GitHubJoin us on SlackJoin us on DiscordAsk on Stack Overflow
Search
K
Links
Comment on page

Remediate vulnerabilities from the OWASP Top Ten

org.openrewrite.java.security.OwaspTopTen
OWASP publishes a list of the most impactful common security vulnerabilities. These recipes identify and remediate vulnerabilities from the OWASP Top Ten.

Recipe source

  • groupId: org.openrewrite.recipe
  • artifactId: rewrite-java-security
  • version: 2.1.0
This recipe is composed of more than one recipe. If you want to customize the set of recipes this is composed of, you can find and copy the GitHub source for the recipe from the link above.

Usage

This recipe has no required configuration options. It can be activated by adding a dependency on org.openrewrite.recipe:rewrite-java-security:2.1.0 in your build file or by running a shell command (in which case no build changes are needed):
Gradle
Gradle init script
Maven POM
Maven Command Line
Moderne CLI
  1. 1.
    Add the following to your build.gradle file:
build.gradle
plugins {
id("org.openrewrite.rewrite") version("6.5.6")
}
rewrite {
activeRecipe("org.openrewrite.java.security.OwaspTopTen")
}
repositories {
mavenCentral()
}
dependencies {
rewrite("org.openrewrite.recipe:rewrite-java-security:2.1.0")
}
  1. 2.
    Run gradle rewriteRun to run the recipe.
  1. 1.
    Create a file named init.gradle in the root of your project.
init.gradle
initscript {
repositories {
maven { url "https://plugins.gradle.org/m2" }
}
dependencies { classpath("org.openrewrite:plugin:6.5.6") }
}
rootProject {
plugins.apply(org.openrewrite.gradle.RewritePlugin)
dependencies {
rewrite("org.openrewrite.recipe:rewrite-java-security:2.1.0")
}
rewrite {
activeRecipe("org.openrewrite.java.security.OwaspTopTen")
}
afterEvaluate {
if (repositories.isEmpty()) {
repositories {
mavenCentral()
}
}
}
}
  1. 2.
    Run gradle --init-script init.gradle rewriteRun to run the recipe.
  1. 1.
    Add the following to your pom.xml file:
pom.xml
<project>
<build>
<plugins>
<plugin>
<groupId>org.openrewrite.maven</groupId>
<artifactId>rewrite-maven-plugin</artifactId>
<version>5.13.0</version>
<configuration>
<activeRecipes>
<recipe>org.openrewrite.java.security.OwaspTopTen</recipe>
</activeRecipes>
</configuration>
<dependencies>
<dependency>
<groupId>org.openrewrite.recipe</groupId>
<artifactId>rewrite-java-security</artifactId>
<version>2.1.0</version>
</dependency>
</dependencies>
</plugin>
</plugins>
</build>
</project>
  1. 2.
    Run mvn rewrite:run to run the recipe.
shell
mvn -U org.openrewrite.maven:rewrite-maven-plugin:run \
-Drewrite.recipeArtifactCoordinates=org.openrewrite.recipe:rewrite-java-security:RELEASE \
-Drewrite.activeRecipes=org.openrewrite.java.security.OwaspTopTen
You will need to have configured the Moderne CLI on your machine before you can run the following command.
shell
mod run . --recipe OwaspTopTen

Definition

Recipe List
Yaml Recipe List
---
type: specs.openrewrite.org/v1beta/recipe
name: org.openrewrite.java.security.OwaspTopTen
displayName: Remediate vulnerabilities from the OWASP Top Ten
description: [OWASP](https://owasp.org) publishes a list of the most impactful common security vulnerabilities. These recipes identify and remediate vulnerabilities from the OWASP Top Ten.
recipeList:
- org.openrewrite.java.security.OwaspA01
- org.openrewrite.java.security.OwaspA02
- org.openrewrite.java.security.OwaspA03
- org.openrewrite.java.security.OwaspA04
- org.openrewrite.java.security.OwaspA05
- org.openrewrite.java.security.OwaspA06
- org.openrewrite.java.security.OwaspA08
- org.openrewrite.java.security.OwaspA10

See how this recipe works across multiple open-source repositories

Moderne Link Image
The community edition of the Moderne platform enables you to easily run recipes across thousands of open-source repositories.
Please contact Moderne for more information about safely running the recipes on your own codebase in a private SaaS.

Contributors

Previous
Remediate OWASP A10:2021 Server-side request forgery (SSRF)
Next
Secure random
Last modified 12d ago