gnodet opened a new pull request, #24374:
URL: https://github.com/apache/camel/pull/24374

   ## Summary
   
   _Claude Code on behalf of Guillaume Nodet_
   
   Fix SonarCloud S2119 (Save and re-use this Random) by promoting per-call 
`SecureRandom` creation to reused fields.
   
   ### Changes
   - **`PQCDataFormat.java`**: Promote `new SecureRandom()` from method-local 
to instance field. Used in both `marshal()` (KEM init + nonce generation) and 
`unmarshal()` (KEM extract).
   - **`SelfSignedCertificateGenerator.java`**: Promote to `private static 
final` field (utility class with only static methods).
   
   ### Rationale
   Each `new SecureRandom()` is expensive — it gathers entropy from the OS. 
`SecureRandom` is thread-safe, so a single reused instance is safe and avoids 
redundant seeding overhead.
   
   `RandomGenerator.of()` is not an option because the JCA APIs 
(`KeyPairGenerator.initialize()`, `KEMGenerateSpec()`) require `SecureRandom` 
specifically.
   
   ### Note
   The `camel-pqc` module has ~30 additional `new SecureRandom()` instances (in 
producers, lifecycle managers, KEM helpers) that could similarly benefit from 
consolidation. That broader cleanup is tracked separately.
   
   ## Test plan
   - [ ] CI passes
   - [ ] SonarCloud S2119 count drops to 0
   
   🤖 Generated with [Claude Code](https://claude.com/claude-code)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to