You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@camel.apache.org by "Andrea Cosentino (Jira)" <ji...@apache.org> on 2021/02/16 15:52:00 UTC

[jira] [Assigned] (CAMEL-16218) Mark use of java.util.Random with NOSONAR to not have false flags in code analysis reports

     [ https://issues.apache.org/jira/browse/CAMEL-16218?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Andrea Cosentino reassigned CAMEL-16218:
----------------------------------------

    Assignee: Andrea Cosentino

> Mark use of java.util.Random with NOSONAR to not have false flags in code analysis reports
> ------------------------------------------------------------------------------------------
>
>                 Key: CAMEL-16218
>                 URL: https://issues.apache.org/jira/browse/CAMEL-16218
>             Project: Camel
>          Issue Type: Improvement
>            Reporter: Claus Ibsen
>            Assignee: Andrea Cosentino
>            Priority: Major
>             Fix For: 3.9.0
>
>
> Sonarqube and others will report these to use SecureRandom instead. But this is only for security related use such as crypto, certificates and whatnot.
> In Camel we use random numbers in some places, and there is also the random function in the simple language.
> So mark those with // NOSONAR in the source code (same line as new Random() are).
> And then only use SecureRandom in security matters.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)