gnodet opened a new pull request, #24374: URL: https://github.com/apache/camel/pull/24374
## Summary _Claude Code on behalf of Guillaume Nodet_ Fix SonarCloud S2119 (Save and re-use this Random) by promoting per-call `SecureRandom` creation to reused fields. ### Changes - **`PQCDataFormat.java`**: Promote `new SecureRandom()` from method-local to instance field. Used in both `marshal()` (KEM init + nonce generation) and `unmarshal()` (KEM extract). - **`SelfSignedCertificateGenerator.java`**: Promote to `private static final` field (utility class with only static methods). ### Rationale Each `new SecureRandom()` is expensive — it gathers entropy from the OS. `SecureRandom` is thread-safe, so a single reused instance is safe and avoids redundant seeding overhead. `RandomGenerator.of()` is not an option because the JCA APIs (`KeyPairGenerator.initialize()`, `KEMGenerateSpec()`) require `SecureRandom` specifically. ### Note The `camel-pqc` module has ~30 additional `new SecureRandom()` instances (in producers, lifecycle managers, KEM helpers) that could similarly benefit from consolidation. That broader cleanup is tracked separately. ## Test plan - [ ] CI passes - [ ] SonarCloud S2119 count drops to 0 🤖 Generated with [Claude Code](https://claude.com/claude-code) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
