Oliver Stöneberg

I am not sure if the warning properly communicates the intention. I did not want to make too verbose. I do not want to refrain from using it on those...

> Clang/GCC doesn't implement their checkers properly... In that case please file an upstream report. Looks like this might also be related to https://github.com/llvm/llvm-project/issues/93288.

> Nah, I doubt they would care about it. Great attitude. Imagine people had the attitude towards false positives in Cppcheck. Well, you might not imagine. They have that 100%....

A way to fix this is to `CTRL+A`, `CTRL+X`, `CTRL+V` the contents of the file. Possibly related to #105.

Cppcheck is being invoked and the raw results show the correct location: ```xml ``` Switching to a different IDE tab and back will also fix it but it also (unnecessarily)...

Thanks for your contribution. Please add a unit tests for this.

The documentation here is not very helpful: https://commons.apache.org/proper/commons-lang/apidocs/org/apache/commons/lang3/RandomStringUtils.html#randomAlphanumeric(int). Simply adding `insecure()` as suggested producing a warning about using a static method via an instance. And the fixit for that sends...

We should integrate this into the selfcheck. And we should also evaluate if parts of the internal check could be implemented using rules instead. A Python test for this file...

Applying these changes might incur a minor performance hit as it performs additional checks. Also the code is probably not being inlined as the implementation is inside the source.

I would prefer if we would add the existing rules to the selfcheck so we have a baseline and enforcement and then add the new rules along with the fixes...