Skip to content

[LANG-1794] Fix Javadoc for RandomUtils.secure(), it incorrectly mentions securerandom.strongAlgorithms #1503

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
garydgregory merged 1 commit into from
Nov 26, 2025
Merged

[LANG-1794] Fix Javadoc for RandomUtils.secure(), it incorrectly mentions securerandom.strongAlgorithms #1503

garydgregory merged 1 commit into from
Nov 26, 2025
+2 −2

Conversation

@IcoreE
Copy link
Contributor

@IcoreE IcoreE commented Nov 26, 2025

[LANG-1794] (https://issues.apache.org/jira/browse/LANG-1794)

The current JavaDoc for RandomUtils.secure() states that it “uses an algorithms/providers specified in the securerandom.strongAlgorithms Security property.” This is misleading.

In reality:

  1. RandomUtils.secure() uses new SecureRandom() and does not consult the securerandom.strongAlgorithms property.
  2. The securerandom.strongAlgorithms property is only used by RandomUtils.secureStrong(), which internally calls SecureRandom.getInstanceStrong() to select a strong algorithm from the configured security providers
image

Thanks for your contribution to Apache Commons! Your help is appreciated!

Before you push a pull request, review this list:

  • Read the contribution guidelines for this project.
  • Read the ASF Generative Tooling Guidance if you use Artificial Intelligence (AI).
  • I used AI to create any part of, or all of, this pull request.
  • Run a successful build using the default Maven goal with mvn; that's mvn on the command line by itself.
  • Write unit tests that match behavioral changes, where the tests fail if the changes to the runtime are not applied. This may not always be possible, but it is a best practice.
  • Write a pull request description that is detailed enough to understand what the pull request does, how, and why.
  • Each commit in the pull request should have a meaningful subject line and body. Note that a maintainer may squash commits during the merge process.

@garydgregory garydgregory changed the title [LANG-1794] Fix Javadoc for RandomUtils.secure() incorrectly mentions securerandom.strongAlgorithms [LANG-1794] Fix Javadoc for RandomUtils.secure(), it incorrectly mentions securerandom.strongAlgorithms Nov 26, 2025
@garydgregory garydgregory merged commit 9eb5d09 into apache:master Nov 26, 2025
19 of 20 checks passed
garydgregory added a commit that referenced this pull request Nov 26, 2025
@garydgregory
Fix Javadoc for RandomUtils.secure(), it incorrectly mentions
2bcca49 
securerandom.strongAlgorithms #1503
@garydgregory
Copy link
Member

garydgregory commented Nov 26, 2025

@IcoreE
Thank you for the PR. Merged.

@IcoreE IcoreE deleted the LANG-1794-Fix-RandomUtils-secure branch December 4, 2025 14:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@IcoreE @garydgregory