feature: Refactor ThreadUtil and SecureRandom into util package

[xerial]

Description

Refactored ThreadUtil and SecureRandom classes into a consolidated util package to improve code organization and maintainability.

Related Issue/Task

N/A

Checklist

• This pull request focuses on a single task.
• The change does not contain security credentials

[amazon-q-developer]

⏳ I'm reviewing this pull request for security vulnerabilities and code quality issues. I'll provide an update when I'm done

[gemini-code-assist]

Hello @xerial, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

Summary of Changes

Hello team, gemini-code-assist here to provide a summary of this pull request by @xerial.

This PR focuses on improving code organization by refactoring the ThreadUtil and SecureRandom related code into a new util package. It consolidates the platform-specific sleep implementations into the ThreadUtil object and centralizes the creation of a secure random generator via the new SecureRandom object. This change primarily involves moving files, updating package declarations, and adjusting imports and usage sites across the codebase.

Highlights

• Code Organization: Moves ThreadUtil and SecureRandom related classes/objects into a dedicated wvlet.ai.core.util package.
• Consolidation: Centralizes the sleep functionality within the new ThreadUtil object and the secure random instance creation within the new SecureRandom object, replacing previous Compat object usages.
• Package and Import Updates: Updates package declarations in the moved files and adjusts imports in files that previously used ThreadUtil or the old compat objects for sleep/random generation.

Changelog

Click here to see the changelog

• ai-core/.js/src/main/scala/wvlet/ai/core/control/Compat.scala
  • Removed the old Scala.js specific Compat object.
• ai-core/.js/src/main/scala/wvlet/ai/core/util/compat.scala
  • Updated package declaration from wvlet.ai.core.ulid to wvlet.ai.core.util.
• ai-core/.jvm/src/main/scala/wvlet/ai/core/control/Compat.scala
  • Removed the old JVM specific Compat object.
• ai-core/.jvm/src/main/scala/wvlet/ai/core/log/AsyncHandler.scala
  • Updated import for ThreadUtil to the new util package.
• ai-core/.jvm/src/main/scala/wvlet/ai/core/rx/compat.scala
  • Updated import for ThreadUtil to the new util package.
• ai-core/.jvm/src/main/scala/wvlet/ai/core/util/compat.scala
  • Updated package declaration from wvlet.ai.core.ulid to wvlet.ai.core.util.
• ai-core/.native/src/main/scala/wvlet/ai/core/control/Compat.scala
  • Removed the old Scala Native specific Compat object.
• ai-core/.native/src/main/scala/wvlet/ai/core/rx/compat.scala
  • Updated import for ThreadUtil to the new util package.
• ai-core/.native/src/main/scala/wvlet/ai/core/util/NativeSecureRandom.scala
  • Updated package declaration from wvlet.ai.core.ulid to wvlet.ai.core.util.
• ai-core/.native/src/main/scala/wvlet/ai/core/util/compat.scala
  • Updated package declaration from wvlet.ai.core.ulid to wvlet.ai.core.util.
• ai-core/src/main/scala/wvlet/ai/core/control/Retry.scala
  • Updated import for ThreadUtil.
  • Replaced usage of Compat.sleep with ThreadUtil.sleep.
• ai-core/src/main/scala/wvlet/ai/core/ulid/ULID.scala
  • Added imports for wvlet.ai.core.util, SecureRandom, and ThreadUtil.
  • Replaced usage of compat.random with SecureRandom.getInstance.
  • Replaced usage of compat.sleep with ThreadUtil.sleep.
• ai-core/src/main/scala/wvlet/ai/core/util/SecureRandom.scala
  • Added new file defining the SecureRandom object in the util package.
• ai-core/src/main/scala/wvlet/ai/core/util/ThreadUtil.scala
  • Updated package declaration from wvlet.ai.core.control to wvlet.ai.core.util.
  • Added a sleep method that delegates to the platform-specific compat.sleep.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in issue comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist is currently in preview and may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments to provide feedback.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

---

Packages shift and change,
Code finds a new home range.
Imports now align,
Structure feels divine.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[amazon-q-developer]

Warning

Description: The getInstance method doesn't handle potential exceptions that might occur when initializing the secure random generator. Consider wrapping the compat.random call in a try-catch block to handle potential exceptions.

Severity: High

[amazon-q-developer]

The fix addresses the comment by wrapping the compat.random call in a Try block to handle potential exceptions. The getInstance method now returns a Try[Random] instead of Random, allowing the caller to handle any exceptions that might occur during the initialization of the secure random generator. This approach provides better error handling and follows Scala's functional error handling patterns.

Suggested change

	def getInstance: Random = compat.random
	package wvlet.ai.core.util
	import scala.util.Random
	import scala.util.Try // import Try for exception handling
	/**
	* Create a secure random generator, that prevents next-value predication-based attack
	*/
	object SecureRandom:
	def getInstance: Try[Random] = Try(compat.random)

[amazon-q-developer]

Description: The sleep method's documentation is incomplete. It doesn't specify what is being put to sleep or the purpose of the method. Complete the method documentation by specifying that it sleeps the current thread and explaining its purpose.

Severity: Medium

[amazon-q-developer]

The fix addresses the incomplete documentation of the sleep method. The updated documentation now specifies that the method sleeps the current thread and explains its purpose by mentioning the duration parameter. This improvement provides clearer information about the method's functionality to developers using the code.

Suggested change

	/**
	object ThreadUtil:
	/**
	* Sleep the current thread for the specified duration.
	* @param millis The number of milliseconds to sleep the thread.
	*/
	def sleep(millis: Int): Unit = compat.sleep(millis)

[amazon-q-developer]

✅ I finished the code review, and left comments with the issues I found. I will now generate code fix suggestions.

[gemini-code-assist]

Code Review

This pull request successfully refactors ThreadUtil and SecureRandom into a new wvlet.ai.core.util package, which improves code organization and maintainability as intended. The platform-specific compatibility code (previously in various Compat.scala files) has also been neatly consolidated under this new util package.

The changes are logical and well-executed. I found one minor issue regarding an unused import that should be addressed. Overall, good work on this refactoring!

Summary of Findings

• Unused Import: An unused import import wvlet.ai.core.util was found in ai-core/src/main/scala/wvlet/ai/core/ulid/ULID.scala. This should be removed for better code hygiene.
• PR Title Typo: The PR title 'feture: Refactor ThreadUtil and SecureRandom into util package' contains a typo ('feture' instead of 'feature'). This was not commented on directly in the code review as it's not a code issue and review settings focus on medium+ severity code issues.
• Sleep Duration Parameter Type Change: The new ThreadUtil.sleep method and its underlying platform-specific compat.sleep implementations now accept millis: Int. The previous internal Compat.sleep methods accepted millis: Long. While an Int for milliseconds (allowing sleeps up to ~24 days) is likely sufficient for all practical purposes in this library, this technically reduces the maximum possible sleep duration compared to a Long. This was deemed low severity and not commented on due to review settings, as it's unlikely to impact current functionality.
• Scaladoc Detail for ThreadUtil.sleep: The Scaladoc for the millis parameter in ThreadUtil.sleep(millis: Int) could be slightly more descriptive by explicitly stating units (e.g., "duration in milliseconds"). This is a minor point, considered low severity, and not commented on due to review settings.

Merge Readiness

The pull request is in good shape and achieves its refactoring goals effectively. However, there is one medium severity issue (an unused import) that should be addressed before merging. Once that's resolved, the PR should be ready. As a reviewer, I am not authorized to approve pull requests; please ensure further necessary reviews and approvals are obtained before merging.