SOURCE CODE CORRECTION SYSTEM USING VALIDATION RULES

§101 §103

DETAILED ACTION This Office action is in response to the amendment submitted on February 4, 2026. Claims 1-22 are pending. Claims 1, 8-10, 12, 18, and 19 are currently amended. Claims 20-22 are added. The objections to Claims 8-12 are withdrawn in view of the Applicant’s amendments to the claims. However, the Applicant has failed to fully address the objections to Claims 1, 18, and 19. Accordingly, these objections are maintained and further explained hereinafter. For clarity of the prosecution history record, it is noted by the Examiner that newly added Claim 21 recites the limitations “to automatically generate a replacement code element by modifying the first code element based on security features of the one or more second code elements to bring the first code element into compliance with the given validation rule,” “to automatically replace, in the corpus of source code listings, the first code element with the automatically generated replacement code element to thereby generate modified source code listings,” and “to store the modified source code listings in a code repository.” However, these limitation are already recited in Claim 18 (the parent claim of Claim 21). Therefore, it appears that these limitations are the result of a copy-and-paste error and consequently, they are not being examined on the merits. Examiner kindly asks the Applicant to remove these limitations in the response to the instant Office action. In the interest of facilitating compact prosecution, the Examiner kindly asks the Applicant’s representative to authorize Internet communications with the Examiner by submitting Form PTO/SB/439 using Patent Center. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Terminal Disclaimer The terminal disclaimer filed on August 25, 2025 disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration date of Patent Number 11,842,189 has been reviewed and is accepted. The terminal disclaimer has been recorded. Response to Amendment Claim Objections Claims 1, 16, 18, and 19 are objected to because of the following informalities: Claims 1, 18, and 19 recite “selecting, from the first set of the respective code elements.” It should read -- selecting, from the first set of the respective code elements in the corpus of source code listings --. Claim 16 recites “wherein generating, by the processor, a replacement code element comprises generating a replacement code element.” It should read -- wherein automatically generating, by the processor, a replacement code element comprises automatically generating a replacement code element --. Appropriate correction is required. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-22 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more. Claim Interpretation: Under the broadest reasonable interpretation (BRI), the limitations of Claim 1 are presumed to have their plain meaning consistent with the specification as it would be interpreted by one of ordinary skill in the art. See MPEP § 2111. Step 1: Claim 1 is directed to a method, which is a process (a series of steps or acts), and falls within one of the statutory categories of invention. Step 2A, Prong One: Claim 1 recites the limitations: (a) prior to execution of the corpus of source code listings: performing static analysis of the corpus of source code listings by analyzing the corpus of source code listings and applying […] the validation rules to the respective code elements in the corpus of source code listings so as to identify a first set of the respective code elements not in compliance with the validation rules and a second set of the respective code elements in compliance with the validation rules; (b) selecting, from the first set of the respective code elements, a first code element not in compliance with a given validation rule; (c) identifying, in the second set of the respective code elements in the corpus of source code listings, one or more second code elements in compliance with the given validation rule; (d) […] generating […] a replacement code element by modifying the first code element based on the one or more second code elements to bring the first code element into compliance with the given validation rule; and (e) […] replacing, in the corpus of source code listings, the first code element with the […] generated replacement code element to thereby generate modified source code listings. These recited steps, under the broadest reasonable interpretation (BRI), cover performance of the steps in the human mind alone or with the aid of pen and paper. That is, other than reciting: (1) by a/the processor; and (2) automatically. Nothing in the claim precludes the steps from practically being performed in the human mind alone using observation, evaluation, judgment, and opinion or with the aid of pen and paper. For example, the limitation (a) in the context of the claim encompasses a human observing the corpus of source code listings in the human mind alone using observation, evaluation, judgment, and opinion or with the aid of pen and paper to perform static analysis of the corpus of source code listings. And the limitation (b) in the context of the claim encompasses a human observing the first set of the respective code elements in the human mind alone using observation, evaluation, judgment, and opinion or with the aid of pen and paper to select a first code element. And the limitation (c) in the context of the claim encompasses a human observing the second set of the respective code elements in the human mind alone using observation, evaluation, judgment, and opinion or with the aid of pen and paper to identify one or more second code elements. And the limitation (d) in the context of the claim encompasses a human observing the first code element in the human mind alone using observation, evaluation, judgment, and opinion or with the aid of pen and paper to generate a replacement code element. And the limitation (e) in the context of the claim encompasses a human observing the corpus of source code listings in the human mind alone using observation, evaluation, judgment, and opinion or with the aid of pen and paper to replace the first code element. See MPEP § 2106.04(a)(2)(III). If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the human mind alone or with the aid of pen and paper but for the recitation of generic computer components, then it falls within the “Mental Processes” grouping of abstract ideas. Accordingly, the claim recites an abstract idea. Step 2A, Prong Two: This judicial exception is not integrated into a practical application. In particular, the claim recites the additional elements: (1) by a/the processor; and (2) automatically. The additional elements (1) and (2) are recited at a high-level of generality such that they amount to no more than mere instructions to apply the judicial exception using generic computer components. The processor is used as a tool to perform the applying and generating steps of the claim. And the term “automatically” implies that a computer is used as a tool to perform the generating and replacing steps of the claim. See MPEP § 2106.05(f). Also, the claim recites the additional elements: (3) accessing a corpus of source code listings comprising respective code elements; (4) accessing a repository of validation rules defining respective acceptable security parameters for the respective code elements; and (5) storing the modified source code listings in a code repository. The additional elements (3) to (5) are mere data accessing/storing recited at a high level of generality, and thus are insignificant extra-solution activities. See MPEP § 2106.05(g). Furthermore, all uses of the recited judicial exception require such accessing/storing, and, as such, the additional elements do not impose any meaningful limits on the claim. The additional elements amount to necessary accessing/storing. See MPEP § 2106.05. Accordingly, even when viewed in combination, the additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. Step 2B: The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements when considered both individually and as a combination do not amount to significantly more than the abstract idea. As discussed above with respect to integration of the abstract idea into a practical application, the claim recites the additional elements: (1) by a/the processor; and (2) automatically. The additional elements (1) and (2) amount to no more than mere instructions to apply the judicial exception using generic computer components. Mere instructions to apply a judicial exception using generic computer components cannot provide an inventive concept. Also, the claim recites the additional elements: (3) accessing a corpus of source code listings comprising respective code elements; (4) accessing a repository of validation rules defining respective acceptable security parameters for the respective code elements; and (5) storing the modified source code listings in a code repository. The additional elements (3) to (5) simply append well-understood, routine, and conventional activities previously known to the industry, specified at a high level of generality, to the judicial exception is not indicative of an inventive concept. MPEP § 2106.05(d)(II) expressly states that the courts have recognized the computer functions of storing and retrieving information in memory as well‐understood, routine, and conventional computer functions when they are claimed in a merely generic manner (e.g., at a high level of generality) or as insignificant extra-solution activities. Thus, a person of ordinary skill in the art would readily comprehend that it is well-understood, routine, and conventional in the computing art to access a corpus of source code listings and a repository of validation rules and store modified source code listings in a code repository. Therefore, the limitations remain insignificant extra-solution activities even upon reconsideration and do not amount to significantly more. Thus, taken alone, the additional elements do not amount to significantly more than the above-identified judicial exception (the abstract idea). Looking at the additional elements as a combination adds nothing that is not already present when looking at the additional elements taken individually. Even when considered in combination, the additional elements represent mere instructions to apply a judicial exception using generic computer components and insignificant extra-solution activities, and therefore do not provide an inventive concept. The claim is not patent eligible. Claims 2-17 and 20 are dependent on Claim 1, but do not add any feature or subject matter that would solve the judicial exception deficiencies of Claim 1. Claim 2 recites the limitation: (a) wherein the source code listings are for one or more software applications. <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> Claim 3 recites the limitation: (a) wherein modifying the first code element based on the one or more second code elements comprises replacing the first code element with a given second code element. <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> Claim 4 recites the limitation: (a) wherein modifying the first code element based on the one or more second code elements comprises adding a given second code element to the first code element. <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> Claim 5 recites the limitation: (a) outputting the first code element and the one or more second code elements together by presenting, on a display, the first code element and at least one of the one or more second code elements. <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> Claim 6 recites the limitation: (a) receiving an input indicating a selection of a given presented second code element, and replacing, in response to the received input, a given first code element with the selected given presented second code element, <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> Claim 7 recites the limitation: (a) identifying a plurality of distinct second code elements. <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> Claim 8 recites the limitation: (a) computing respective counts of instances of the plurality of distinct second code elements, and sorting the plurality of distinct second code elements by their respective counts into a sorted order, and wherein presenting the one or more second code elements comprises presenting the plurality of distinct second code elements in the sorted order. <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> Claim 9 recites the limitation: (a) computing respective statistics for the plurality of distinct second code elements, and wherein presenting the one or more second code elements comprises presenting the plurality of distinct second code elements and their respective statistics. <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> Claim 10 recites the limitation: (a) applying specified criteria to the computed respective statistics for the plurality of distinct second code elements, and identifying one or more of the plurality of distinct second code elements whose respective statistics comply with the specified criteria, and wherein presenting the one or more second code elements comprises presenting the plurality of distinct second code elements compliant with the specified criteria. <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> Claim 11 recites the limitation: (a) computing respective counts of instances of the plurality of distinct second code elements, and wherein the computed-respective statistics for the plurality of distinct second code elements comprise the computed respective counts of instances of the plurality of distinct second code elements. <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> Claim 12 recites the limitation: (a) computing respective percentages of instances of the plurality of distinct second code elements, and wherein the computed respective statistics for the plurality of distinct second code elements comprise the computed respective percentages of the instances of the plurality of distinct second code elements. <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> Claim 13 recites the limitation: (a) wherein the validation rules comprise respective severity levels, and further comprising presenting, on the display, a severity level for the given validation rule. <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> Claim 14 recites the limitation: (a) wherein the validation rules comprise respective error messages, and further comprising presenting, on the display, an error message for the given validation rule. <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> Claim 15 recites the limitation: (a) identifying respective intended uses of the respective code elements, wherein the first code element has a given intended use, and wherein identifying the one or more second code elements comprises identifying the one or more second code elements having the given intended use. <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> Claim 16 recites the limitation: (a) wherein generating, by the processor, a replacement code element comprises generating a replacement code element in compliance with the given validation rule and having the given intended use. <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> Claim 17 recites the limitation: (a) generating, by the processor, based on the given intended use, a description of a security risk in the first code element, and outputting the description of the security risk in the first code element. <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> + <<>> Claim 20 recites the limitation: (a) wherein the first code element comprises a configuration parameter and an associated value in a source code listing for a software application, the configuration parameter controlling an operational mode of the software application during execution, and wherein the validation rules include one or more security rules configured to detect when the associated value enables an insecure operational mode that exposes the software application to a security risk. Claims 2-4, 6-17, and 20 recite further mental steps which can be practically performed in the human mind alone using observation, evaluation, judgment, and opinion or with the aid of pen and paper and thus, fail to make the claim any less abstract (see MPEP § 2106.04(a)(2)(III)). Claims 5, 6, 8-10, and 14 recite further additional elements that do not integrate the judicial exception into a practical application of the judicial exception because they are mere data gathering/transmitting/outputting recited at a high level of generality, and thus are insignificant extra-solution activities (see MPEP § 2106.05(g)), and thus, are not significantly more than the abstract idea. Thus, Claims 2-17 and 20 do not add any steps or additional elements, when considered both individually and as a combination, that would convert Claim 1 into patent-eligible subject matter. Therefore, Claims 1-17 and 20 are not drawn to patent-eligible subject matter as they are directed to an abstract idea without significantly more. <<>> • × • <<>> • × • <<>> • × • <<>> • × • <<>> • × • <<>> • × • <<>> • × • <<>> Claim Interpretation: Under the broadest reasonable interpretation (BRI), the limitations of Claim 18 are presumed to have their plain meaning consistent with the specification as it would be interpreted by one of ordinary skill in the art. See MPEP § 2111. Step 1: Claim 18 is directed to an apparatus, which is a machine, and falls within one of the statutory categories of invention. Step 2A, Prong One: Claim 18 recites the limitations: (a) prior to execution of the corpus of source code listings: to perform static analysis of the corpus of source code listings by analyzing the corpus of source code listings and to apply the validation rules to the respective code elements in the corpus of source code listings so as to identify a first set of the respective code elements not in compliance with the validation rules and a second set of the respective code elements in compliance with the validation rules; (b) to select, from the first set of the respective code elements, a first code element not in compliance with a given validation rule; (c) to identify, in the second set of the respective code elements in the corpus of source code listings, one or more second code elements in compliance with the given validation rule; (d) to […] generate a replacement code element by modifying the first code element based on security features of the one or more second code elements to bring the first code element into compliance with the given validation rule; and (e) to […] replace, in the corpus of source code listings, the first code element with the […] generated replacement code element to thereby generate modified source code listings. These recited steps, under the broadest reasonable interpretation (BRI), cover performance of the steps in the human mind alone or with the aid of pen and paper. That is, other than reciting: (1) a memory configured; (2) at least one processor configured; and (3) automatically. Nothing in the claim precludes the steps from practically being performed in the human mind alone using observation, evaluation, judgment, and opinion or with the aid of pen and paper. For example, the limitation (a) in the context of the claim encompasses a human observing the corpus of source code listings in the human mind alone using observation, evaluation, judgment, and opinion or with the aid of pen and paper to perform static analysis of the corpus of source code listings. And the limitation (b) in the context of the claim encompasses a human observing the first set of the respective code elements in the human mind alone using observation, evaluation, judgment, and opinion or with the aid of pen and paper to select a first code element. And the limitation (c) in the context of the claim encompasses a human observing the second set of the respective code elements in the human mind alone using observation, evaluation, judgment, and opinion or with the aid of pen and paper to identify one or more second code elements. And the limitation (d) in the context of the claim encompasses a human observing the first code element in the human mind alone using observation, evaluation, judgment, and opinion or with the aid of pen and paper to generate a replacement code element. And the limitation (e) in the context of the claim encompasses a human observing the corpus of source code listings in the human mind alone using observation, evaluation, judgment, and opinion or with the aid of pen and paper to replace the first code element. See MPEP § 2106.04(a)(2)(III). If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the human mind alone or with the aid of pen and paper but for the recitation of generic computer components, then it falls within the “Mental Processes” grouping of abstract ideas. Accordingly, the claim recites an abstract idea. Step 2A, Prong Two: This judicial exception is not integrated into a practical application. In particular, the claim recites the additional elements: (1) a memory configured; (2) at least one processor configured; and (3) automatically. The additional elements (1) to (3) are recited at a high-level of generality such that they amount to no more than mere instructions to apply the judicial exception using generic computer components. The memory and at least one processor are used as tools to perform the various steps of the claim. And the term “automatically” implies that a computer is used as a tool to perform the generating and replacing steps of the claim. See MPEP § 2106.05(f). Also, the claim recites the additional elements: (4) to store a corpus of source code listings comprising respective code elements; (5) to store a repository of validation rules defining respective acceptable configuration parameters for the respective code elements; (6) to access the corpus of source code listings and the repository of validation rules; and (7) to store the modified source code listings in a code repository. The additional elements (4) to (7) are mere data accessing/storing recited at a high level of generality, and thus are insignificant extra-solution activities. See MPEP § 2106.05(g). Furthermore, all uses of the recited judicial exception require such accessing/storing, and, as such, the additional elements do not impose any meaningful limits on the claim. The additional elements amount to necessary accessing/storing. See MPEP § 2106.05. Accordingly, even when viewed in combination, the additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. Step 2B: The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements when considered both individually and as a combination do not amount to significantly more than the abstract idea. As discussed above with respect to integration of the abstract idea into a practical application, the claim recites the additional elements: (1) a memory configured; (2) at least one processor configured; and (3) automatically. The additional elements (1) to (3) amount to no more than mere instructions to apply the judicial exception using generic computer components. Mere instructions to apply a judicial exception using generic computer components cannot provide an inventive concept. Also, the claim recites the additional elements: (4) to store a corpus of source code listings comprising respective code elements; (5) to store a repository of validation rules defining respective acceptable configuration parameters for the respective code elements; (6) to access the corpus of source code listings and the repository of validation rules; and (7) to store the modified source code listings in a code repository. The additional elements (4) to (7) simply append well-understood, routine, and conventional activities previously known to the industry, specified at a high level of generality, to the judicial exception is not indicative of an inventive concept. MPEP § 2106.05(d)(II) expressly states that the courts have recognized the computer functions of storing and retrieving information in memory as well‐understood, routine, and conventional computer functions when they are claimed in a merely generic manner (e.g., at a high level of generality) or as insignificant extra-solution activities. Thus, a person of ordinary skill in the art would readily comprehend that it is well-understood, routine, and conventional in the computing art to store/access a corpus of source code listings and a repository of validation rules and store modified source code listings in a code repository. Therefore, the limitations remain insignificant extra-solution activities even upon reconsideration and do not amount to significantly more. Thus, taken alone, the additional elements do not amount to significantly more than the above-identified judicial exception (the abstract idea). Looking at the additional elements as a combination adds nothing that is not already present when looking at the additional elements taken individually. Even when considered in combination, the additional elements represent mere instructions to apply a judicial exception using generic computer components and insignificant extra-solution activities, and therefore do not provide an inventive concept. The claim is not patent eligible. Claim 21 is dependent on Claim 18, but does not add any feature or subject matter that would solve the judicial exception deficiencies of Claim 18. Claim 21 recites the limitation: (a) wherein the first code element comprises a configuration parameter and an associated value in a source code listing for a software application, the configuration parameter controlling an operational mode of the software application during execution, and wherein the validation rules include one or more security rules configured to detect when the associated value enables an insecure operational mode that exposes the software application to a security risk. Claim 21 recites further mental steps which can be practically performed in the human mind alone using observation, evaluation, judgment, and opinion or with the aid of pen and paper and thus, fail to make the claim any less abstract (see MPEP § 2106.04(a)(2)(III)). Thus, Claim 21 does not add any steps or additional elements, when considered both individually and as a combination, that would convert Claim 18 into patent-eligible subject matter. Therefore, Claims 18 and 21 are not drawn to patent-eligible subject matter as they are directed to an abstract idea without significantly more. <<>> • × • <<>> • × • <<>> • × • <<>> • × • <<>> • × • <<>> • × • <<>> • × • <<>> Claim Interpretation: Under the broadest reasonable interpretation (BRI), the limitations of Claim 19 are presumed to have their plain meaning consistent with the specification as it would be interpreted by one of ordinary skill in the art. See MPEP § 2111. Step 1: Claim 19 is directed to a computer software product comprising a non-transitory computer-readable medium, which is an article of manufacture, and falls within one of the statutory categories of invention. Step 2A, Prong One: Claim 19 recites the limitations: (a) prior to execution of the corpus of source code listings: to perform static analysis of the corpus of source code listings by analyzing the corpus of source code listings and to apply the validation rules to the respective code elements in the corpus of source code listings so as to identify a first set of the respective code elements not in compliance with the validation rules and a second set of the respective code elements in compliance with the validation rules; (b) to select, from the first set of the respective code elements, a first code element not in compliance with a given validation rule; (c) to identify, in the second set of the respective code elements in the corpus of source code listings, one or more second code elements in compliance with the given validation rule; (d) to […] generate a replacement code element by modifying the first code element based on security features of the one or more second code elements to bring the first code element into compliance with the given validation rule; and (e) to […] replace, in the corpus of source code listings, the first code element with the […] generated replacement code element to thereby generate modified source code listings. These recited steps, under the broadest reasonable interpretation (BRI), cover performance of the steps in the human mind alone or with the aid of pen and paper. That is, other than reciting: (1) [a] computer software product, the computer software product comprising a non-transitory computer-readable medium, in which program instructions are stored, which when read by a computer, cause the computer; and (2) automatically. Nothing in the claim precludes the steps from practically being performed in the human mind alone using observation, evaluation, judgment, and opinion or with the aid of pen and paper. For example, the limitation (a) in the context of the claim encompasses a human observing the corpus of source code listings in the human mind alone using observation, evaluation, judgment, and opinion or with the aid of pen and paper to perform static analysis of the corpus of source code listings. And the limitation (b) in the context of the claim encompasses a human observing the first set of the respective code elements in the human mind alone using observation, evaluation, judgment, and opinion or with the aid of pen and paper to select a first code element. And the limitation (c) in the context of the claim encompasses a human observing the second set of the respective code elements in the human mind alone using observation, evaluation, judgment, and opinion or with the aid of pen and paper to identify one or more second code elements. And the limitation (d) in the context of the claim encompasses a human observing the first code element in the human mind alone using observation, evaluation, judgment, and opinion or with the aid of pen and paper to generate a replacement code element. And the limitation (e) in the context of the claim encompasses a human observing the corpus of source code listings in the human mind alone using observation, evaluation, judgment, and opinion or with the aid of pen and paper to replace the first code element. See MPEP § 2106.04(a)(2)(III). If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the human mind alone or with the aid of pen and paper but for the recitation of generic computer components, then it falls within the “Mental Processes” grouping of abstract ideas. Accordingly, the claim recites an abstract idea. Step 2A, Prong Two: This judicial exception is not integrated into a practical application. In particular, the claim recites the additional elements: (1) [a] computer software product, the computer software product comprising a non-transitory computer-readable medium, in which program instructions are stored, which when read by a computer, cause the computer; and (2) automatically. The additional elements (1) and (2) are recited at a high-level of generality such that they amount to no more than mere instructions to apply the judicial exception using generic computer components. The non-transitory computer-readable medium and computer are used as tools to perform the various steps of the claim. And the term “automatically” implies that a computer is used as a tool to perform the generating and replacing steps of the claim. See MPEP § 2106.05(f). Also, the claim recites the additional elements: (3) to access a corpus of source code listings comprising respective code elements; (4) to access a repository of validation rules defining respective acceptable security parameters for the respective code elements; and (5) to store the modified source code listings in a code repository. The additional elements (3) to (5) are mere data accessing/storing recited at a high level of generality, and thus are insignificant extra-solution activities. See MPEP § 2106.05(g). Furthermore, all uses of the recited judicial exception require such accessing/storing, and, as such, the additional elements do not impose any meaningful limits on the claim. The additional elements amount to necessary accessing/storing. See MPEP § 2106.05. Accordingly, even when viewed in combination, the additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. Step 2B: The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements when considered both individually and as a combination do not amount to significantly more than the abstract idea. As discussed above with respect to integration of the abstract idea into a practical application, the claim recites the additional elements: (1) [a] computer software product, the computer software product comprising a non-transitory computer-readable medium, in which program instructions are stored, which when read by a computer, cause the computer; and (2) automatically. The additional elements (1) and (2) amount to no more than mere instructions to apply the judicial exception using generic computer components. Mere instructions to apply a judicial exception using generic computer components cannot provide an inventive concept. Also, the claim recites the additional elements: (3) to access a corpus of source code listings comprising respective code elements; (4) to access a repository of validation rules defining respective acceptable security parameters for the respective code elements; and (5) to store the modified source code listings in a code repository. The additional elements (3) to (5) simply append well-understood, routine, and conventional activities previously known to the industry, specified at a high level of generality, to the judicial exception is not indicative of an inventive concept. MPEP § 2106.05(d)(II) expressly states that the courts have recognized the computer functions of storing and retrieving information in memory as well‐understood, routine, and conventional computer functions when they are claimed in a merely generic manner (e.g., at a high level of generality) or as insignificant extra-solution activities. Thus, a person of ordinary skill in the art would readily comprehend that it is well-understood, routine, and conventional in the computing art to access a corpus of source code listings and a repository of validation rules and store modified source code listings in a code repository. Therefore, the limitations remain insignificant extra-solution activities even upon reconsideration and do not amount to significantly more. Thus, taken alone, the additional elements do not amount to significantly more than the above-identified judicial exception (the abstract idea). Looking at the additional elements as a combination adds nothing that is not already present when looking at the additional elements taken individually. Even when considered in combination, the additional elements represent mere instructions to apply a judicial exception using generic computer components and insignificant extra-solution activities, and therefore do not provide an inventive concept. The claim is not patent eligible. Claim 22 is dependent on Claim 19, but does not add any feature or subject matter that would solve the judicial exception deficiencies of Claim 19. Claim 22 recites the limitation: (a) wherein the first code element comprises a configuration parameter and an associated value in a source code listing for a software application, the configuration parameter controlling an operational mode of the software application during execution, and wherein the validation rules include one or more security rules configured to detect when the associated value enables an insecure operational mode that exposes the software application to a security risk. Claim 22 recites further mental steps which can be practically performed in the human mind alone using observation, evaluation, judgment, and opinion or with the aid of pen and paper and thus, fail to make the claim any less abstract (see MPEP § 2106.04(a)(2)(III)). Thus, Claim 22 does not add any steps or additional elements, when considered both individually and as a combination, that would convert Claim 19 into patent-eligible subject matter. Therefore, Claims 19 and 22 are not drawn to patent-eligible subject matter as they are directed to an abstract idea without significantly more. