# Remediation Steps

Remediation steps tell ORL what to do to findings. They are in this form:

```yaml
spec:
  remediation:
    - command: audit
      path: body
      flags: {}
      skip: "truthy statement"
      value: the value
```

## `command`

The commands are:

* `audit` - Don't change any files, just log the `value` to the report
* `create` - Add `value` to the bottom of a file only if no named match was found
* `insert_after` - Insert `value` immediately after the `path`
* `insert_before` - Insert `value` immediately before the `path`
* `replace` - Replace the contents of the `path` with `value`
* `remove` - Remove the `path`

## `flags`

The following are global flags:

* `indent` - Add this string before every line in `value`
* `prefix` - Add this before `value` in the output
* `suffix` - Add this after `value` in the output

Additional flags are available per command.

* `audit`
  * `level` - The log level. By default is "ERROR" which causes ORL to exit in a failure. "WARN", "INFO", and "DEBUG" can also be used.
  * `if_under` - Switch the audit from per finding to counting findings. Log a message if the count is strictly under this value.
  * `if_over` - Switch the audit from per finding to counting findings. Log a message if the count is strictly over this value.
* `create`
  * `file` - The file name of where to put the new content
* `insert_after`
  * `before_newline` - For parsers that include the newline in the capture group this preserves it
* `replace`
  * `pattern` - Look for this substring pattern to replace, instead of replacing the entire string
  * `count` - Only replace N substrings. Only used if `pattern` is provided.

## `path`

Path is the capture group name of a single capture group from the audit query.

## `value`

Value is the actual string value to use. It is a [template](https://docs.gomboc.ai/orl/concepts/template).