java

@@ -25,7 +25,7 @@
 
 @Value
 @EqualsAndHashCode(callSuper = false)
-public class AnonymousJobsRecipe extends Recipe {
+public class AnonymousJobs extends Recipe {
 
     String displayName = "Find jobs without descriptive names";
 

src/main/java/org/openrewrite/github/security/ArtifactSecurityRecipe.java → src/main/java/org/openrewrite/github/security/ArtifactSecurity.java

@@ -32,7 +32,7 @@
 
 @Value
 @EqualsAndHashCode(callSuper = false)
-public class ArtifactSecurityRecipe extends Recipe {
+public class ArtifactSecurity extends Recipe {
 
     // Dangerous paths that may contain credentials or sensitive information
     private static final Set<String> DANGEROUS_PATHS = new HashSet<>(Arrays.asList(

src/main/java/org/openrewrite/github/security/BotConditionsRecipe.java → src/main/java/org/openrewrite/github/security/BotConditions.java

@@ -33,7 +33,7 @@
 
 @Value
 @EqualsAndHashCode(callSuper = false)
-public class BotConditionsRecipe extends Recipe {
+public class BotConditions extends Recipe {
 
     // Known bot actor IDs that should be compared numerically, not as strings
     private static final Set<String> KNOWN_BOT_ACTOR_IDS = new HashSet<>(Arrays.asList(

src/main/java/org/openrewrite/github/security/CachePoisoningRecipe.java → src/main/java/org/openrewrite/github/security/CachePoisoning.java

@@ -33,7 +33,7 @@
 
 @Value
 @EqualsAndHashCode(callSuper = false)
-public class CachePoisoningRecipe extends Recipe {
+public class CachePoisoning extends Recipe {
 
     // Actions that have caching capabilities and could be vulnerable
     private static final Set<String> CACHE_AWARE_ACTIONS = new HashSet<>(Arrays.asList(

src/main/java/org/openrewrite/github/security/DangerousTriggersRecipe.java → src/main/java/org/openrewrite/github/security/DangerousTriggers.java

@@ -32,7 +32,7 @@
 
 @Value
 @EqualsAndHashCode(callSuper = false)
-public class DangerousTriggersRecipe extends Recipe {
+public class DangerousTriggers extends Recipe {
 
     private static final Set<String> DANGEROUS_TRIGGERS = new HashSet<>(Arrays.asList(
             "pull_request_target",

src/main/java/org/openrewrite/github/security/ExcessivePermissionsRecipe.java → src/main/java/org/openrewrite/github/security/ExcessivePermissions.java

@@ -30,7 +30,7 @@
 
 @Value
 @EqualsAndHashCode(callSuper = false)
-public class ExcessivePermissionsRecipe extends Recipe {
+public class ExcessivePermissions extends Recipe {
 
     private static final Set<String> HIGH_RISK_PERMISSIONS = new HashSet<>(Arrays.asList(
             "actions", "attestations", "contents", "deployments", "id-token",

src/main/java/org/openrewrite/github/security/ForbiddenUsesRecipe.java → src/main/java/org/openrewrite/github/security/ForbiddenUses.java

@@ -33,7 +33,7 @@
 
 @Value
 @EqualsAndHashCode(callSuper = false)
-public class ForbiddenUsesRecipe extends Recipe {
+public class ForbiddenUses extends Recipe {
 
     @Option(displayName = "Additional dangerous actions",
             description = "Additional actions to flag as dangerous, beyond the built-in list. " +
@@ -77,12 +77,12 @@ public class ForbiddenUsesRecipe extends Recipe {
     Set<String> allDangerousActions;
     Set<String> allSuspiciousPatterns;
 
-    public ForbiddenUsesRecipe() {
+    public ForbiddenUses() {
         this(null, null);
     }
 
     @JsonCreator
-    public ForbiddenUsesRecipe(
+    public ForbiddenUses(
             @Nullable List<String> additionalDangerousActions,
             @Nullable List<String> additionalSuspiciousPatterns) {
         this.additionalDangerousActions = additionalDangerousActions;

src/main/java/org/openrewrite/github/security/GitHubEnvRecipe.java → src/main/java/org/openrewrite/github/security/GitHubEnv.java

@@ -33,7 +33,7 @@
 
 @Value
 @EqualsAndHashCode(callSuper = false)
-public class GitHubEnvRecipe extends Recipe {
+public class GitHubEnv extends Recipe {
 