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-3, 5, 7, 14, and 18-22 are rejected under 35 U.S.C. 103 as being unpatentable over US 2016/0004517 (hereinafter “Safary”) in view of US 2019/0163446 (hereinafter “Brunel”), US 2016/0054983 (hereinafter “Balasubramanian”), and US 2019/0121310 (hereinafter “Riedl”). [Examiner’s Remarks: In order for a reference to be proper for use in an obviousness rejection under 35 U.S.C. 103, the reference must be analogous art to the claimed invention. In re Bigio, 381 F.3d 1320, 1325, 72 USPQ2d 1209, 1212 (Fed. Cir. 2004). A reference is analogous art to the claimed invention if: (1) the reference is from the same field of endeavor as the claimed invention (even if it addresses a different problem); or (2) the reference is reasonably pertinent to the problem faced by the inventor (even if it is not in the same field of endeavor as the claimed invention). Note that the claimed invention is generally directed to detecting misconfigured source code and presenting one or more correctly configured alternatives that can be used to update the misconfigured source code (specification, paragraph [0002]). As for the “same field of endeavor” test, Safary is generally directed to an iSeries code review tool (Safary, paragraph [0014]). And Brunel is generally directed to evaluating compliance of implementation code with a specified model that has been developed under the constraints of a software architecture specification (Brunel, paragraph [0002]). And Balasubramanian is generally directed to correcting non-compliant source code in an integrated development environment (IDE) (Balasubramanian, paragraph [0001]). And Riedl is generally directed to control programs for industrial equipment that are configured to meet safety requirements (Riedl, paragraph [0001]). Thus, Safary, Brunel, Balasubramanian, and Riedl are all analogous art to the claimed invention (even if they address different problems or are not in the same field of endeavor as the claimed invention). See MPEP § 2141.01(a)(I).] As per Claim 1, Safary discloses: A method (paragraph [0014], “[…] methods for an iSeries code review tool are provided.”) for automatically improving source code security, comprising: [Examiner’s Remarks: Note that the limitation “automatically improving source code security” in the preamble of the claim is not given any patentable weight because it is merely a statement of purpose or intended use of the claimed invention. See MPEP § 2111.02.] accessing a repository of validation rules defining respective acceptable security parameters for […] respective code elements (paragraph [0014], “[…] an institution may release coding guidelines that specify security and efficiency standards that are to be followed by software developers [defining respective acceptable security parameters for {…} respective code elements] (emphasis added).”; paragraph [0021], “Configuring the tool may include expressing coding guidelines as computer readable rules. The rules may be stored in a control table [a repository of validation rules]. Rules stored in a control table may be changed or deleted. New rules may be added to a control table. A control table may correspond to coding guidelines.”; paragraph [0031], “After identifying the operation, a control table may be searched [accessing a repository of validation rules] to determine if the control table includes an entry associated with the detected operation. An entry in the control table may include one or more rules for the detected operation. Upon detecting that the source code includes an operation associated with an entry in the control table, the tool may evaluate whether the operations complies with one or more rules associated with the operation.”); and prior to execution of […] source code listings (paragraph [0018]1, “Utilization of the tool may result in discovery of defects or ‘bugs’ in the source code at an early in development of the software, when the defects are relatively easy to fix. For example, detecting the defects an early stage in development of a product may pose relative risk to the institution than detecting defects after deployment of the product (emphasis added).”): [1Examiner’s Remarks: Note that Safary discloses that detecting the defects at an early stage in development of a product may pose relative risk to the institution than detecting defects after deployment of the product. Thus, one of ordinary skill in the art would readily comprehend that detecting the defects at an early stage in development of the product is performed prior to execution of the product after it is deployed.] performing static analysis of the […] source code listings by analyzing the […] source code listings (paragraph [0154], “At step 315, the system parses each line of source code. At step 317, the system determines whether at least one iSeries operation within the line of source code [performing static analysis of the {…} source code listings by analyzing the {…} source code listings] (emphasis added).”) and applying, by a processor (Figure 1: 103), the validation rules to the respective code elements in the […] source code listings (paragraph [0156], “When the control table includes an entry corresponding to the detected operation, then at step 321, the system evaluates whether the detected operation is executed (or formatted to execute) in confirmation with a rule associated with the operation [applying {…} the validation rules to the respective code elements in the {…} source code listings].”) so as to identify a first set of the respective code elements not in compliance with the validation rules and a second set of the respective code elements in compliance with the validation rules (paragraph [0019], “The iSeries code review tool is configured to scan source code written for iSeries and detect compliance and/or non-compliance of the source code with institutional coding guidelines. The tool may produce a list of detected defects and/or warnings associated with the source code [identify a first set of the respective code elements not in compliance with the validation rules {…}]. The tool may produce a list of detected compliant operations associated with the source code [identify {…} a second set of the respective code elements in compliance with the validation rules] (emphasis added).”; paragraph [0021], “Configuring the tool may include expressing coding guidelines as computer readable rules (emphasis added).”). Safary does not explicitly disclose: accessing a corpus of source code listings comprising respective code elements; selecting, from the first set of the respective code elements, a first code element not in compliance with a given validation rule; and identifying, in the second set of the respective code elements in the corpus of source code listings, one or more second code elements in compliance with the given validation rule. However, Brunel discloses: accessing a corpus of source code listings comprising respective code elements (paragraph [0031]2, “In embodiments, the data-processing system 110 is also adapted to receive implementation code 104 [accessing a corpus of source code listings] that is to be evaluated for compliance with at least the specified model 102. In some cases, the implementation code 104 can be a portion of a system-control code that is eventually deployed for complete operation of a dynamic system. In some cases, the implementation code 104 can be the entire system-control code. The implementation code 104 can comprise one or more files of source code and further include related files (e.g., header, library, and/or data files needed by the implementation code 104) [a corpus of source code listings comprising respective code elements] (emphasis added).”); [2Examiner’s Remarks: Under the broadest reasonable interpretation (BRI), the plain meaning of the limitation “a corpus of source code listings” is a collection of source code listings, which is consistent with the specification. Thus, the limitation “a corpus of source code listings,” given its plain meaning consistent with the specification, is mapped to Brunel’s implementation code comprising one or more files of source code and further including related files. See MPEP § 2173.01(I).] selecting, from the first set of the respective code elements, a first code element not in compliance with a given validation rule (paragraph [0023], “[…] a meta model description 101 can provide rules and definitions about how corresponding specified models can be formed to comply with a software architecture, and may further dictate how corresponding implementation code is structured to comply with the specified model and, in some cases, with the meta-model (emphasis added).”; paragraph [0028], “The specified model 102 may be prepared to comply with an over-arching meta-model description 101 that can place constraints on how the specified model 102 is formed, how the implementation code 104 is structured from the specified model, as well as how the system-control code is structured (emphasis added).”; paragraph [0030], “The meta model 101 may further define rules that dictate the structure of the implementation code 104 (emphasis added).”; paragraph [0036], “[…] the implementation code 104 may be aware of and comply with code structure rules set forth by the meta-model description 101 to implement instances of components and interfaces in compliance with the specified model 102 (emphasis added).”; paragraph [0088], “[…] a user can hover a cursor over or select a relevant non-compliant code part 840 in the source code panel 129, and in response, the user-interface engine 660 can render a graphical affordance, for example, a pop-up window 850 providing further information about the cause of the non-compliant code part. The information about the cause of non-compliance can be provided by the code analyzer 650 as a result of static analysis of the code part and comparison with constraints derived from the specified model or meta-model, for example [selecting, from the first set of the respective code elements, a first code element not in compliance with a given validation rule] (emphasis added).”); and identifying, in the second set of the respective code elements in the corpus of source code listings, one or more second code elements in compliance with the given validation rule (paragraph [0023], “[…] a meta model description 101 can provide rules and definitions about how corresponding specified models can be formed to comply with a software architecture, and may further dictate how corresponding implementation code is structured to comply with the specified model and, in some cases, with the meta-model (emphasis added).”; paragraph [0028], “The specified model 102 may be prepared to comply with an over-arching meta-model description 101 that can place constraints on how the specified model 102 is formed, how the implementation code 104 is structured from the specified model, as well as how the system-control code is structured (emphasis added).”; paragraph [0030], “The meta model 101 may further define rules that dictate the structure of the implementation code 104 (emphasis added).”; paragraph [0034], “As only one example, several panels can be displayed on the user interface 180 that provide reasons for and/or details about compliance and non-compliance (if any) of code parts of the implementation code with at least the specified model 102 [identifying, in the second set of the respective code elements in the corpus of source code listings, one or more second code elements in compliance with the given validation rule] (emphasis added).”; paragraph [0036], “[…] the implementation code 104 may be aware of and comply with code structure rules set forth by the meta-model description 101 to implement instances of components and interfaces in compliance with the specified model 102 (emphasis added).”). As pointed out hereinabove, Safary and Brunel are both analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Brunel into the teaching of Safary to include “accessing a corpus of source code listings comprising respective code elements; selecting, from the first set of the respective code elements, a first code element not in compliance with a given validation rule; and identifying, in the second set of the respective code elements in the corpus of source code listings, one or more second code elements in compliance with the given validation rule.” The modification would be obvious because one of ordinary skill in the art would be motivated to aid a programmer in rapidly reviewing and revising code elements to bring the code elements into compliance with at least a given validation rule (Brunel, paragraph [0034]). The combination of Safary and Brunel does not explicitly disclose: automatically generating, by the processor, a replacement code element by modifying the first code element based on the one or more second code elements to bring the first code element into compliance with the given validation rule; automatically replacing, in the corpus of source code listings, the first code element with the automatically generated replacement code element to thereby generate modified source code listings; and storing the modified source code listings in a code repository. However, Balasubramanian discloses: […] generating […] a replacement code element by modifying the first code element based on the one or more second code elements to bring the first code element into compliance with the given validation rule (paragraph [0002], “The coding standards may be formalized into a documented set of rules or an informal set of practices for a development group to follow. Formal coding standards can provide a top-down approach, often recommended and enforced long after program development is underway (emphasis added).”; paragraph [0031]3, “As shown, process flow 300 of FIG. 3 begins at step 340, whereby IDE 218 starts scanning source code 224. At 342, it is determined whether source code 224 deviates from a set of coding standards. If no deviation exists, the code base is considered to be compliant to the set of coding standards (step 344) [based on the one or more second code elements] (emphasis added).”; paragraph [0050], “Once second developer 222 is identified as having the requisite set of skills, IDE 218 sends artifact 230 from the segment extraction process to second developer 222, as provided in step 386. Second developer 222 then modifies source code 224 to correct coding violation 232, and returns artifact 230, containing a segment of modified source code 225, to IDE 218, as provided in step 388 [{…} generating {…} a replacement code element by modifying the first code element based on the one or more second code elements] (emphasis added).”; paragraph [0051], “Next, as provided in step 390, IDE 218 tests modified source code segment 225 to determine if it complies with the set of coding standards […] In the case that the testing is successful, indicating that the set of standards is met, engine 220 causes IDE 218 to attempt in-place replacement of the existing code segment