This project implements a Rewrite module that patches common Java security vulnerabilities.
Browse a selection of recipes available through this module in the recipe catalog.
We appreciate all types of contributions. See the contributing guide for detailed instructions on how to get started.
There has not been much activity on this repository in the last year, owing in large part to the fact that many recipes are built on an original concept of data flow analysis (DFA) in rewrite-analysis that is gradually being phased out in favor of DFA built on top of the Traits API.
We are leaving this repository here in "public archive" state for historical reasons and so that code that corresponds to binary artifacts of rewrite-java-security in Maven Central is easy to refer to.
Going forward, Moderne will be staffing full time security research to develop security recipes, initially and perhaps always in proprietary form. Others are welcome to develop security recipes either in a proprietary form or in OSS according to their preference.