Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unit tests failing with security error #3356

Closed
mik-dass opened this issue Jun 16, 2020 · 5 comments
Closed

Unit tests failing with security error #3356

mik-dass opened this issue Jun 16, 2020 · 5 comments
Labels
kind/bug Categorizes issue or PR as related to a bug.

Comments

@mik-dass
Copy link
Contributor

mik-dass commented Jun 16, 2020
edited
Loading

/kind bug

Actual behavior

[/home/travis/gopath/src/github.com/openshift/odo/tests/helper/helper_generic.go:28] - G404 (CWE-338): Use of weak random number generator (math/rand instead of crypto/rand) (Confidence: MEDIUM, Severity: HIGH)
  > rand.Intn(len(letterBytes))
[/home/travis/gopath/src/github.com/openshift/odo/pkg/util/util.go:87] - G404 (CWE-338): Use of weak random number generator (math/rand instead of crypto/rand) (Confidence: MEDIUM, Severity: HIGH)
  > rand.Intn(len(letterRunes))

https://travis-ci.com/github/openshift/odo/jobs/349244708

Expected behavior

Unit tests should pass
@openshift-ci-robot openshift-ci-robot added the kind/bug Categorizes issue or PR as related to a bug. label Jun 16, 2020
@kadel
Copy link
Member

kadel commented Jun 19, 2020

@mik-dass @girishramnani, wasn't this fixed by #3358?

@girishramnani
Copy link
Contributor

yes it should have been

@girishramnani
Copy link
Contributor

can @mik-dass rebase?

@girishramnani
Copy link
Contributor

confirming that there is no instance of math/rand in upstream/master
C0399F3B-0FDA-4636-B072-47E68C75ED8D_4_5005_c

@mik-dass
Copy link
Contributor Author

mik-dass commented Jun 19, 2020
edited
Loading

This was created when the error was there. #3358 didn't mention it closes this issue, so it stayed open.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@kadel @girishramnani @mik-dass @openshift-ci-robot