Finds uses of Encryptors.queryableText()

org.openrewrite.java.spring.security5.search.FindEncryptorsQueryableTextUses

Encryptors.queryableText() is insecure and is removed in Spring Security 6.

Tags

  • spring

  • security

  • search

Recipe source

GitHub, Issue Tracker, Maven Central

  • groupId: org.openrewrite.recipe

  • artifactId: rewrite-spring

  • version: 5.7.0

Usage

This recipe has no required configuration options. It can be activated by adding a dependency on org.openrewrite.recipe:rewrite-spring:5.7.0 in your build file or by running a shell command (in which case no build changes are needed):

  1. Add the following to your build.gradle file:

build.gradle
plugins {
    id("org.openrewrite.rewrite") version("6.10.0")
}

rewrite {
    activeRecipe("org.openrewrite.java.spring.security5.search.FindEncryptorsQueryableTextUses")
}

repositories {
    mavenCentral()
}

dependencies {
    rewrite("org.openrewrite.recipe:rewrite-spring:5.7.0")
}
  1. Run gradle rewriteRun to run the recipe.

Definition

  • Find method usages

    • methodPattern: org.springframework.security.crypto.encrypt.Encryptors queryableText(..)

    • matchOverrides: false

See how this recipe works across multiple open-source repositories

The community edition of the Moderne platform enables you to easily run recipes across thousands of open-source repositories.

Please contact Moderne for more information about safely running the recipes on your own codebase in a private SaaS.

Last updated