use secrets package over random package

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Metadata

ID: python-security/avoid-random

Language: Python

Severity: Error

Category: Security

CWE: 330

Description

Make sure to use values that are actually random. The random module in Python should generally not be used and replaced with the secrets module, as noted in the official Python documentation.

Learn More

Non-Compliant Code Examples

from random import randrange

randrange(10) # # randrange is not actually random
from random import random

v = random() # random is not actually random
import random

n = random.randrange(10) # randrange is not actually random
import random

n = random.random(1) # randrange is not actually random
import random

n = random.random() # randrange is not actually random

Compliant Code Examples

n = random.random()
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains

Seamless integrations. Try Datadog Code Analysis