From dd5286e2ef35634163136cb3c8ca6662515da4df Mon Sep 17 00:00:00 2001
From: "pixeebot[bot]" <104101892+pixeebot[bot]@users.noreply.github.com>
Date: Wed, 10 Jul 2024 21:44:02 -0400
Subject: [PATCH] Introduced protections against predictable RNG abuse (#8)

Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>
---
 .../java/io/airbyte/workers/helpers/ScheduleJitterHelper.java  | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/airbyte-workers/src/main/java/io/airbyte/workers/helpers/ScheduleJitterHelper.java b/airbyte-workers/src/main/java/io/airbyte/workers/helpers/ScheduleJitterHelper.java
index 353b26ab61d..3ebb4f15e5e 100644
--- a/airbyte-workers/src/main/java/io/airbyte/workers/helpers/ScheduleJitterHelper.java
+++ b/airbyte-workers/src/main/java/io/airbyte/workers/helpers/ScheduleJitterHelper.java
@@ -7,6 +7,7 @@
 import io.airbyte.api.client.model.generated.ConnectionScheduleType;
 import io.micronaut.context.annotation.Value;
 import jakarta.inject.Singleton;
+import java.security.SecureRandom;
 import java.time.Duration;
 import java.util.Random;
 import lombok.extern.slf4j.Slf4j;
@@ -62,7 +63,7 @@ public Duration addJitterBasedOnWaitTime(final Duration waitTime, final Connecti
     }
 
     final int jitterSeconds;
-    final Random random = new Random();
+    final Random random = new SecureRandom();
 
     // CRON schedules should not have negative jitter included, because then it is possible for the sync
     // to start and finish before the real scheduled time. This can result in a double sync because the