From ac203d04306cab31bc72d640e61de771542109ab Mon Sep 17 00:00:00 2001 From: Vinit Kumar Date: Sun, 25 Sep 2022 00:43:11 +0530 Subject: [PATCH 1/3] fix: use SystemRandom as a secure way for generating Random Integers --- json2xml/dicttoxml.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/json2xml/dicttoxml.py b/json2xml/dicttoxml.py index 3229a1c9..2eeb1744 100755 --- a/json2xml/dicttoxml.py +++ b/json2xml/dicttoxml.py @@ -16,9 +16,11 @@ import numbers import os from collections.abc import Callable, Sequence -from random import randint +from random import SystemRandom from typing import Any, Dict, Union +safe_random = SystemRandom() + from defusedxml.minidom import parseString DEBUGMODE = os.getenv("DEBUGMODE", False) # pragma: no cover @@ -27,7 +29,7 @@ def make_id(element: str, start: int = 100000, end: int = 999999) -> str: """Returns a random integer""" - return f"{element}_{randint(start, end)}" + return f"{element}_{safe_random.randint(start, end)}" def get_unique_id(element: str) -> str: From 9f22895c7d98c3dc968d7f9a5e1d3ed39820a6e7 Mon Sep 17 00:00:00 2001 From: Vinit Kumar Date: Sun, 25 Sep 2022 12:34:39 +0530 Subject: [PATCH 2/3] fix: move all module level imports to the top --- json2xml/dicttoxml.py | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/json2xml/dicttoxml.py b/json2xml/dicttoxml.py index 2eeb1744..ba113ed8 100755 --- a/json2xml/dicttoxml.py +++ b/json2xml/dicttoxml.py @@ -18,11 +18,9 @@ from collections.abc import Callable, Sequence from random import SystemRandom from typing import Any, Dict, Union - -safe_random = SystemRandom() - from defusedxml.minidom import parseString +safe_random = SystemRandom() DEBUGMODE = os.getenv("DEBUGMODE", False) # pragma: no cover LOG = logging.getLogger("dicttoxml") # pragma: no cover From aa7b3e8561af06ec855fbf743150459f2b9da6d1 Mon Sep 17 00:00:00 2001 From: Vinit Kumar Date: Mon, 26 Sep 2022 01:15:11 +0530 Subject: [PATCH 3/3] fix: isort issues --- json2xml/dicttoxml.py | 1 + 1 file changed, 1 insertion(+) diff --git a/json2xml/dicttoxml.py b/json2xml/dicttoxml.py index ba113ed8..5a950753 100755 --- a/json2xml/dicttoxml.py +++ b/json2xml/dicttoxml.py @@ -18,6 +18,7 @@ from collections.abc import Callable, Sequence from random import SystemRandom from typing import Any, Dict, Union + from defusedxml.minidom import parseString safe_random = SystemRandom()