Skip to main content

Finds uses of Encryptors.queryableText()

org.openrewrite.java.spring.security5.search.FindEncryptorsQueryableTextUses

Encryptors.queryableText() is insecure and is removed in Spring Security 6.

Tags

  • spring
  • security
  • search

Recipe source

GitHub, Issue Tracker, Maven Central

This recipe is available under the Moderne Source Available License.

Definition

  • Find method usages
    • methodPattern: org.springframework.security.crypto.encrypt.Encryptors queryableText(..)
    • matchOverrides: false

Usage

This recipe has no required configuration options. It can be activated by adding a dependency on org.openrewrite.recipe:rewrite-spring in your build file or by running a shell command (in which case no build changes are needed):

  1. Add the following to your build.gradle file:
build.gradle
plugins {
id("org.openrewrite.rewrite") version("7.6.1")
}

rewrite {
activeRecipe("org.openrewrite.java.spring.security5.search.FindEncryptorsQueryableTextUses")
setExportDatatables(true)
}

repositories {
mavenCentral()
}

dependencies {
rewrite("org.openrewrite.recipe:rewrite-spring:6.7.0")
}
  1. Run gradle rewriteRun to run the recipe.

See how this recipe works across multiple open-source repositories

Run this recipe on OSS repos at scale with the Moderne SaaS.

The community edition of the Moderne platform enables you to easily run recipes across thousands of open-source repositories.

Please contact Moderne for more information about safely running the recipes on your own codebase in a private SaaS.

Data Tables

Method calls

org.openrewrite.java.table.MethodCalls

The text of matching method invocations.

Column NameDescription
Source fileThe source file that the method call occurred in.
Method callThe text of the method call.
Class nameThe class name of the method call.
Method nameThe method name of the method call.
Argument typesThe argument types of the method call.