     // Dangerous triggers that make GITHUB_ENV usage risky
     private static final Set<String> DANGEROUS_TRIGGERS = new HashSet<>(Arrays.asList(

src/main/java/org/openrewrite/github/security/HardcodedCredentialsRecipe.java → src/main/java/org/openrewrite/github/security/HardcodedCredentials.java

@@ -30,7 +30,7 @@
 
 @Value
 @EqualsAndHashCode(callSuper = false)
-public class HardcodedCredentialsRecipe extends Recipe {
+public class HardcodedCredentials extends Recipe {
 
     private static final Pattern GITHUB_EXPRESSION_PATTERN = Pattern.compile("\\$\\{\\{.*?\\}\\}");
 

src/main/java/org/openrewrite/github/security/InsecureCommandsRecipe.java → src/main/java/org/openrewrite/github/security/InsecureCommands.java

@@ -28,7 +28,7 @@
 
 @Value
 @EqualsAndHashCode(callSuper = false)
-public class InsecureCommandsRecipe extends Recipe {
+public class InsecureCommands extends Recipe {
 
     private static final String INSECURE_COMMANDS_VAR = "ACTIONS_ALLOW_UNSECURE_COMMANDS";
 

src/main/java/org/openrewrite/github/security/ObfuscationRecipe.java → src/main/java/org/openrewrite/github/security/Obfuscation.java

@@ -30,7 +30,7 @@
 
 @Value
 @EqualsAndHashCode(callSuper = false)
-public class ObfuscationRecipe extends Recipe {
+public class Obfuscation extends Recipe {
 
     // Pattern to detect potentially obfuscated expressions
     private static final Pattern OBFUSCATED_EXPRESSION_PATTERN = Pattern.compile(

src/main/java/org/openrewrite/github/security/RefVersionMismatchRecipe.java → src/main/java/org/openrewrite/github/security/RefVersionMismatch.java

@@ -27,7 +27,7 @@
 
 @Value
 @EqualsAndHashCode(callSuper = false)
-public class RefVersionMismatchRecipe extends Recipe {
+public class RefVersionMismatch extends Recipe {
 
     private static final Pattern SHA_PATTERN = Pattern.compile("^[a-f0-9]{40}$");
 

src/main/java/org/openrewrite/github/security/SecretsInheritRecipe.java → src/main/java/org/openrewrite/github/security/SecretsInherit.java

@@ -28,7 +28,7 @@
 
 @Value
 @EqualsAndHashCode(callSuper = false)
-public class SecretsInheritRecipe extends Recipe {
+public class SecretsInherit extends Recipe {
 
     String displayName = "Find unconditional secrets inheritance";
 

src/main/java/org/openrewrite/github/security/SelfHostedRunnerRecipe.java → src/main/java/org/openrewrite/github/security/SelfHostedRunner.java

@@ -25,7 +25,7 @@
 
 @Value
 @EqualsAndHashCode(callSuper = false)
-public class SelfHostedRunnerRecipe extends Recipe {
+public class SelfHostedRunner extends Recipe {
 
     String displayName = "Find usage of self-hosted runners";
 

src/main/java/org/openrewrite/github/security/TemplateInjectionRecipe.java → src/main/java/org/openrewrite/github/security/TemplateInjection.java

@@ -36,7 +36,7 @@
 
 @Value
 @EqualsAndHashCode(callSuper = false)
-public class TemplateInjectionRecipe extends Recipe {
+public class TemplateInjection extends Recipe {
 
     // User-controllable contexts that can lead to injection vulnerabilities
     private static final Set<String> DANGEROUS_CONTEXTS = new HashSet<>(Arrays.asList(

src/main/java/org/openrewrite/github/security/TrustedPublishingRecipe.java → src/main/java/org/openrewrite/github/security/TrustedPublishing.java

@@ -30,7 +30,7 @@
 
 @Value
 @EqualsAndHashCode(callSuper = false)
-public class TrustedPublishingRecipe extends Recipe {
+public class TrustedPublishing extends Recipe {
 
     private static final Set<String> KNOWN_PYTHON_TP_REGISTRIES = new HashSet<>(Arrays.asList(
             "https://upload.pypi.org/legacy/",

src/main/java/org/openrewrite/github/security/UndocumentedPermissionsRecipe.java → src/main/java/org/openrewrite/github/security/UndocumentedPermissions.java

@@ -25,7 +25,7 @@
 
 @Value
 @EqualsAndHashCode(callSuper = false)
-public class UndocumentedPermissionsRecipe extends Recipe {
+public class UndocumentedPermissions extends Recipe {
 
     String displayName = "Document permissions usage";
 

src/main/java/org/openrewrite/github/security/UnpinnedActionsRecipe.java → src/main/java/org/openrewrite/github/security/UnpinnedActions.java

