Find sensitive API endpoints
org.openrewrite.java.security.search.FindSensitiveApiEndpoints
Find data models exposed by REST APIs that contain sensitive information like PII and secrets.
Recipe source
GitHub, Issue Tracker, Maven Central
groupId: org.openrewrite.recipe
artifactId: rewrite-java-security
version: 2.6.0
Options
Type | Name | Description | Example |
---|---|---|---|
| fieldNames | Field names to search for. |
|
| transitive | Optional. Find model objects that contain other model objects that contain sensitive data. |
Data Tables (Only available on the Moderne platform)
Sensitive API endpoints
The API endpoints that expose sensitive data.
Column Name | Description |
---|---|
Source path | The path to the source file containing the API endpoint definition. |
Method name | The name of the method that defines the API endpoint. |
Method | The HTTP method of the API endpoint. |
Path | The path of the API endpoint. |
Sensitive field | The piece of sensitive data that is included. |
Sensitive data path | The sensitive data exposed by the API endpoint. |
Usage
This recipe has required configuration parameters. Recipes with required configuration parameters cannot be activated directly. To activate this recipe you must create a new recipe which fills in the required parameters. In your rewrite.yml
create a new recipe with a unique name. For example: com.yourorg.FindSensitiveApiEndpointsExample
. Here's how you can define and customize such a recipe within your rewrite.yml:
Now that com.yourorg.FindSensitiveApiEndpointsExample
has been defined activate it and take a dependency on org.openrewrite.recipe:rewrite-java-security:2.6.0 in your build file:
Add the following to your
build.gradle
file:
Run
gradle rewriteRun
to run the recipe.
See how this recipe works across multiple open-source repositories
The community edition of the Moderne platform enables you to easily run recipes across thousands of open-source repositories.
Please contact Moderne for more information about safely running the recipes on your own codebase in a private SaaS.
Contributors
Last updated