GitHubJoin us on SlackJoin us on DiscordAsk on Stack Overflow
Search
K
Links
Comment on page

Remediate OWASP A06:2021 Vulnerable and outdated components

org.openrewrite.java.security.OwaspA06
OWASP A06:2021 describes failures related to vulnerable and outdated components.

Recipe source

  • groupId: org.openrewrite.recipe
  • artifactId: rewrite-java-security
  • version: 2.1.0

Usage

This recipe has no required configuration options. It can be activated by adding a dependency on org.openrewrite.recipe:rewrite-java-security:2.1.0 in your build file or by running a shell command (in which case no build changes are needed):
Gradle
Gradle init script
Maven POM
Maven Command Line
Moderne CLI
  1. 1.
    Add the following to your build.gradle file:
build.gradle
plugins {
id("org.openrewrite.rewrite") version("6.5.6")
}
rewrite {
activeRecipe("org.openrewrite.java.security.OwaspA06")
}
repositories {
mavenCentral()
}
dependencies {
rewrite("org.openrewrite.recipe:rewrite-java-security:2.1.0")
}
  1. 2.
    Run gradle rewriteRun to run the recipe.
  1. 1.
    Create a file named init.gradle in the root of your project.
init.gradle
initscript {
repositories {
maven { url "https://plugins.gradle.org/m2" }
}
dependencies { classpath("org.openrewrite:plugin:6.5.6") }
}
rootProject {
plugins.apply(org.openrewrite.gradle.RewritePlugin)
dependencies {
rewrite("org.openrewrite.recipe:rewrite-java-security:2.1.0")
}
rewrite {
activeRecipe("org.openrewrite.java.security.OwaspA06")
}
afterEvaluate {
if (repositories.isEmpty()) {
repositories {
mavenCentral()
}
}
}
}
  1. 2.
    Run gradle --init-script init.gradle rewriteRun to run the recipe.
  1. 1.
    Add the following to your pom.xml file:
pom.xml
<project>
<build>
<plugins>
<plugin>
<groupId>org.openrewrite.maven</groupId>
<artifactId>rewrite-maven-plugin</artifactId>
<version>5.13.0</version>
<configuration>
<activeRecipes>
<recipe>org.openrewrite.java.security.OwaspA06</recipe>
</activeRecipes>
</configuration>
<dependencies>
<dependency>
<groupId>org.openrewrite.recipe</groupId>
<artifactId>rewrite-java-security</artifactId>
<version>2.1.0</version>
</dependency>
</dependencies>
</plugin>
</plugins>
</build>
</project>
  1. 2.
    Run mvn rewrite:run to run the recipe.
shell
mvn -U org.openrewrite.maven:rewrite-maven-plugin:run \
-Drewrite.recipeArtifactCoordinates=org.openrewrite.recipe:rewrite-java-security:RELEASE \
-Drewrite.activeRecipes=org.openrewrite.java.security.OwaspA06
You will need to have configured the Moderne CLI on your machine before you can run the following command.
shell
mod run . --recipe OwaspA06

Definition

Recipe List
Yaml Recipe List
---
type: specs.openrewrite.org/v1beta/recipe
name: org.openrewrite.java.security.OwaspA06
displayName: Remediate OWASP A06:2021 Vulnerable and outdated components
description: OWASP [A06:2021](https://owasp.org/Top10/A06_2021-Vulnerable_and_Outdated_Components/) describes failures related to vulnerable and outdated components.
recipeList:
- org.openrewrite.java.dependencies.DependencyVulnerabilityCheck:

See how this recipe works across multiple open-source repositories

Moderne Link Image
The community edition of the Moderne platform enables you to easily run recipes across thousands of open-source repositories.
Please contact Moderne for more information about safely running the recipes on your own codebase in a private SaaS.
Previous
Remediate OWASP A05:2021 Security misconfiguration
Next
Remediate OWASP A08:2021 Software and data integrity failures
Last modified 12d ago