'My PRNG use is safe; how do I tell SonarQube not to yell at me

I am using java.util.Random to append random numbers to the names of some objects in a testing environment. I do these random values will never be used in any cryptography contexts. The instruction from SonarQube is "Make sure that using this pseudorandom number generator is safe here." I have, indeed, "made sure". Thank you, SonarQube, for your diligence.

Now what?

sonarqube


Solution 1:[1]

The answer is

@SuppressWarnings("squid:S2245") // this PRNG usage is safe
private static final Random random = new Random();

Props to SonarQube for hooking into the SuppressWarnings annotation, slops for the name of the identifier

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 R. Woods

Related Questions

SonnarQube's issue: change code to not construct the URL from user-controlled data

SonarQube 3.7 with maven and Jenkins - Maven session does not declare a top level project

android:exported needs to be explicitly specified after add SonarQube in build.gradle

Directory excluding in sonar-project.properties file doesn't work (for me)

How to disable code coverage in sonarqube since 6.2

Sonarqube authorization - how to authorize with sonar-maven-plugin when sonar.forceAuthentication is enabled

How can I get the value of inheritance class of other inheritance class in .NET Roslyn API?

SonarQube - how to deactivate inherited rule in quality profile?

SonarQube server can not be reached at http://localhost:9000 with Sonarqube-4.5.1

SonarQube: Invoke method(s) only conditionally

Sonarqube gives node.js error while running sonar-scanner

How can I reduce cyclomatic complexity for the code to be acceptable by sonar

How to configure sonar.coverage.jacoco.xmlReportPaths for JaCoCo/SonarQube?

How to Code Quality on EXCEL VBA Code in SonarQube or Alternatives?

SonarQube - how to run the code analysis again for a project after creating that project