use secrets package over random package

Metadata

ID: python-security/avoid-random

Language: Python

Severity: Error

Category: Security

CWE: 330

Description

Make sure to use values that are actually random. The random module in Python should generally not be used and replaced with the secrets module, as noted in the official Python documentation.

Learn More

Non-Compliant Code Examples

from random import randrange

randrange(10) # # randrange is not actually random
from random import random

v = random() # random is not actually random
import random

n = random.randrange(10) # randrange is not actually random
import random

n = random.random(1) # randrange is not actually random
import random

n = random.random() # randrange is not actually random

Compliant Code Examples

n = random.random()
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains

Seamless integrations. Try Datadog Code Analysis

PREVIEWING: antoine.dussault/service-representation-ga-docs-us1