Links

Find Google secrets

org.openrewrite.java.security.secrets.FindGoogleSecrets Locates Google secrets stored in plain text in code.

Tags

  • security

Source

  • groupId: org.openrewrite.recipe
  • artifactId: rewrite-java-security
  • version: 1.23.0

Usage

This recipe has no required configuration options. It can be activated by adding a dependency on org.openrewrite.recipe:rewrite-java-security:1.23.0 in your build file or by running a shell command (in which case no build changes are needed):
Gradle
Maven POM
Maven Command Line
build.gradle
plugins {
id("org.openrewrite.rewrite") version("5.38.0")
}
rewrite {
activeRecipe("org.openrewrite.java.security.secrets.FindGoogleSecrets")
}
repositories {
mavenCentral()
}
dependencies {
rewrite("org.openrewrite.recipe:rewrite-java-security:1.23.0")
}
pom.xml
<project>
<build>
<plugins>
<plugin>
<groupId>org.openrewrite.maven</groupId>
<artifactId>rewrite-maven-plugin</artifactId>
<version>4.42.0</version>
<configuration>
<activeRecipes>
<recipe>org.openrewrite.java.security.secrets.FindGoogleSecrets</recipe>
</activeRecipes>
</configuration>
<dependencies>
<dependency>
<groupId>org.openrewrite.recipe</groupId>
<artifactId>rewrite-java-security</artifactId>
<version>1.23.0</version>
</dependency>
</dependencies>
</plugin>
</plugins>
</build>
</project>
shell
mvn -U org.openrewrite.maven:rewrite-maven-plugin:run \
-Drewrite.recipeArtifactCoordinates=org.openrewrite.recipe:rewrite-java-security:LATEST \
-Drewrite.activeRecipes=org.openrewrite.java.security.secrets.FindGoogleSecrets

Definition

Recipe List
Yaml Recipe List
---
type: specs.openrewrite.org/v1beta/recipe
name: org.openrewrite.java.security.secrets.FindGoogleSecrets
displayName: Find Google secrets
description: Locates Google secrets stored in plain text in code.
tags:
- security
recipeList:
- org.openrewrite.java.security.secrets.FindSecretsByPattern:
secretName: Google API key
valuePattern: AIza[0-9A-Za-z\-_]{35}
- org.openrewrite.java.security.secrets.FindSecretsByPattern:
secretName: Google OAuth token
valuePattern: [0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com
- org.openrewrite.java.security.secrets.FindSecretsByPattern:
secretName: Google OAuth token
valuePattern: ya29\.[0-9A-Za-z\-_]+

See how this recipe works across multiple open-source repositories

Moderne Link Image
The Moderne public SaaS instance enables you to easily run recipes across thousands of open-source repositories.
Please contact Moderne for more information about safely running the recipes on your own codebase in a private SaaS.