Secure Source of Randomness

JLLeitschuh · Aug 2, 2024 · e73cb4a · e73cb4a
1 parent c122cb1
commit e73cb4a
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/vulnerability_fix_engine.py b/vulnerability_fix_engine.py
@@ -7,14 +7,14 @@
 import string
 from collections import Counter
 from dataclasses import dataclass, asdict, field
-from random import random
 from typing import List, Optional, Dict, Generator
 
 import aiofiles
 import github
 import time
 
 import github_util
+import secrets
 
 git_hub = github_util.load_github()
 
@@ -218,7 +218,7 @@ async def do_call(wait_time, previous_wait_time=0) -> Optional[str]:
                 # way to slow down this script reasonably
                 github_util.print_current_rate_limit()
                 await asyncio.sleep(wait_time)
-                return await do_call(wait_time * 2 + random(), previous_wait_time=wait_time)
+                return await do_call(wait_time * 2 + secrets.SystemRandom().random(), previous_wait_time=wait_time)
 
         return await do_call(1)
 
@@ -354,7 +354,7 @@ async def do_push_changes(self, retry_count: int = 5):
                 raise e
             else:
                 # Forking is an async operation, so we may need to wait a bit for it
-                await asyncio.sleep((5 - retry_count) * 2 + random())
+                await asyncio.sleep((5 - retry_count) * 2 + secrets.SystemRandom().random())
                 await self.do_push_changes(retry_count - 1)
 
     async def do_create_pull_request(self, lock) -> str: