Skip to content

Latest commit

 

History

History
173 lines (147 loc) · 6.79 KB

File metadata and controls

173 lines (147 loc) · 6.79 KB

Find secrets

org.openrewrite.java.security.secrets.FindSecrets

Locates secrets stored in plain text in code.

Tags

  • security

Source

GitHub, Issue Tracker, Maven Central

  • groupId: org.openrewrite.recipe
  • artifactId: rewrite-java-security
  • version: 2.0.1

Usage

This recipe has no required configuration options. It can be activated by adding a dependency on org.openrewrite.recipe:rewrite-java-security:2.0.1 in your build file or by running a shell command (in which case no build changes are needed): {% tabs %} {% tab title="Gradle" %} {% code title="build.gradle" %}

plugins {
    id("org.openrewrite.rewrite") version("6.1.4")
}

rewrite {
    activeRecipe("org.openrewrite.java.security.secrets.FindSecrets")
}

repositories {
    mavenCentral()
}

dependencies {
    rewrite("org.openrewrite.recipe:rewrite-java-security:2.0.1")
}

{% endcode %} {% endtab %} {% tab title="Maven POM" %} {% code title="pom.xml" %}

<project>
  <build>
    <plugins>
      <plugin>
        <groupId>org.openrewrite.maven</groupId>
        <artifactId>rewrite-maven-plugin</artifactId>
        <version>5.2.4</version>
        <configuration>
          <activeRecipes>
            <recipe>org.openrewrite.java.security.secrets.FindSecrets</recipe>
          </activeRecipes>
        </configuration>
        <dependencies>
          <dependency>
            <groupId>org.openrewrite.recipe</groupId>
            <artifactId>rewrite-java-security</artifactId>
            <version>2.0.1</version>
          </dependency>
        </dependencies>
      </plugin>
    </plugins>
  </build>
</project>

{% endcode %} {% endtab %}

{% tab title="Maven Command Line" %} {% code title="shell" %} You will need to have Maven installed on your machine before you can run the following command.

mvn -U org.openrewrite.maven:rewrite-maven-plugin:run \
  -Drewrite.recipeArtifactCoordinates=org.openrewrite.recipe:rewrite-java-security:RELEASE \
  -Drewrite.activeRecipes=org.openrewrite.java.security.secrets.FindSecrets

{% endcode %} {% endtab %} {% endtabs %}

Definition

{% tabs %} {% tab title="Recipe List" %}

{% endtab %}

{% tab title="Yaml Recipe List" %}

---
type: specs.openrewrite.org/v1beta/recipe
name: org.openrewrite.java.security.secrets.FindSecrets
displayName: Find secrets
description: Locates secrets stored in plain text in code.
tags:
  - security
recipeList:
  - org.openrewrite.java.security.secrets.FindArtifactorySecrets
  - org.openrewrite.java.security.secrets.FindAwsSecrets
  - org.openrewrite.java.security.secrets.FindAzureSecrets
  - org.openrewrite.java.security.secrets.FindDiscordSecrets
  - org.openrewrite.java.security.secrets.FindGenericSecrets
  - org.openrewrite.java.security.secrets.FindGitHubSecrets
  - org.openrewrite.java.security.secrets.FindGoogleSecrets
  - org.openrewrite.java.security.secrets.FindHerokuSecrets
  - org.openrewrite.java.security.secrets.FindJwtSecrets
  - org.openrewrite.java.security.secrets.FindMailChimpSecrets
  - org.openrewrite.java.security.secrets.FindMailgunSecrets
  - org.openrewrite.java.security.secrets.FindNpmSecrets
  - org.openrewrite.java.security.secrets.FindNpmSecrets
  - org.openrewrite.java.security.secrets.FindPasswordInUrlSecrets
  - org.openrewrite.java.security.secrets.FindPayPalSecrets
  - org.openrewrite.java.security.secrets.FindPgpSecrets
  - org.openrewrite.java.security.secrets.FindPicaticSecrets
  - org.openrewrite.java.security.secrets.FindRsaSecrets
  - org.openrewrite.java.security.secrets.FindSendGridSecrets
  - org.openrewrite.java.security.secrets.FindSlackSecrets
  - org.openrewrite.java.security.secrets.FindSquareSecrets
  - org.openrewrite.java.security.secrets.FindSshSecrets
  - org.openrewrite.java.security.secrets.FindStripeSecrets
  - org.openrewrite.java.security.secrets.FindTelegramSecrets
  - org.openrewrite.java.security.secrets.FindTwilioSecrets
  - org.openrewrite.java.security.secrets.FindTwitterSecrets

{% endtab %} {% endtabs %}

Contributors

See how this recipe works across multiple open-source repositories

Moderne Link Image

The community edition of the Moderne platform enables you to easily run recipes across thousands of open-source repositories.

Please contact Moderne for more information about safely running the recipes on your own codebase in a private SaaS.