yukster
commented
2 years ago Oh, we're on version 1.1.8. I tried the test on 1.2.0 and I got the same result.
Open yukster opened 2 years ago
yukster
commented
2 years ago Oh, we're on version 1.1.8. I tried the test on 1.2.0 and I got the same result.
devstopfix
commented
1 year ago @yukster are you running PROD in a container? I have seen the same behaviour in a Java app where it generated identical sequence of values due to the container not providing entropy.
However, the Erlang doc says this should be detected :- https://www.erlang.org/doc/man/crypto.html#strong_rand_bytes-1
may raise exception error:low_entropy in case the random generator failed due to lack of secure "randomness"
An app I work on is using UUID.uuid4/0 to generate secret keys. We noticed some duplicate values in the db (yeah, I know, we should have a unique index on there).
I spun up a test to create several records and I'm seeing the same UUID on all of them. The docs say "this version uses pseudo-random bytes generated by the crypto module". Is it expected that repeat calls would not yield unique values?
Interestingly enough, if I call this function in a loop in an iex console I get different values... but it appears that records inserted in prod mode sometimes get duplicate values. Any help appreciated.