Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(security): generating random string with crypto rand #7525

Merged
merged 1 commit into from
Nov 21, 2024

Conversation

Mmx233
Copy link
Contributor

@Mmx233 Mmx233 commented Nov 20, 2024

The library math/rand is not suitable for high-security scenarios.

Tested with code:

package main

import (
	"fmt"
	"github.com/alist-org/alist/v3/pkg/utils/random"
)

func main() {
	str := random.String(10)
	fmt.Println(str)
}

Output:

# go run .\main.go
IoQrBB5BR4
# go run .\main.go
yDMJVfJqED

@xhofe xhofe merged commit 12b4295 into AlistGo:main Nov 21, 2024
3 checks passed
long2005a1 added a commit to long2005a1/Long-Cloud that referenced this pull request Nov 25, 2024
@Mmx233 Mmx233 deleted the feat/improve-random branch December 10, 2024 06:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants