You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@camel.apache.org by "Claus Ibsen (Jira)" <ji...@apache.org> on 2021/02/16 09:23:00 UTC

[jira] [Created] (CAMEL-16218) Mark use of java.util.Random with NOSONAR to not have false flags in code analysis reports

Claus Ibsen created CAMEL-16218:
-----------------------------------

             Summary: Mark use of java.util.Random with NOSONAR to not have false flags in code analysis reports
                 Key: CAMEL-16218
                 URL: https://issues.apache.org/jira/browse/CAMEL-16218
             Project: Camel
          Issue Type: Improvement
            Reporter: Claus Ibsen
             Fix For: 3.9.0


Sonarqube and others will report these to use SecureRandom instead. But this is only for security related use such as crypto, certificates and whatnot.

In Camel we use random numbers in some places, and there is also the random function in the simple language.

So mark those with // NOSONAR in the source code (same line as new Random() are).
And then only use SecureRandom in security matters.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)