This recipe has no required configuration options. It can be activated by adding a dependency on org.openrewrite.recipe:rewrite-java-security:2.6.0 in your build file or by running a shell command (in which case no build changes are needed):
---type:specs.openrewrite.org/v1beta/recipename:org.openrewrite.java.security.secrets.FindPasswordInUrlSecretsdisplayName:Find passwords used in URLsdescription:Locates URLs that contain passwords in plain text.tags: - securityrecipeList: - org.openrewrite.java.security.secrets.FindSecretsByPattern:secretName:Password in URLvaluePattern: [a-zA-Z]{3,10}://[^/\s:@]{3,20}:[^/\s:@]{3,20}@.{1,100}["'\s]
See how this recipe works across multiple open-source repositories
The community edition of the Moderne platform enables you to easily run recipes across thousands of open-source repositories.
Please contact Moderne for more information about safely running the recipes on your own codebase in a private SaaS.