ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-10-23 04:24:00 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

random_string: replace random.SystemRandom() with secrets.SystemRandom() (#10893)

Browse source 
* random_string: replace random.SystemRandom() with secrets.SystemRandom()

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>

* add the forgotten blank line

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>

* Update changelogs/fragments/replace-random-with-secrets.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* readd the description

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>

* Update changelogs/fragments/replace-random-with-secrets.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

---------

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
Thomas Sjögren 2025-10-10 19:08:16 +02:00 committed by GitHub
commit 14a858fd9c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 7 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
changelogs/fragments/replace-random-with-secrets.yml Normal file
View file

@ -0,0 +1,4 @@
bugfixes:
- random_string lookup plugin - replace ``random.SystemRandom()`` with ``secrets.SystemRandom()`` when
generating strings. This has no practical effect, as both are the same
(https://github.com/ansible-collections/community.general/pull/10893).

5
plugins/lookup/random_string.py
View file

@ -16,7 +16,7 @@ short_description: Generates random string
version_added: '3.2.0' version_added: '3.2.0'
description: description:
- Generates random string based upon the given constraints. - Generates random string based upon the given constraints.
- Uses L(random.SystemRandom,https://docs.python.org/3/library/random.html#random.SystemRandom), so should be strong enough - Uses L(secrets.SystemRandom,https://docs.python.org/3/library/secrets.html#secrets.SystemRandom), so should be strong enough
for cryptographic purposes. for cryptographic purposes.
options: options:
length: length:
@ -169,6 +169,7 @@ _raw:
import base64 import base64
import random import random
import secrets
import string import string
from ansible.errors import AnsibleLookupError from ansible.errors import AnsibleLookupError
@ -209,7 +210,7 @@ class LookupModule(LookupBase):
seed = self.get_option("seed") seed = self.get_option("seed")
if seed is None: if seed is None:
random_generator = random.SystemRandom() random_generator = secrets.SystemRandom()
else: else:
random_generator = random.Random(seed) random_generator = random.Random(seed)