The weak random Java rule currently suggests a fix that tells the user to use the constructor insteead of getInstance method. As a result, the NoSuchAlgorithmException doesn't get thrown. So the fix would create code that no longer compiles.
This change now swaps the weak random algorithm with a strong one that is known to exists for all platforms.
The weak random Java rule currently suggests a fix that tells the user to use the constructor insteead of getInstance method. As a result, the NoSuchAlgorithmException doesn't get thrown. So the fix would create code that no longer compiles.
This change now swaps the weak random algorithm with a strong one that is known to exists for all platforms.