:bug: Switch to CSPRNG for key generation

salopensource / sal

Modular reporting for Endpoints

Apache License 2.0

212 stars 64 forks source link

:bug: Switch to CSPRNG for key generation #430

Closed KevinHock closed 1 year ago

KevinHock commented 3 years ago

Thanks for Sal -- great project.

Per the Python docs Warning The pseudo-random generators of this module should not be used for security purposes. For security or cryptographic uses, see the secrets module.

sheagcraig commented 2 years ago

This looks reasonable. Have you before/after tested this change?

KevinHock commented 2 years ago

Yup, you can see in the REPL that it does the same.