Find text-direction changes
Finds unicode control characters which can change the direction text is displayed in. These control characters can alter how source code is presented to a human reader without affecting its interpretation by tools like compilers. So a malicious patch could pass code review while introducing vulnerabilities. Note that text direction-changing unicode control characters aren't inherently malicious. These characters can appear for legitimate reasons in code written in or dealing with right-to-left languages. See: https://trojansource.codes/ for more information.
- groupId: org.openrewrite.recipe
- artifactId: rewrite-java-security
- version: 1.25.0
This recipe has no required configuration options. It can be activated by adding a dependency on
org.openrewrite.recipe:rewrite-java-security:1.25.0in your build file or by running a shell command (in which case no build changes are needed):
Maven Command Line
mvn -U org.openrewrite.maven:rewrite-maven-plugin:run \
The community edition of the Moderne platform enables you to easily run recipes across thousands of open-source repositories.
Please contact Moderne for more information about safely running the recipes on your own codebase in a private SaaS.