from source code 224 with modified source code segment 225, as provided in step 392. If replacement is successful, IDE 218 now contains a code base that is fully compliant with the set of standards (step 344) [bring the first code element into compliance with the given validation rule] (emphasis added).”); [3Examiner’s Remarks: Note that Balasubramanian discloses that the code base is considered to be compliant when no deviations from a set of coding standards is found. And that the second developer modifies the source code to correct the coding violation. And that the IDE tests the modified source code to determine if it complies with the set of coding standards. Thus, one of ordinary skill in the art would readily comprehend that the second developer modifies the source code with the coding violation based on the compliant source code in accordance with the set of coding standards in order to bring the non-compliant source code into compliance with the set of coding standards.] automatically replacing, in the corpus of source code listings, the first code element with the […] generated replacement code element to thereby generate modified source code listings (paragraph [0051], “In the case that the testing is successful, indicating that the set of standards is met, engine 220 causes IDE 218 to attempt in-place replacement of the existing code segment from source code 224 with modified source code segment 225, as provided in step 392 [automatically replacing, in the corpus of source code listings, the first code element with the {…} generated replacement code element to thereby generate modified source code listings]. If replacement is successful, IDE 218 now contains a code base that is fully compliant with the set of standards (step 344) (emphasis added).”); and storing the modified source code listings in a code repository (paragraph [0026], “While executing computer program code, processing unit 106 can read and/or write data to/from memory 108, storage system 114, code repository 117, and IDE 118 (emphasis added).”; paragraph [0027], “As is commonly known, code repository 117 is a searchable, categorized, and/or Internet accessible location that users may access to browse, search, and download source or compiled library code [storing the modified source code listings in a code repository]. Uses of code repositories may include open source projects, proprietary development projects, and/or projects that create libraries for later use (emphasis added).”). As pointed out hereinabove, Balasubramanian is an analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Balasubramanian into the combined teachings of Safary and Brunel to include “[…] generating […] a replacement code element by modifying the first code element based on the one or more second code elements to bring the first code element into compliance with the given validation rule; automatically replacing, in the corpus of source code listings, the first code element with the […] generated replacement code element to thereby generate modified source code listings; and storing the modified source code listings in a code repository.” The modification would be obvious because one of ordinary skill in the art would be motivated to provide correction of source code that does not comply with an established coding standard in a code base contained in an Integrated Development Environment (IDE) (Balasubramanian, paragraph [0021]). The combination of Safary, Brunel, and Balasubramanian discloses “[…] generating […] a replacement code element […],” but the combination of Safary, Brunel, and Balasubramanian does not explicitly disclose: automatically generating, by the processor, a replacement code element. However, Riedl discloses: automatically generating, by a processor (paragraph [0075], “The industrial controller unit 16 may comprise a processing device 20, such as a CPU to run an industrial control program […].”), a replacement code element (paragraph [0093], “[…] implicitly and automatically generate code that may replace the call to the second program element by an auxiliary program element, wherein the auxiliary program element is designed to be compliant with the safety classification (emphasis added).”). As pointed out hereinabove, Riedl is an analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Riedl into the combined teachings of Safary, Brunel, and Balasubramanian to include “automatically generating, by the processor, a replacement code element.” The modification would be obvious because one of ordinary skill in the art would be motivated to automatically generate a modified program source code that mitigates safety risks associated with a program element by replacing it effectively with an auxiliary program element compliant with a safety classification (Riedl, paragraph [0009]). As per Claim 2, the rejection of Claim 1 is incorporated; and Safary further discloses: wherein the source code listings are for one or more software applications (paragraph [0003], “Computer code written for iSeries computers may include defects that, if undetected, may degrade performance of a product and may expose the institution to a security risk. It would be desirable to provide a tool for detecting defects present in iSeries source code.”). As per Claim 3, the rejection of Claim 1 is incorporated; and the combination of Safary, Brunel, and Riedl does not explicitly disclose: wherein modifying the first code element based on the one or more second code elements comprises replacing the first code element with a given second code element. However, Balasubramanian discloses: wherein modifying the first code element based on the one or more second code elements comprises replacing the first code element with a given second code element (paragraph [0051], “In the case that the testing is successful, indicating that the set of standards is met, engine 220 causes IDE 218 to attempt in-place replacement of the existing code segment from source code 224 with modified source code segment 225, as provided in step 392. If replacement is successful, IDE 218 now contains a code base that is fully compliant with the set of standards (step 344).”). As pointed out hereinabove, Balasubramanian is an analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Balasubramanian into the combined teachings of Safary, Brunel, and Riedl to include “wherein modifying the first code element based on the one or more second code elements comprises replacing the first code element with a given second code element.” The modification would be obvious because one of ordinary skill in the art would be motivated to provide correction of source code that does not comply with an established coding standard in a code base contained in an Integrated Development Environment (IDE) (Balasubramanian, paragraph [0021]). As per Claim 5, the rejection of Claim 1 is incorporated; and the combination of Safary, Balasubramanian, and Riedl does not explicitly disclose: outputting the first code element and the one or more second code elements together by presenting, on a display, the first code element and at least one of the one or more second code elements. However, Brunel discloses: outputting the first code element and the one or more second code elements together by presenting, on a display, the first code element and at least one of the one or more second code elements (Figure 8C; paragraph [0088], “The user interface 180 can also include a source code panel 129, illustrated in FIG. 8C, that displays a portion 860 of the implementation code 104 containing the code part identified by the user-selected entry 810. In some cases, a user can hover a cursor over or select a relevant non-compliant code part 840 in the source code panel 129, and in response, the user-interface engine 660 can render a graphical affordance, for example, a pop-up window 850 providing further information about the cause of the non-compliant code part.”). As pointed out hereinabove, Brunel is an analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Brunel into the combined teachings of Safary, Balasubramanian, and Riedl to include “outputting the first code element and the one or more second code elements together by presenting, on a display, the first code element and at least one of the one or more second code elements.” The modification would be obvious because one of ordinary skill in the art would be motivated to aid a programmer in rapidly reviewing and revising code elements to bring the code elements into compliance with at least a given validation rule (Brunel, paragraph [0034]). As per Claim 7, the rejection of Claim 5 is incorporated; and Safary further discloses: identifying a plurality of distinct second code elements (paragraph [0019], “The iSeries code review tool is configured to scan source code written for iSeries and detect compliance and/or non-compliance of the source code with institutional coding guidelines. The tool may produce a list of detected defects and/or warnings associated with the source code. The tool may produce a list of detected compliant operations associated with the source code.”). As per Claim 14, the rejection of Claim 5 is incorporated; and the combination of Safary, Balasubramanian, and Riedl does not explicitly disclose: wherein the validation rules comprise respective error messages, and further comprising presenting, on the display, an error message for the given validation rule. However, Brunel discloses: wherein the validation rules comprise respective error messages, and further comprising presenting, on the display, an error message for the given validation rule (Figures 8A-8C; paragraph [0067], “Once a code extract 504 is prepared, the code analyzer 650 can operate on the code extract 504 to evaluate compliance of the code extract with a corresponding model segment 501 identified from the specified model 102.”; paragraph [0083], “FIG. 8A-8C depict panels or windows that can be part of a graphical user interface 180 that displays code-analysis results provided by the code analyzer 650 to the user-interface engine 660 for display […] A summary panel 123, shown in FIG. 8A, can include a cursory, high-level summary of the code-analysis results in one or more expandable lists, for example. The listed results can be grouped according to severity of the result. Order, text, symbols, and/or color coding can be used to indicate the severity of code-analysis results. For example, a listed entry for a first level of severity 802 can be indicated by a first color (e.g., red) and identify a number 803 of potentially fatal coding errors (e.g., division by zero, infinite loop, etc.) and/or non-compliances (e.g., variable out of range, incorrect function invocation sequence, etc.).”). As pointed out hereinabove, Brunel is an analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Brunel into the combined teachings of Safary, Balasubramanian, and Riedl to include “wherein the validation rules comprise respective error messages, and further comprising presenting, on the display, an error message for the given validation rule.” The modification would be obvious because one of ordinary skill in the art would be motivated to aid a programmer in rapidly reviewing and revising code elements to bring the code elements into compliance with at least a given validation rule (Brunel, paragraph [0034]). As per Claim 18, Safary discloses: An apparatus (paragraph [0014], “Apparatus […] for an iSeries code review tool are provided.”) comprising: a memory (Figure 1: 115) configured to store: a repository of validation rules defining respective acceptable configuration parameters for […] respective code elements (paragraph [0014], “[…] an institution may release coding guidelines that specify security and efficiency standards that are to be followed by software developers [defining respective acceptable configuration parameters for {…} respective code elements] (emphasis added).”; paragraph [0021], “Configuring the tool may include expressing coding guidelines as computer readable rules. The rules may be stored in a control table [a repository of validation rules]. Rules stored in a control table may be changed or deleted. New rules may be added to a control table. A control table may correspond to coding guidelines.”); and at least one processor (Figure 1: 103) configured: to access the repository of validation rules (paragraph [0021], “Configuring the tool may include expressing coding guidelines as computer readable rules. The rules may be stored in a control table [the repository of validation rules]. Rules stored in a control table may be changed or deleted. New rules may be added to a control table. A control table may correspond to coding guidelines.”; paragraph [0031], “After identifying the operation, a control table may be searched [to access the repository of validation rules] to determine if the control table includes an entry associated with the detected operation. An entry in the control table may include one or more rules for the detected operation. Upon detecting that the source code includes an operation associated with an entry in the control table, the tool may evaluate whether the operations complies with one or more rules associated with the operation.”), prior to execution of […] source code listings (paragraph [0018]1, “Utilization of the tool may result in discovery of defects or ‘bugs’ in the source code at an early in development of the software, when the defects are relatively easy to fix. For example, detecting the defects an early stage in development of a product may pose relative risk to the institution than detecting defects after deployment of the product (emphasis added).”): [1Examiner’s Remarks: Note that Safary discloses that detecting the defects at an early stage in development of a product may pose relative risk to the institution than detecting defects after deployment of the product. Thus, one of ordinary skill in the art would readily comprehend that detecting the defects at an early stage in development of the product is performed prior to execution of the product after it is deployed.] to perform static analysis of the […] source code listings by analyzing the […] source code listings (paragraph [0154], “At step 315, the system parses each line of source code. At step 317, the system determines whether at least one iSeries operation within the line of source code [to perform static analysis of the {…} source code listings by analyzing the {…} source code listings] (emphasis added).”) and to apply the validation rules to the respective code elements in the […] source code listings (paragraph [0156], “When the control table includes an entry corresponding to the detected operation, then at step 321, the system evaluates whether the detected operation is executed (or formatted to execute) in confirmation with a rule associated with the operation [to apply the validation rules to the respective code elements in the {…} source code listings].”) so as to identify a first set of the respective code elements not in compliance with the validation rules and a second set of the respective code elements in compliance with the validation rules (paragraph [0019], “The iSeries code review tool is configured to scan source code written for iSeries and detect compliance and/or non-compliance of the source code with institutional coding guidelines. The tool may produce a list of detected defects and/or warnings associated with the source code [identify a first set of the respective code elements not in compliance with the validation rules {…}]. The tool may produce a list of detected compliant operations associated with the source code [identify {…} a second set of the respective code elements in compliance with the validation rules] (emphasis added).”; paragraph [0021], “Configuring the tool may include expressing coding guidelines as computer readable rules (emphasis added).”). Safary does not explicitly disclose: a corpus of source code listings comprising respective code elements; to access the corpus of source code listings; to select, from the first set of the respective code elements, a first code element not in compliance with a given validation rule; and to identify, in the second set of the respective code elements in the corpus of source code listings, one or more second code elements in compliance with the given validation rule. However, Brunel discloses: a corpus of source code listings comprising respective code elements (paragraph [0031]2, “In embodiments, the data-processing system 110 is also adapted to receive implementation code 104 that is to be evaluated for compliance with at least the specified model 102. In some cases, the implementation code 104 can be a portion of a system-control code that is eventually deployed for complete operation of a dynamic system. In some cases, the implementation code 104 can be the entire system-control code. The implementation code 104 can comprise one or more files of source code and further include related files (e.g., header, library, and/or data files needed by the implementation code 104) [a corpus of source code listings comprising respective code elements] (emphasis