Open aman-pebicloud opened 1 month ago
Hi @aman-pebicloud ; the owasp top ten recipe is a composite of other recipes. In your case you're probably looking to add a detection & correction recipe to rewrite-sql first, before including that in owasp top ten. I'll move this issue accordingly.
My bad, I wanted to post in rewrite-java-security, somehow landed here. Thanks for moving it.
What version of OpenRewrite are you using?
I am using
How are you running OpenRewrite?
I am using the Maven plugin, and my project is a single module project.
What is the smallest, simplest way to reproduce the problem?
I've a SQL injection vulnerability in my code snippet and it doesn't get fixed by org.openrewrite.java.security.OwaspTopTen recipe.
What did you expect to see?
I expect the vulnerable code to be detected and corrected by rewrite.
What did you see instead?
The vulnerability didn't get detected
What is the full stack trace of any errors you encountered?
No errors.
What am I looking for?
If this is an issue, please address this. Can I see some examples where this recipe is used and try to validate this working.