use secrets package over random package

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Metadata

ID: python-security/avoid-random

Language: Python

Severity: Error

Category: Security

CWE: 330

Description

Make sure to use values that are actually random. The random module in Python should generally not be used and replaced with the secrets module, as noted in the official Python documentation.

Learn More

Non-Compliant Code Examples

from random import randrange

randrange(10) # # randrange is not actually random
from random import random

v = random() # random is not actually random
import random

n = random.randrange(10) # randrange is not actually random
import random

n = random.random(1) # randrange is not actually random
import random

n = random.random() # randrange is not actually random

Compliant Code Examples

n = random.random()
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains

Seamless integrations. Try Datadog Code Analysis

PREVIEWING: rtrieu/product-analytics-ui-changes