added).”); [2Examiner’s Remarks: Under the broadest reasonable interpretation (BRI), the plain meaning of the limitation “a corpus of source code listings” is a collection of source code listings, which is consistent with the specification. Thus, the limitation “a corpus of source code listings,” given its plain meaning consistent with the specification, is mapped to Brunel’s implementation code comprising one or more files of source code and further including related files. See MPEP § 2173.01(I).] to access the corpus of source code listings (paragraph [0031]2, “In embodiments, the data-processing system 110 is also adapted to receive implementation code 104 [to access the corpus of source code listings] that is to be evaluated for compliance with at least the specified model 102. In some cases, the implementation code 104 can be a portion of a system-control code that is eventually deployed for complete operation of a dynamic system. In some cases, the implementation code 104 can be the entire system-control code. The implementation code 104 can comprise one or more files of source code and further include related files (e.g., header, library, and/or data files needed by the implementation code 104) (emphasis added).”); to select, from the first set of the respective code elements, a first code element not in compliance with a given validation rule (paragraph [0023], “[…] a meta model description 101 can provide rules and definitions about how corresponding specified models can be formed to comply with a software architecture, and may further dictate how corresponding implementation code is structured to comply with the specified model and, in some cases, with the meta-model (emphasis added).”; paragraph [0028], “The specified model 102 may be prepared to comply with an over-arching meta-model description 101 that can place constraints on how the specified model 102 is formed, how the implementation code 104 is structured from the specified model, as well as how the system-control code is structured (emphasis added).”; paragraph [0030], “The meta model 101 may further define rules that dictate the structure of the implementation code 104 (emphasis added).”; paragraph [0036], “[…] the implementation code 104 may be aware of and comply with code structure rules set forth by the meta-model description 101 to implement instances of components and interfaces in compliance with the specified model 102 (emphasis added).”; paragraph [0088], “[…] a user can hover a cursor over or select a relevant non-compliant code part 840 in the source code panel 129, and in response, the user-interface engine 660 can render a graphical affordance, for example, a pop-up window 850 providing further information about the cause of the non-compliant code part. The information about the cause of non-compliance can be provided by the code analyzer 650 as a result of static analysis of the code part and comparison with constraints derived from the specified model or meta-model, for example [to select, from the first set of the respective code elements, a first code element not in compliance with a given validation rule] (emphasis added).”); and to identify, in the second set of the respective code elements in the corpus of source code listings, one or more second code elements in compliance with the given validation rule (paragraph [0023], “[…] a meta model description 101 can provide rules and definitions about how corresponding specified models can be formed to comply with a software architecture, and may further dictate how corresponding implementation code is structured to comply with the specified model and, in some cases, with the meta-model (emphasis added).”; paragraph [0028], “The specified model 102 may be prepared to comply with an over-arching meta-model description 101 that can place constraints on how the specified model 102 is formed, how the implementation code 104 is structured from the specified model, as well as how the system-control code is structured (emphasis added).”; paragraph [0030], “The meta model 101 may further define rules that dictate the structure of the implementation code 104 (emphasis added).”; paragraph [0034], “As only one example, several panels can be displayed on the user interface 180 that provide reasons for and/or details about compliance and non-compliance (if any) of code parts of the implementation code with at least the specified model 102 [to identify, in the second set of the respective code elements in the corpus of source code listings, one or more second code elements in compliance with the given validation rule] (emphasis added).”; paragraph [0036], “[…] the implementation code 104 may be aware of and comply with code structure rules set forth by the meta-model description 101 to implement instances of components and interfaces in compliance with the specified model 102 (emphasis added).”). As pointed out hereinabove, Safary and Brunel are both analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Brunel into the teaching of Safary to include “a corpus of source code listings comprising respective code elements; to access the corpus of source code listings; to select, from the first set of the respective code elements, a first code element not in compliance with a given validation rule; and to identify, in the second set of the respective code elements in the corpus of source code listings, one or more second code elements in compliance with the given validation rule.” The modification would be obvious because one of ordinary skill in the art would be motivated to aid a programmer in rapidly reviewing and revising code elements to bring the code elements into compliance with at least a given validation rule (Brunel, paragraph [0034]). Safary discloses “security features,” but the combination of Safary and Brunel does not explicitly disclose: to automatically generate a replacement code element by modifying the first code element based on security features of the one or more second code elements to bring the first code element into compliance with the given validation rule; to automatically replace, in the corpus of source code listings, the first code element with the automatically generated replacement code element to thereby generate modified source code listings; and to store the modified source code listings in a code repository. However, Balasubramanian discloses: to […] generate a replacement code element by modifying the first code element based on […] the one or more second code elements to bring the first code element into compliance with the given validation rule (paragraph [0002], “The coding standards may be formalized into a documented set of rules or an informal set of practices for a development group to follow. Formal coding standards can provide a top-down approach, often recommended and enforced long after program development is underway (emphasis added).”; paragraph [0031]3, “As shown, process flow 300 of FIG. 3 begins at step 340, whereby IDE 218 starts scanning source code 224. At 342, it is determined whether source code 224 deviates from a set of coding standards. If no deviation exists, the code base is considered to be compliant to the set of coding standards (step 344) [based on {…} the one or more second code elements] (emphasis added).”; paragraph [0050], “Once second developer 222 is identified as having the requisite set of skills, IDE 218 sends artifact 230 from the segment extraction process to second developer 222, as provided in step 386. Second developer 222 then modifies source code 224 to correct coding violation 232, and returns artifact 230, containing a segment of modified source code 225, to IDE 218, as provided in step 388 [to {…} generate a replacement code element by modifying the first code element based on {…} the one or more second code elements] (emphasis added).”; paragraph [0051], “Next, as provided in step 390, IDE 218 tests modified source code segment 225 to determine if it complies with the set of coding standards […] In the case that the testing is successful, indicating that the set of standards is met, engine 220 causes IDE 218 to attempt in-place replacement of the existing code segment from source code 224 with modified source code segment 225, as provided in step 392. If replacement is successful, IDE 218 now contains a code base that is fully compliant with the set of standards (step 344) [bring the first code element into compliance with the given validation rule] (emphasis added).”); [3Examiner’s Remarks: Note that Balasubramanian discloses that the code base is considered to be compliant when no deviations from a set of coding standards is found. And that the second developer modifies the source code to correct the coding violation. And that the IDE tests the modified source code to determine if it complies with the set of coding standards. Thus, one of ordinary skill in the art would readily comprehend that the second developer modifies the source code with the coding violation based on the compliant source code in accordance with the set of coding standards in order to bring the non-compliant source code into compliance with the set of coding standards.] to automatically replace, in the corpus of source code listings, the first code element with the […] generated replacement code element to thereby generate modified source code listings (paragraph [0051], “In the case that the testing is successful, indicating that the set of standards is met, engine 220 causes IDE 218 to attempt in-place replacement of the existing code segment from source code 224 with modified source code segment 225, as provided in step 392 [to automatically replace, in a corpus of source code listings, the first code element with the {…} generated replacement code element to thereby generate modified source code listings]. If replacement is successful, IDE 218 now contains a code base that is fully compliant with the set of standards (step 344) (emphasis added).”); and to store the modified source code listings in a code repository (paragraph [0026], “While executing computer program code, processing unit 106 can read and/or write data to/from memory 108, storage system 114, code repository 117, and IDE 118 (emphasis added).”; paragraph [0027], “As is commonly known, code repository 117 is a searchable, categorized, and/or Internet accessible location that users may access to browse, search, and download source or compiled library code [to store the modified source code listings in a code repository]. Uses of code repositories may include open source projects, proprietary development projects, and/or projects that create libraries for later use (emphasis added).”). As pointed out hereinabove, Balasubramanian is an analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Balasubramanian into the combined teachings of Safary and Brunel to include “to […] generate a replacement code element by modifying the first code element based on […] the one or more second code elements to bring the first code element into compliance with the given validation rule; to automatically replace, in the corpus of source code listings, the first code element with the […] generated replacement code element to thereby generate modified source code listings; and to store the modified source code listings in a code repository.” The modification would be obvious because one of ordinary skill in the art would be motivated to provide correction of source code that does not comply with an established coding standard in a code base contained in an Integrated Development Environment (IDE) (Balasubramanian, paragraph [0021]). The combination of Safary, Brunel, and Balasubramanian discloses “to […] generate a replacement code element […],” but the combination of Safary, Brunel, and Balasubramanian does not explicitly disclose: to automatically generate a replacement code element. However, Riedl discloses: to automatically generate a replacement code element (paragraph [0093], “[…] implicitly and automatically generate code that may replace the call to the second program element by an auxiliary program element, wherein the auxiliary program element is designed to be compliant with the safety classification (emphasis added).”). As pointed out hereinabove, Riedl is an analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Riedl into the combined teachings of Safary, Brunel, and Balasubramanian to include “to automatically generate a replacement code element.” The modification would be obvious because one of ordinary skill in the art would be motivated to automatically generate a modified program source code that mitigates safety risks associated with a program element by replacing it effectively with an auxiliary program element compliant with a safety classification (Riedl, paragraph [0009]). As per Claim 19, Safary discloses: A computer software product, the computer software product comprising a non-transitory computer-readable medium (Figure 1: 115), in which program instructions are stored, which when read by a computer, cause the computer: to access a repository of validation rules defining respective acceptable security parameters for […] respective code elements (paragraph [0014], “[…] an institution may release coding guidelines that specify security and efficiency standards that are to be followed by software developers [defining respective acceptable security parameters for {…} respective code elements] (emphasis added).”; paragraph [0021], “Configuring the tool may include expressing coding guidelines as computer readable rules. The rules may be stored in a control table [a repository of validation rules]. Rules stored in a control table may be changed or deleted. New rules may be added to a control table. A control table may correspond to coding guidelines.”; paragraph [0031], “After identifying the operation, a control table may be searched [to access a repository of validation rules] to determine if the control table includes an entry associated with the detected operation. An entry in the control table may include one or more rules for the detected operation. Upon detecting that the source code includes an operation associated with an entry in the control table, the tool may evaluate whether the operations complies with one or more rules associated with the operation.”); and prior to execution of […] source code listings (paragraph [0018]1, “Utilization of the tool may result in discovery of defects or ‘bugs’ in the source code at an early in development of the software, when the defects are relatively easy to fix. For example, detecting the defects an early stage in development of a product may pose relative risk to the institution than detecting defects after deployment of the product (emphasis added).”): [1Examiner’s Remarks: Note that Safary discloses that detecting the defects at an early stage in development of a product may pose relative risk to the institution than detecting defects after deployment of the product. Thus, one of ordinary skill in the art would readily comprehend that detecting the defects at an early stage in development of the product is performed prior to execution of the product after it is deployed.] to performing static analysis of the […] source code listings by analyzing the […] source code listings (paragraph [0154], “At step 315, the system parses each line of source code. At step 317, the system determines whether at least one iSeries operation within the line of source code [to perform static analysis of the {…} source code listings by analyzing the {…} source code listings] (emphasis added).”) and to apply the validation rules to the respective code elements in the […] source code listings (paragraph [0156], “When the control table includes an entry corresponding to the detected operation, then at step 321, the system evaluates whether the detected operation is executed (or formatted to execute) in confirmation with a rule associated with the operation [to apply the validation rules to the respective code elements in the {…} source code listings].”) so as to identify a first set of the respective code elements not in compliance with the validation rules and a second set of the respective code elements in compliance with the validation rules (paragraph [0019], “The iSeries code review tool is configured to scan source code written for iSeries and detect compliance and/or non-compliance of the source code with institutional coding guidelines. The tool may produce a list of detected defects and/or warnings associated with the source code [identify a first set of the respective code elements not in compliance with the validation rules {…}]. The tool may produce a list of detected compliant operations associated with the source code [identify {…} a second set of the respective code elements in compliance with the validation rules] (emphasis added).”; paragraph [0021], “Configuring the tool may include expressing coding guidelines as computer readable rules (emphasis added).”). Safary does not explicitly disclose: to access a corpus of source code listings comprising respective code elements; to select, from the first set of the respective code elements, a first code element not in compliance