[CAMEL-16218] Mark use of java.util.Random with NOSONAR to not have false flags in code analysis reports - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.9.0
Component/s: None
Labels:
None

Estimated Complexity:
Unknown

Description

Sonarqube and others will report these to use SecureRandom instead. But this is only for security related use such as crypto, certificates and whatnot.

In Camel we use random numbers in some places, and there is also the random function in the simple language.

So mark those with // NOSONAR in the source code (same line as new Random() are).
And then only use SecureRandom in security matters.

Attachments

Activity

People

Assignee:: Andrea Cosentino

Reporter:: Claus Ibsen

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 16/Feb/21 09:22

Updated:: 16/Feb/21 15:51

Resolved:: 16/Feb/21 15:51