@@ -30,7 +30,7 @@
 
 @Value
 @EqualsAndHashCode(callSuper = false)
-public class UnpinnedActionsRecipe extends Recipe {
+public class UnpinnedActions extends Recipe {
 
     private static final Pattern UNPINNED_ACTION_PATTERN = Pattern.compile(
             "^([^/@]+/[^/@]+)(@(main|master|HEAD|latest|v?\\d+(\\.\\d+)*(\\.\\d+)*))??$"

src/main/java/org/openrewrite/github/security/UnpinnedDockerImagesRecipe.java → src/main/java/org/openrewrite/github/security/UnpinnedDockerImages.java

@@ -30,7 +30,7 @@
 
 @Value
 @EqualsAndHashCode(callSuper = false)
-public class UnpinnedDockerImagesRecipe extends Recipe {
+public class UnpinnedDockerImages extends Recipe {
 
     private static final Pattern DOCKER_IMAGE_PATTERN = Pattern.compile(
             "^(?:docker://)?([^/:]+(?:\\.[^/:]+)*(?::[0-9]+)?/)?([^/:]+(?:/[^/:]+)*):([^@]+)(?:@(.+))?$"

src/main/resources/META-INF/rewrite/examples.yml

@@ -784,7 +784,7 @@ examples:
     language: yaml
 ---
 type: specs.openrewrite.org/v1beta/example
-recipeName: org.openrewrite.github.security.AnonymousJobsRecipe
+recipeName: org.openrewrite.github.security.AnonymousJobs
 examples:
 - description: '`AnonymousJobsRecipeTest#shouldFlagJobWithoutName`'
   sources:
@@ -818,7 +818,7 @@ examples:
     language: yaml
 ---
 type: specs.openrewrite.org/v1beta/example
-recipeName: org.openrewrite.github.security.ArtifactSecurityRecipe
+recipeName: org.openrewrite.github.security.ArtifactSecurity
 examples:
 - description: '`ArtifactSecurityRecipeTest#shouldFlagCredentialPersistenceRisk`'
   sources:
@@ -856,7 +856,7 @@ examples:
     language: yaml
 ---
 type: specs.openrewrite.org/v1beta/example
-recipeName: org.openrewrite.github.security.BotConditionsRecipe
+recipeName: org.openrewrite.github.security.BotConditions
 examples:
 - description: '`BotConditionsRecipeTest#shouldFlagSpoofableActorNameCheck`'
   sources:
@@ -882,7 +882,7 @@ examples:
     language: yaml
 ---
 type: specs.openrewrite.org/v1beta/example
-recipeName: org.openrewrite.github.security.CachePoisoningRecipe
+recipeName: org.openrewrite.github.security.CachePoisoning
 examples:
 - description: '`CachePoisoningRecipeTest#shouldDetectCacheInReleaseWorkflow`'
   sources:
@@ -918,7 +918,7 @@ examples:
     language: yaml
 ---
 type: specs.openrewrite.org/v1beta/example
-recipeName: org.openrewrite.github.security.DangerousTriggersRecipe
+recipeName: org.openrewrite.github.security.DangerousTriggers
 examples:
 - description: '`DangerousTriggersRecipeTest#shouldDetectPullRequestTarget`'
   sources:
@@ -940,7 +940,7 @@ examples:
     language: yaml
 ---
 type: specs.openrewrite.org/v1beta/example
-recipeName: org.openrewrite.github.security.ExcessivePermissionsRecipe
+recipeName: org.openrewrite.github.security.ExcessivePermissions
 examples:
 - description: '`ExcessivePermissionsRecipeTest#shouldFlagWriteAllPermissions`'
   sources:
@@ -966,7 +966,7 @@ examples:
     language: yaml
 ---
 type: specs.openrewrite.org/v1beta/example
-recipeName: org.openrewrite.github.security.ForbiddenUsesRecipe
+recipeName: org.openrewrite.github.security.ForbiddenUses
 examples:
 - description: '`ForbiddenUsesRecipeTest#shouldFlagDangerousAction`'
   sources:
@@ -992,7 +992,7 @@ examples:
     language: yaml
 ---
 type: specs.openrewrite.org/v1beta/example
-recipeName: org.openrewrite.github.security.GitHubEnvRecipe
+recipeName: org.openrewrite.github.security.GitHubEnv
 examples:
 - description: '`GitHubEnvRecipeTest#shouldDetectGitHubEnvInPullRequestTarget`'
   sources:
@@ -1022,7 +1022,7 @@ examples:
     language: yaml
 ---
 type: specs.openrewrite.org/v1beta/example
-recipeName: org.openrewrite.github.security.HardcodedCredentialsRecipe
+recipeName: org.openrewrite.github.security.HardcodedCredentials
 examples:
 - description: '`HardcodedCredentialsRecipeTest#shouldDetectHardcodedContainerPassword`'
   sources:
@@ -1054,7 +1054,7 @@ examples:
     language: yaml
 ---
 type: specs.openrewrite.org/v1beta/example
-recipeName: org.openrewrite.github.security.InsecureCommandsRecipe
+recipeName: org.openrewrite.github.security.InsecureCommands
 examples:
 - description: '`InsecureCommandsRecipeTest#shouldDetectInsecureCommandsAtWorkflowLevel`'
   sources:
@@ -1082,7 +1082,7 @@ examples:
     language: yaml
 ---
 type: specs.openrewrite.org/v1beta/example
-recipeName: org.openrewrite.github.security.ObfuscationRecipe
+recipeName: org.openrewrite.github.security.Obfuscation
 examples:
 - description: '`ObfuscationRecipeTest#shouldFlagObfuscatedUsesWithDot`'
   sources:
@@ -1106,7 +1106,7 @@ examples:
     language: yaml
 ---
 type: specs.openrewrite.org/v1beta/example
-recipeName: org.openrewrite.github.security.RefVersionMismatchRecipe
+recipeName: org.openrewrite.github.security.RefVersionMismatch
 examples:
 - description: '`RefVersionMismatchRecipeTest#shouldFlagMismatchedVersionComment`'
   sources:
@@ -1132,7 +1132,7 @@ examples:
     language: yaml
 ---
 type: specs.openrewrite.org/v1beta/example
-recipeName: org.openrewrite.github.security.SecretsInheritRecipe
+recipeName: org.openrewrite.github.security.SecretsInherit
 examples:
 - description: '`SecretsInheritRecipeTest#shouldDetectSecretsInherit`'
   sources:
@@ -1156,7 +1156,7 @@ examples:
     language: yaml
 ---
 type: specs.openrewrite.org/v1beta/example
-recipeName: org.openrewrite.github.security.SelfHostedRunnerRecipe
+recipeName: org.openrewrite.github.security.SelfHostedRunner
 examples:
 - description: '`SelfHostedRunnerRecipeTest#shouldFlagSelfHostedRunner`'
   sources:
@@ -1180,7 +1180,7 @@ examples:
     language: yaml
 ---
 type: specs.openrewrite.org/v1beta/example
-recipeName: org.openrewrite.github.security.TemplateInjectionRecipe
+recipeName: org.openrewrite.github.security.TemplateInjection
 examples:
 - description: '`TemplateInjectionRecipeTest#shouldFlagPullRequestTitleInjection`'
   sources:
@@ -1204,7 +1204,7 @@ examples:
     language: yaml
 ---
 type: specs.openrewrite.org/v1beta/example
-recipeName: org.openrewrite.github.security.TrustedPublishingRecipe
+recipeName: org.openrewrite.github.security.TrustedPublishing
 examples:
 - description: '`TrustedPublishingRecipeTest#shouldFlagPyPIPublishWithPassword`'
   sources:
@@ -1234,7 +1234,7 @@ examples:
     language: yaml
 ---
 type: specs.openrewrite.org/v1beta/example
-recipeName: org.openrewrite.github.security.UndocumentedPermissionsRecipe
+recipeName: org.openrewrite.github.security.UndocumentedPermissions
 examples:
 - description: '`UndocumentedPermissionsRecipeTest#shouldFlagUndocumentedWorkflowPermissions`'
   sources:
@@ -1264,7 +1264,7 @@ examples:
     language: yaml
 ---
 type: specs.openrewrite.org/v1beta/example
-recipeName: org.openrewrite.github.security.UnpinnedActionsRecipe
+recipeName: org.openrewrite.github.security.UnpinnedActions
 examples:
 - description: '`UnpinnedActionsRecipeTest#shouldFlagUnpinnedActionWithTagVersion`'
   sources:
@@ -1290,7 +1290,7 @@ examples:
     language: yaml
 ---
 type: specs.openrewrite.org/v1beta/example
-recipeName: org.openrewrite.github.security.UnpinnedDockerImagesRecipe
+recipeName: org.openrewrite.github.security.UnpinnedDockerImages
 examples:
 - description: '`UnpinnedDockerImagesRecipeTest#shouldFlagUnpinnedContainerImage`'
   sources: