From 3e534e6ed04d201d3e90c68d1286ec72055e9613 Mon Sep 17 00:00:00 2001
From: "pixee-standardchartered[bot]"
 <192133916+pixee-standardchartered[bot]@users.noreply.github.com>
Date: Sat, 1 Feb 2025 03:01:22 +0000
Subject: [PATCH] (Sonar) Fixed finding: "Classes should not be loaded
 dynamically"

---
 pom.xml                                                 | 5 +++--
 src/main/java/com/acme/reflection/UnsafeReflection.java | 3 ++-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/pom.xml b/pom.xml
index 9b83a72..dd4d3a4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -12,7 +12,8 @@
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     <sonar.host.url>https://sonarcloud.io</sonar.host.url>
     <sonar.organization>pixee</sonar.organization>
-  </properties>
+  <versions.java-security-toolkit>1.2.1</versions.java-security-toolkit>
+ </properties>
 
   <dependencyManagement>
     <dependencies>
@@ -31,7 +32,7 @@
       <dependency>
         <groupId>io.github.pixee</groupId>
         <artifactId>java-security-toolkit</artifactId>
-        <version>1.2.0</version>
+        <version>${versions.java-security-toolkit}</version>
       </dependency>
     </dependencies>
   </dependencyManagement>
diff --git a/src/main/java/com/acme/reflection/UnsafeReflection.java b/src/main/java/com/acme/reflection/UnsafeReflection.java
index ce34dec..e0170f5 100644
--- a/src/main/java/com/acme/reflection/UnsafeReflection.java
+++ b/src/main/java/com/acme/reflection/UnsafeReflection.java
@@ -1,5 +1,6 @@
 package com.acme.reflection;
 
+import io.github.pixee.security.Reflection;
 import jakarta.ws.rs.GET;
 import jakarta.ws.rs.Path;
 import jakarta.ws.rs.QueryParam;
@@ -22,7 +23,7 @@ public String hello(@QueryParam("translator") final String translationStrategy)
   private static TranslatorStrategy loadTranslatorByName(final String translationStrategy) {
     final Class<?> translatorClazz;
     try {
-      translatorClazz = Class.forName("com.acme." + translationStrategy);
+      translatorClazz = Reflection.loadAndVerify("com.acme." + translationStrategy);
     } catch (ClassNotFoundException e) {
       throw new IllegalArgumentException("Invalid translator: " + translationStrategy, e);
     }