with a given validation rule; and to identify, in the second set of the respective code elements in the corpus of source code listings, one or more second code elements in compliance with the given validation rule. However, Brunel discloses: to access a corpus of source code listings comprising respective code elements (paragraph [0031]2, “In embodiments, the data-processing system 110 is also adapted to receive implementation code 104 [to access a corpus of source code listings] that is to be evaluated for compliance with at least the specified model 102. In some cases, the implementation code 104 can be a portion of a system-control code that is eventually deployed for complete operation of a dynamic system. In some cases, the implementation code 104 can be the entire system-control code. The implementation code 104 can comprise one or more files of source code and further include related files (e.g., header, library, and/or data files needed by the implementation code 104) [a corpus of source code listings comprising respective code elements] (emphasis added).”); [2Examiner’s Remarks: Under the broadest reasonable interpretation (BRI), the plain meaning of the limitation “a corpus of source code listings” is a collection of source code listings, which is consistent with the specification. Thus, the limitation “a corpus of source code listings,” given its plain meaning consistent with the specification, is mapped to Brunel’s implementation code comprising one or more files of source code and further including related files. See MPEP § 2173.01(I).] to select, from the first set of the respective code elements, a first code element not in compliance with a given validation rule (paragraph [0023], “[…] a meta model description 101 can provide rules and definitions about how corresponding specified models can be formed to comply with a software architecture, and may further dictate how corresponding implementation code is structured to comply with the specified model and, in some cases, with the meta-model (emphasis added).”; paragraph [0028], “The specified model 102 may be prepared to comply with an over-arching meta-model description 101 that can place constraints on how the specified model 102 is formed, how the implementation code 104 is structured from the specified model, as well as how the system-control code is structured (emphasis added).”; paragraph [0030], “The meta model 101 may further define rules that dictate the structure of the implementation code 104 (emphasis added).”; paragraph [0036], “[…] the implementation code 104 may be aware of and comply with code structure rules set forth by the meta-model description 101 to implement instances of components and interfaces in compliance with the specified model 102 (emphasis added).”; paragraph [0088], “[…] a user can hover a cursor over or select a relevant non-compliant code part 840 in the source code panel 129, and in response, the user-interface engine 660 can render a graphical affordance, for example, a pop-up window 850 providing further information about the cause of the non-compliant code part. The information about the cause of non-compliance can be provided by the code analyzer 650 as a result of static analysis of the code part and comparison with constraints derived from the specified model or meta-model, for example [to select, from the first set of the respective code elements, a first code element not in compliance with a given validation rule] (emphasis added).”); and to identify, in the second set of the respective code elements in the corpus of source code listings, one or more second code elements in compliance with the given validation rule (paragraph [0023], “[…] a meta model description 101 can provide rules and definitions about how corresponding specified models can be formed to comply with a software architecture, and may further dictate how corresponding implementation code is structured to comply with the specified model and, in some cases, with the meta-model (emphasis added).”; paragraph [0028], “The specified model 102 may be prepared to comply with an over-arching meta-model description 101 that can place constraints on how the specified model 102 is formed, how the implementation code 104 is structured from the specified model, as well as how the system-control code is structured (emphasis added).”; paragraph [0030], “The meta model 101 may further define rules that dictate the structure of the implementation code 104 (emphasis added).”; paragraph [0034], “As only one example, several panels can be displayed on the user interface 180 that provide reasons for and/or details about compliance and non-compliance (if any) of code parts of the implementation code with at least the specified model 102 [to identify, in the second set of the respective code elements in the corpus of source code listings, one or more second code elements in compliance with the given validation rule] (emphasis added).”; paragraph [0036], “[…] the implementation code 104 may be aware of and comply with code structure rules set forth by the meta-model description 101 to implement instances of components and interfaces in compliance with the specified model 102 (emphasis added).”). As pointed out hereinabove, Safary and Brunel are both analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Brunel into the teaching of Safary to include “to access a corpus of source code listings comprising respective code elements; to select, from the first set of the respective code elements, a first code element not in compliance with a given validation rule; and to identify, in the second set of the respective code elements in the corpus of source code listings, one or more second code elements in compliance with the given validation rule.” The modification would be obvious because one of ordinary skill in the art would be motivated to aid a programmer in rapidly reviewing and revising code elements to bring the code elements into compliance with at least a given validation rule (Brunel, paragraph [0034]). Safary discloses “security features,” but the combination of Safary and Brunel does not explicitly disclose: to automatically generate a replacement code element by modifying the first code element based on security features of the one or more second code elements to bring the first code element into compliance with the given validation rule; to automatically replace, in the corpus of source code listings, the first code element with the automatically generated replacement code element to thereby generate modified source code listings; and to store the modified source code listings in a code repository. However, Balasubramanian discloses: to […] generate a replacement code element by modifying the first code element based on […] the one or more second code elements to bring the first code element into compliance with the given validation rule (paragraph [0002], “The coding standards may be formalized into a documented set of rules or an informal set of practices for a development group to follow. Formal coding standards can provide a top-down approach, often recommended and enforced long after program development is underway (emphasis added).”; paragraph [0031]3, “As shown, process flow 300 of FIG. 3 begins at step 340, whereby IDE 218 starts scanning source code 224. At 342, it is determined whether source code 224 deviates from a set of coding standards. If no deviation exists, the code base is considered to be compliant to the set of coding standards (step 344) [based on {…} the one or more second code elements] (emphasis added).”; paragraph [0050], “Once second developer 222 is identified as having the requisite set of skills, IDE 218 sends artifact 230 from the segment extraction process to second developer 222, as provided in step 386. Second developer 222 then modifies source code 224 to correct coding violation 232, and returns artifact 230, containing a segment of modified source code 225, to IDE 218, as provided in step 388 [to {…} generate a replacement code element by modifying the first code element based on {…} the one or more second code elements] (emphasis added).”; paragraph [0051], “Next, as provided in step 390, IDE 218 tests modified source code segment 225 to determine if it complies with the set of coding standards […] In the case that the testing is successful, indicating that the set of standards is met, engine 220 causes IDE 218 to attempt in-place replacement of the existing code segment from source code 224 with modified source code segment 225, as provided in step 392. If replacement is successful, IDE 218 now contains a code base that is fully compliant with the set of standards (step 344) [bring the first code element into compliance with the given validation rule] (emphasis added).”); [3Examiner’s Remarks: Note that Balasubramanian discloses that the code base is considered to be compliant when no deviations from a set of coding standards is found. And that the second developer modifies the source code to correct the coding violation. And that the IDE tests the modified source code to determine if it complies with the set of coding standards. Thus, one of ordinary skill in the art would readily comprehend that the second developer modifies the source code with the coding violation based on the compliant source code in accordance with the set of coding standards in order to bring the non-compliant source code into compliance with the set of coding standards.] to automatically replace, in the corpus of source code listings, the first code element with the […] generated replacement code element to thereby generate modified source code listings (paragraph [0051], “In the case that the testing is successful, indicating that the set of standards is met, engine 220 causes IDE 218 to attempt in-place replacement of the existing code segment from source code 224 with modified source code segment 225, as provided in step 392 [to automatically replace, in a corpus of source code listings, the first code element with the {…} generated replacement code element to thereby generate modified source code listings]. If replacement is successful, IDE 218 now contains a code base that is fully compliant with the set of standards (step 344) (emphasis added).”); and to store the modified source code listings in a code repository (paragraph [0026], “While executing computer program code, processing unit 106 can read and/or write data to/from memory 108, storage system 114, code repository 117, and IDE 118 (emphasis added).”; paragraph [0027], “As is commonly known, code repository 117 is a searchable, categorized, and/or Internet accessible location that users may access to browse, search, and download source or compiled library code [to store the modified source code listings in a code repository]. Uses of code repositories may include open source projects, proprietary development projects, and/or projects that create libraries for later use (emphasis added).”). As pointed out hereinabove, Balasubramanian is an analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Balasubramanian into the combined teachings of Safary and Brunel to include “to […] generate a replacement code element by modifying the first code element based on […] the one or more second code elements to bring the first code element into compliance with the given validation rule; to automatically replace, in the corpus of source code listings, the first code element with the […] generated replacement code element to thereby generate modified source code listings; and to store the modified source code listings in a code repository.” The modification would be obvious because one of ordinary skill in the art would be motivated to provide correction of source code that does not comply with an established coding standard in a code base contained in an Integrated Development Environment (IDE) (Balasubramanian, paragraph [0021]). The combination of Safary, Brunel, and Balasubramanian discloses “to […] generate a replacement code element […],” but the combination of Safary, Brunel, and Balasubramanian does not explicitly disclose: to automatically generate a replacement code element. However, Riedl discloses: to automatically generate a replacement code element (paragraph [0093], “[…] implicitly and automatically generate code that may replace the call to the second program element by an auxiliary program element, wherein the auxiliary program element is designed to be compliant with the safety classification (emphasis added).”). As pointed out hereinabove, Riedl is an analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Riedl into the combined teachings of Safary, Brunel, and Balasubramanian to include “to automatically generate a replacement code element.” The modification would be obvious because one of ordinary skill in the art would be motivated to automatically generate a modified program source code that mitigates safety risks associated with a program element by replacing it effectively with an auxiliary program element compliant with a safety classification (Riedl, paragraph [0009]). As per Claim 20, the rejection of Claim 1 is incorporated; and Safary further discloses: wherein the first code element comprises a configuration parameter and an associated value in a source code listing for a software application, the configuration parameter controlling an operational mode of the software application during execution (paragraph [0016], “The tool may retrieve iSeries source code and determine if operations used by source code comply with a set of rules. An iSeries operation may direct the iSeries mainframe computer to perform a specific action. An iSeries operation may define a variable, define a record or provide any suitable instruction to a compiler.”; paragraph [0026], “The specific operation may include a database operation such as queries, push, pull and delete.”; paragraph [0085], “[…] a database operation may specify ‘PF’ indicating an iSeries operation is applied to a physical file. Coding guidelines may specify that an SQL file is preferred over the physical file. As a further example, a database write operation may include a ‘NC’ or non-commit flag. The NC flag indicates that the requested write operation does ‘not commit,’ or permanently store the written information. Coding guidelines may discourage use of iSeries operations that include the NC flag.”), and wherein the validation rules include one or more security rules configured to detect when the associated value enables an insecure operational mode that exposes the software application to a security risk (paragraph [0083], “The tool may retrieve a control table associated with the code type. The control table may include iSeries operations that, as a result of coding guidelines, are linked within the control table to a rule. The rule may specify a format for an iSeries operation. The rule may include impermissible operation properties, impermissible instruction definitions or impermissible operator formats. Impermissible properties or definitions may not cause compilation errors. An operation or definition may be deemed impermissible as a result of a potential security risk, financial risk, performance risk or any other suitable consideration.”). Claim 21 is an apparatus claim corresponding to the method claim hereinabove (Claim 20). Therefore, Claim 21 is rejected for the same reason set forth in the rejection of Claim 20. Claim 22 is a computer software product claim corresponding to the method claim hereinabove (Claim 20). Therefore, Claim 22 is rejected for the same reason set forth in the rejection of Claim 20. Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over Safary in view of Brunel, Balasubramanian, and Riedl as applied to Claim 1 above, and further in view of US 2004/0205707 (hereinafter “Kothari”). [Examiner’s Remarks: In order for a reference to be proper for use in an obviousness rejection under 35 U.S.C. 103, the reference must be analogous art to the claimed invention. In re Bigio, 381 F.3d 1320, 1325, 72 USPQ2d 1209, 1212 (Fed. Cir. 2004). A reference is analogous art to the claimed invention if: (1) the reference is from the same field of endeavor as the claimed invention (even if it addresses a different problem); or (2) the reference is reasonably pertinent to the problem faced by the inventor (even if it is not in the same field of endeavor as the claimed invention). Note that the claimed invention is generally directed to detecting misconfigured source code and presenting one or more correctly configured alternatives that can be used to update the misconfigured source code (specification, paragraph [0002]). As for the “same field of endeavor” test, Kothari is generally directed to displaying and editing programs within an Integrated Development Environment (IDE) (Kothari, paragraph [0026]). Thus, Kothari is an analogous art to the claimed invention (even if it addresses a different problem). See MPEP § 2141.01(a)(I).] As per Claim 4, the rejection of Claim 1 is incorporated; and the combination of Safary, Brunel, Balasubramanian, and Riedl does not explicitly disclose: wherein modifying the first code element based on the one or more second code elements comprises adding a given second code element to the first code element. However, Kothari discloses: wherein modifying the first code element based on the one or more second code elements comprises adding a given second code element to the first code element (paragraph [0058], “[…] the code builders that were described above and that are presently identified in the code builder toolbox 720 can be utilized to develop and add new code segments to the code portion 712 of the program. Adding new code segments to existing code is one form of editing the program in response to user input (act 560).”). As pointed out hereinabove, Kothari is an analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Kothari into the combined teachings of Safary, Brunel, Balasubramanian, and Riedl to include “wherein modifying the first code element based on the one or more second code elements comprises adding a given second code element to the first code element.” The modification would be obvious because one of ordinary skill in the art would be motivated to develop and add new code segments to a code portion of a program (Kothari, paragraph [0058]). Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over Safary in view of Brunel, Balasubramanian, and Riedl as applied to Claim 1 above, and further in view of US 2020/0097261 (hereinafter “Smith”). [Examiner’s Remarks: In order for a reference to be proper for use in an obviousness rejection under 35 U.S.C. 103, the reference must be analogous art to the claimed invention. In re Bigio, 381 F.3d 1320, 1325, 72 USPQ2d 1209, 1212 (Fed. Cir. 2004). A reference is analogous art to the claimed invention if: (1) the reference is from the same field of endeavor as the claimed invention (even if it addresses a different problem); or (2) the reference is reasonably pertinent to the problem faced by the inventor (even if it is not in the same field of endeavor as the claimed invention). Note that the claimed invention is generally directed to detecting misconfigured source code and presenting one or more correctly configured alternatives that can be used to update the misconfigured source code (specification, paragraph [0002]). As for the “same field of endeavor” test, Smith is generally directed to code completion during programming and development (Smith, paragraph [0021]). Thus, Smith is an analogous art to the claimed invention (even if it addresses a different problem). See MPEP § 2141.01(a)(I).] As per Claim 6, the rejection of Claim 1 is incorporated; and the combination of Safary, Brunel, and Riedl does not explicitly disclose: replacing […] a given first code element with the […] given presented second code element. However, Balasubramanian discloses: replacing […] a given first code element with the […] given presented second code element (paragraph [0051], “In the case that the testing is successful, indicating that the set of standards is met, engine 220 causes IDE 218 to attempt in-place replacement of the existing code segment from source code 224 with modified source code segment 225, as provided in step 392. If replacement is successful, IDE 218 now contains a code base that is fully compliant with the set of standards (step 344).”). As pointed out hereinabove, Balasubramanian is an analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Balasubramanian into the combined teachings of Safary, Brunel, and Riedl to include “replacing […] a given first code element with the […] given presented second code element.” The modification would be obvious because one of ordinary skill in the art would be motivated to provide correction of source code that does not comply with an established coding standard in a code base contained in an Integrated Development Environment (IDE) (Balasubramanian, paragraph [0021]). The combination of Safary, Brunel, Balasubramanian, and Riedl does not explicitly disclose: receiving an input indicating a selection of a given presented second code element. However, Smith discloses: receiving an input indicating a selection of a given presented second code element (paragraph [0081], “In step 504, the relevant code snippets that are found may be ranked. Ranking may be performed to present the most likely or most useful code completions first and present less likely or helpful code completions later.”; paragraph [0082], “In step 505, a selection of a code snippet may be received from a user. Selection may be by user input such typing, tapping, clicking, voice commands, or other input.”). As pointed out hereinabove, Smith is an analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Smith into the combined teachings of Safary, Brunel, Balasubramanian, and Riedl to include “receiving an input indicating a selection of a given presented second code element.” The modification would be obvious because one of ordinary skill in the art would be motivated to allow interactive editing of source code by a user, such as a programmer (Smith, paragraph [0060]). Claims 8, 9, and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Safary in view of Brunel, Balasubramanian, and Riedl as applied to Claim 7 above, and further in view of US 2011/0184938 (hereinafter “Hill”). [Examiner’s Remarks: In order for a reference to be proper for use in an obviousness rejection under 35 U.S.C. 103, the reference must be analogous art to the claimed invention. In re Bigio, 381 F.3d 1320, 1325, 72 USPQ2d 1209, 1212 (Fed. Cir. 2004). A reference is analogous art to the claimed invention if: (1) the reference is from the same field of endeavor as the claimed invention (even if it addresses a different problem); or (2) the reference is reasonably pertinent to the problem faced by the inventor (even if it is not in the same field of endeavor as the claimed invention). Note that the claimed invention is generally directed to detecting misconfigured source code and presenting one or more correctly configured alternatives that can be used to update the misconfigured source code (specification, paragraph [0002]). As for the “same field of endeavor” test, Hill is generally directed to determining similarity between a plurality of source code files (Hill, paragraph [0008]). Thus, Hill is an analogous art to the claimed invention (even if it addresses a different problem). See MPEP § 2141.01(a)(I).] As per Claim 8, the rejection of Claim 7 is incorporated; and the combination of Safary, Brunel, Balasubramanian, and Riedl does not explicitly disclose: computing respective counts of instances of the plurality of distinct second code elements, and sorting the plurality of distinct second code elements by their respective counts into a sorted order, and wherein presenting the one or more second code elements comprises presenting the plurality of distinct second code elements in the sorted order. However, Hill discloses: computing respective counts of instances of the plurality of distinct second code elements (paragraph [0034], “[…] module 210 may sort the data in Table 4 such that source code program files having the highest support count are shown at the top of the table, as shown for example in Table 5.”), and sorting the plurality of distinct second code elements by their respective counts into a sorted order (paragraph [0034], “[…] module 210 may sort the data in Table 4 such that source code program files having the highest support count are shown at the top of the table, as shown for example in Table 5.”), and wherein presenting the one or more second code elements comprises presenting the plurality of distinct second code elements in the sorted order (paragraph [0036], “The contents, or a part of the contents, of the table 5 may be presented to a user, for example by way of a list, through a suitable output device such as a display device. In this way, a user can quickly identify which of the source code files are most similar.”). As pointed out hereinabove, Hill is an analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Hill into the combined teachings of Safary, Brunel, Balasubramanian, and Riedl to include “computing respective counts of instances of the plurality of distinct second code elements, and sorting the plurality of distinct second code elements by their respective counts into a sorted order, and wherein presenting the one or more second code elements comprises presenting the plurality of distinct second code elements in the sorted order.” The modification would be obvious because one of ordinary skill in the art would be motivated to allow a user to quickly identify compliant and non-compliant source code elements (Hill, paragraph [0036]). As per Claim 9, the rejection of Claim 7 is incorporated; and the combination of Safary, Brunel, Balasubramanian, and Riedl does not explicitly disclose: computing respective statistics for the plurality of distinct second code elements, and wherein presenting the one or more second code elements comprises presenting the plurality of distinct second code elements and their respective statistics. However, Hill discloses: computing respective statistics for the plurality of distinct second code elements (paragraph [0034], “[…] module 210 may sort the data in Table 4 such that source code program files having the highest support count are shown at the top of the table, as shown for example in Table 5.”), and wherein presenting the one or more second code elements comprises presenting the plurality of distinct second code elements and their respective statistics (paragraph [0036], “The contents, or a part of the contents, of the table 5 may be presented to a user, for example by way of a list, through a suitable output device such as a display device. In this way, a user can quickly identify which of the source code files are most similar.”). As pointed out hereinabove, Hill is an analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Hill into the combined teachings of Safary, Brunel, Balasubramanian, and Riedl to include “computing respective statistics for the plurality of distinct second code elements, and wherein presenting the one or more second code elements comprises presenting the plurality of distinct second code elements and their respective statistics.” The modification would be obvious because one of ordinary skill in the art would be motivated to allow a user to quickly identify compliant and non-compliant source code elements (Hill, paragraph [0036]). As per Claim 11, the rejection of Claim 9 is incorporated; and the combination of Safary, Brunel, Balasubramanian, and Riedl does not explicitly disclose: computing respective counts of instances of the plurality of distinct second code elements, and wherein the computed-respective statistics for the plurality of distinct second code elements comprise the computed respective counts of instances of the plurality of distinct second code elements. However, Hill discloses: computing respective counts of instances of the plurality of distinct second code elements, and wherein the computed-respective statistics for the plurality of distinct second code elements comprise the computed respective counts of instances of the plurality of distinct second code elements (paragraph [0034], “[…] module 210 may sort the data in Table 4 such that source code program files having the highest support count are shown at the top of the table, as shown for example in Table 5.”). As pointed out hereinabove, Hill is an analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Hill into the combined teachings of Safary, Brunel, Balasubramanian, and Riedl to include “computing respective counts of instances of the plurality of distinct second code elements, and wherein the computed-respective statistics for the plurality of distinct second code elements comprise the computed respective counts of instances of the plurality of distinct second code elements.” The modification would be obvious because one of ordinary skill in the art would be motivated to allow a user to quickly identify compliant and non-compliant source code elements (Hill, paragraph [0036]). Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Safary in view of Brunel, Balasubramanian, Riedl, and Hill as applied to Claim 9 above, and further in view of US 2014/0366140 (hereinafter “Chen”). [Examiner’s Remarks: In order for a reference to be proper for use in an obviousness rejection under 35 U.S.C. 103, the reference must be analogous art to the claimed invention. In re Bigio, 381 F.3d 1320, 1325, 72 USPQ2d 1209, 1212 (Fed. Cir. 2004). A reference is analogous art to the claimed invention if: (1) the reference is from the same field of endeavor as the claimed invention (even if it addresses a different problem); or (2) the reference is reasonably pertinent to the problem faced by the inventor (even if it is not in the same field of endeavor as the claimed invention). Note that the claimed invention is generally directed to detecting misconfigured source code and presenting one or more correctly configured alternatives that can be used to update the misconfigured source code (specification, paragraph [0002]). As for the “same field of endeavor” test, Chen is generally directed to estimating a quantity of exploitable security vulnerabilities in a release of an application (Chen, Abstract). Thus, Chen is an analogous art to the claimed invention (even if it addresses a different problem). See MPEP § 2141.01(a)(I).] As per Claim 10, the rejection of Claim 9 is incorporated; and the combination of Safary, Brunel, Balasubramanian, Riedl, and Hill does not explicitly disclose: applying specified criteria to the computed respective statistics for the plurality of distinct second code elements, and identifying one or more of the plurality of distinct second code elements whose respective statistics comply with the specified criteria, and wherein presenting the one or more second code elements comprises presenting the plurality of distinct second code elements compliant with the specified criteria. However, Chen discloses: applying specified criteria to the computed respective statistics for the plurality of distinct second code elements, and identifying one or more of the plurality of distinct second code elements whose respective statistics comply with the specified criteria, and wherein presenting the one or more second code elements comprises presenting the plurality of distinct second code elements compliant with the specified criteria (paragraph [0024], “Quantitative source code analysis metrics for the historic releases of the application may be obtained based on the historic source code analysis results. As used herein, a quantitative source code analysis metric is a measure representing a quantity of source code analysis issues identified in a respective historic release of an application.”; paragraph [0041], “In some examples, the system may receive criteria defining what types of issues to report. In such examples, source code analysis results returned by the system may represent issues identified that meet the specified criteria.”; paragraph [0059], “[…] instructions 324 may also receive a selection of filtering criteria 396. In such examples, the selection of filtering criteria 396 may be received via user input, for example, or in any other suitable manner. In such examples, instructions 324 may determine, based on the selected filtering criteria 396, a subset of the collection of vulnerability reporting data 394 for the historic releases of the application, and determine the quantitative security vulnerability reporting metrics 336 based on the subset of the collection of vulnerability reporting data 394. The selected filtering criteria 396 may indicate data to exclude from reporting data 394 when calculating quantitative security vulnerability reporting metrics 336.”). As pointed out hereinabove, Chen is an analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Chen into the combined teachings of Safary, Brunel, Balasubramanian, Riedl, and Hill to include “applying specified criteria to the computed respective statistics for the plurality of distinct second code elements, and identifying one or more of the plurality of distinct second code elements whose respective statistics comply with the specified criteria, and wherein presenting the one or more second code elements comprises presenting the plurality of distinct second code elements compliant with the specified criteria.” The modification would be obvious because one of ordinary skill in the art would be motivated to receive criteria defining what types of issues to report (Chen, paragraph [0041]). Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over Safary in view of Brunel, Balasubramanian, Riedl, and Hill as applied to Claim 9 above, and further in view of US 2009/0144698 (hereinafter “Fanning”). [Examiner’s Remarks: In order for a reference to be proper for use in an obviousness rejection under 35 U.S.C. 103, the reference must be analogous art to the claimed invention. In re Bigio, 381 F.3d 1320, 1325, 72 USPQ2d 1209, 1212 (Fed. Cir. 2004). A reference is analogous art to the claimed invention if: (1) the reference is from the same field of endeavor as the claimed invention (even if it addresses a different problem); or (2) the reference is reasonably pertinent to the problem faced by the inventor (even if it is not in the same field of endeavor as the claimed invention). Note that the claimed invention is generally directed to detecting misconfigured source code and presenting one or more correctly configured alternatives that can be used to update the misconfigured source code (specification, paragraph [0002]). As for the “same field of endeavor” test, Fanning is generally directed to prioritizing quality improvements to source code (Fanning, paragraph [0009]). Thus, Fanning is an analogous art to the claimed invention (even if it addresses a different problem). See MPEP § 2141.01(a)(I).] As per Claim 12, the rejection of Claim 9 is incorporated; and the combination of Safary, Brunel, Balasubramanian, Riedl, and Hill does not explicitly disclose: computing respective percentages of instances of the plurality of distinct second code elements, and wherein the computed statistics for the plurality of distinct second code elements comprise the computed respective percentages of the instances of the plurality of distinct second code elements. However, Fanning discloses: computing respective percentages of instances of the plurality of distinct second code elements, and wherein the computed statistics for the plurality of distinct second code elements comprise the computed respective percentages of the instances of the plurality of distinct second code elements (paragraph [0043], “Generally, a code coverage value (e.g., percent) can be calculated based on test results obtained from executed test cases for source code of an application. The test cases typically include a set of conditions to determine whether a requirement upon the software application is satisfied. The percentage of source code executed by the test cases can indicate the sections of the source code, which are covered by the test cases and can thus help evaluate code coverage.”). As pointed out hereinabove, Fanning is an analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Fanning into the combined teachings of Safary, Brunel, Balasubramanian, Riedl, and Hill to include “computing respective percentages of instances of the plurality of distinct second code elements, and wherein the computed statistics for the plurality of distinct second code elements comprise the computed respective percentages of the instances of the plurality of distinct second code elements.” The modification would be obvious because one of ordinary skill in the art would be motivated to indicate sections of source code to help evaluate code coverage (Fanning, paragraph [0043]). Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Safary in view of Brunel, Balasubramanian, and Riedl as applied to Claim 5 above, and further in view of US 2008/0004893 (hereinafter “Graboske”). [Examiner’s Remarks: In order for a reference to be proper for use in an obviousness rejection under 35 U.S.C. 103, the reference must be analogous art to the claimed invention. In re Bigio, 381 F.3d 1320, 1325, 72 USPQ2d 1209, 1212 (Fed. Cir. 2004). A reference is analogous art to the claimed invention if: (1) the reference is from the same field of endeavor as the claimed invention (even if it addresses a different problem); or (2) the reference is reasonably pertinent to the problem faced by the inventor (even if it is not in the same field of endeavor as the claimed invention). Note that the claimed invention is generally directed to detecting misconfigured source code and presenting one or more correctly configured alternatives that can be used to update the misconfigured source code (specification, paragraph [0002]). As for the “reasonably pertinent” test, Graboske is generally directed to validating an appraisal report and providing an appraisal score (Graboske, paragraph [0003]). Thus, Graboske is an analogous art to the claimed invention (even if it is not in the same field of endeavor as the claimed invention). See MPEP § 2141.01(a)(I).] As per Claim 13, the rejection of Claim 5 is incorporated; and the combination of Safary, Brunel, Balasubramanian, and Riedl does not explicitly disclose: wherein the validation rules comprise respective severity levels, and further comprising presenting, on the display, a severity level for the given validation rule. However, Graboske discloses: wherein the validation rules comprise respective severity levels (paragraph [0043], “The discrepancy report shows a discrepancy amount, a discrepancy percentage, and a severity level between the appraisal data 111 and the property data 116 for each discrepancy rule and/or for each validation rule.”), and further comprising presenting, on the display, a severity level for the given validation rule (paragraph [0043], “The discrepancy report module 165 outputs a discrepancy report, which lists the appraisal items, the number of medium severity discrepancies and the number of high severity discrepancies (1380). The discrepancy report shows a discrepancy amount, a discrepancy percentage, and a severity level between the appraisal data 111 and the property data 116 for each discrepancy rule and/or for each validation rule.”). As pointed out hereinabove, Graboske is an analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Graboske into the combined teachings of Safary, Brunel, Balasubramanian, and Riedl to include “wherein the validation rules comprise respective severity levels, and further comprising presenting, on the display, a severity level for the given validation rule.” The modification would be obvious because one of ordinary skill in the art would be motivated to report a severity level for each validation rule to a user (Graboske, paragraph [0043]). Claims 15 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Safary in view of Brunel, Balasubramanian, and Riedl as applied to Claim 1 above, and further in view of US 2023/0139119 (hereinafter “Mietke”). [Examiner’s Remarks: In order for a reference to be proper for use in an obviousness rejection under 35 U.S.C. 103, the reference must be analogous art to the claimed invention. In re Bigio, 381 F.3d 1320, 1325, 72 USPQ2d 1209, 1212 (Fed. Cir. 2004). A reference is analogous art to the claimed invention if: (1) the reference is from the same field of endeavor as the claimed invention (even if it addresses a different problem); or (2) the reference is reasonably pertinent to the problem faced by the inventor (even if it is not in the same field of endeavor as the claimed invention). Note that the claimed invention is generally directed to detecting misconfigured source code and presenting one or more correctly configured alternatives that can be used to update the misconfigured source code (specification, paragraph [0002]). As for the “same field of endeavor” test, Mietke is generally directed to a code simplification system (Mietke, Abstract). Thus, Mietke is an analogous art to the claimed invention (even if it addresses a different problem). See MPEP § 2141.01(a)(I).] As per Claim 15, the rejection of Claim 1 is incorporated; and the combination of Safary, Brunel, Balasubramanian, and Riedl does not explicitly disclose: identifying respective intended uses of the respective code elements, wherein the first code element has a given intended use, and wherein identifying the one or more second code elements comprises identifying the one or more second code elements having the given intended use. However, Mietke discloses: identifying respective intended uses of the respective code elements, wherein the first code element has a given intended use, and wherein identifying the one or more second code elements comprises identifying the one or more second code elements having the given intended use (paragraph [0021], “[…] a human user, such as a developer 110, may identify the various code objects 108A, 108B within the source code 104 that are intended or directed to performing the same, similar, or identical functionality.”). As pointed out hereinabove, Mietke is an analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Mietke into the combined teachings of Safary, Brunel, Balasubramanian, and Riedl to include “identifying respective intended uses of the respective code elements, wherein the first code element has a given intended use, and wherein identifying the one or more second code elements comprises identifying the one or more second code elements having the given intended use.” The modification would be obvious because one of ordinary skill in the art would be motivated to allow a user to identify various source code elements that are intended or directed to performing the same, similar, or identical functionality (Mietke, paragraph [0021]). As per Claim 16, the rejection of Claim 15 is incorporated; and the combination of Safary, Brunel, Balasubramanian, and Riedl discloses “generating, by the processor, a replacement code element” and the combination of Safary, Brunel, Balasubramanian, Riedl, and Mietke discloses “having a given intended use,” but the combination of Safary, Brunel, Riedl, and Mietke does not explicitly disclose: wherein generating, by the processor, a replacement code element comprises generating a replacement code element in compliance with the given validation rule and having the given intended use. However, Balasubramanian discloses: wherein generating […] a replacement code element comprises generating a replacement code element in compliance with the given validation rule […] (paragraph [0024], “[…] engine 120 (in one embodiment) comprises a rules and/or computational engine that processes a set (at least one) of rules/logic for correcting non-compliant source code. In general, engine 120 may be implemented as part of or in conjunction with IDE 118.”; paragraph [0050], “Once second developer 222 is identified as having the requisite set of skills, IDE 218 sends artifact 230 from the segment extraction process to second developer 222, as provided in step 386. Second developer 222 then modifies source code 224 to correct coding violation 232, and returns artifact 230, containing a segment of modified source code 225, to IDE 218, as provided in step 388.”). As pointed out hereinabove, Balasubramanian is an analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of Balasubramanian into the combined teachings of Safary, Brunel, Riedl, and Mietke to include “wherein generating, by the processor, a replacement code element comprises generating a replacement code element in compliance with the given validation rule and having the given intended use.” The modification would be obvious because one of ordinary skill in the art would be motivated to provide correction of source code that does not comply with an established coding standard in a code base contained in an Integrated Development Environment (IDE) (Balasubramanian, paragraph [0021]). Claim 17 is rejected under 35 U.S.C. 103 as being unpatentable over Safary in view of Brunel, Balasubramanian, Riedl, and Mietke as applied to Claim 15 above, and further in view of US 10,185,924 (hereinafter “McClintock”). [Examiner’s Remarks: In order for a reference to be proper for use in an obviousness rejection under 35 U.S.C. 103, the reference must be analogous art to the claimed invention. In re Bigio, 381 F.3d 1320, 1325, 72 USPQ2d 1209, 1212 (Fed. Cir. 2004). A reference is analogous art to the claimed invention if: (1) the reference is from the same field of endeavor as the claimed invention (even if it addresses a different problem); or (2) the reference is reasonably pertinent to the problem faced by the inventor (even if it is not in the same field of endeavor as the claimed invention). Note that the claimed invention is generally directed to detecting misconfigured source code and presenting one or more correctly configured alternatives that can be used to update the misconfigured source code (specification, paragraph [0002]). As for the “reasonably pertinent” test, McClintock is generally directed to determining response recommendation information for responding to a security risk that may be present in a software module (McClintock, col. 2 lines 8-12). Thus, McClintock is an analogous art to the claimed invention (even if it is not in the same field of endeavor as the claimed invention). See MPEP § 2141.01(a)(I).] As per Claim 17, the rejection of Claim 15 is incorporated; and the combination of Safary, Brunel, Balasubramanian, Riedl, and Mietke discloses “based on a given intended use,” but the combination of Safary, Brunel, Balasubramanian, Riedl, and Mietke does not explicitly disclose: generating, by the processor, based on the given intended use, a description of a security risk in the first code element, and outputting the description of the security risk in the first code element. However, McClintock discloses: generating, by the processor (Figure 9: 902), […] a description of a security risk in the first code element, and outputting the description of the security risk in the first code element (col. 5 lines 50-56, “[…] the security risk description 202 may also include one or more software module IDs 208 identifying the software module(s) 104 that may include the security risk 106. Such software module ID(s) 208 may include module names, version numbers, timestamps, build numbers, or other information to identify the potentially compromised software module(s) 104.”; col. 10 lines 15-20, “FIG. 6 depicts an example 600 of the risk analysis UI 132 arranged to present the response recommendation information 130 to an operator or another user. As shown in the example 600, the presented response recommendation information 130 may include the security risk ID 204 identifying the particular security risk 106 that has been analyzed.”). As pointed out hereinabove, McClintock is an analogous art to the claimed invention. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teaching of McClintock into the combined teachings of Safary, Brunel, Balasubramanian, Riedl, and Mietke to include “generating, by the processor, based on the given intended use, a description of a security risk in the first code element, and outputting the description of the security risk in the first code element.” The modification would be obvious because one of ordinary skill in the art would be motivated to select a particular response profile to be employed in responding to a security risk (McClintock, col. 2 lines 57-61). Response to Arguments Applicant’s arguments with respect to Claims 1, 18, and 19 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the arguments. Conclusion The prior art made of record and not relied upon is considered pertinent to the Applicant’s disclosure. They are as follows: US 2008/0109329 (hereinafter “Fichtinger”) discloses managing variable regulatory compliance in a supply chain. US 2009/0055804 (hereinafter “Blaschek”) discloses automatically evaluating the quality of a software source code. US 2009/0182689 (hereinafter “Chiles”) discloses rule-based dynamic operation evaluation. US 2010/0325607 (hereinafter “Meijer”) discloses generating code meeting approved patterns. US 2014/0109062 (hereinafter “Mahamuni”) discloses providing compliance scrutiny and in-depth analysis of a software application. US 2014/0250427 (hereinafter “Wong”) discloses producing regulatory-compliant software. US 2016/0292066 (hereinafter “Stevens”) discloses source code inspection and verification. US 2016/0373289 (hereinafter “Hernandez”) discloses ensuring regulatory compliance during application migration to cloud-based containers. US 2019/0318366 (hereinafter “Carranza”) discloses resolving compliance issues. US 10,423,410 (hereinafter “Goyal”) discloses processing an authoritative piece of source code to identify one or more formats with which the piece of source code is compliant. US 10,785,128 (hereinafter “Bawcom”) discloses prioritizing a plurality of software applications for a migration to a cloud computing environment operated for an enterprise. US 11,914,993 (hereinafter “Garg”) discloses automatically generating and applying rules that can be used to identify violations of recommended or approved coding practices within source code. “Checkov 2.0 Launches as the First Open-Source Cloud Infrastructure Scanner With Dependency Awareness,” April 8, 2021 (hereinafter “Checkov”) discloses a static analysis tool for infrastructure as code (IaC). Any inquiry concerning this communication or earlier communications from the Examiner should be directed to Qing Chen whose telephone number is 571-270-1071. The Examiner can normally be reached on Monday through Friday from 9:00 AM to 5:00 PM ET. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, the Applicant is encouraged to use the USPTO Automated Interview Request (AIR) at https://www.uspto.gov/ interviewpractice. If attempts to reach the Examiner by telephone are unsuccessful, the Examiner’s supervisor, Wei Mui, can be reached at 571-272-3708. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for more information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO customer service representative, call 800-786-9199 (in USA or Canada) or 571-272-1000. /Qing Chen/ Primary Examiner, Art Unit 2191