summary refs log tree commit diff
path: root/scripts/hash_password
diff options
context:
space:
mode:
authorDan Callahan <danc@element.io>2021-05-14 10:58:46 +0100
committerGitHub <noreply@github.com>2021-05-14 10:58:46 +0100
commit498084228b89d30462df0a5adfcc737fdc21d314 (patch)
tree5682ee85ae6667222390ff02fccc61da834deacc /scripts/hash_password
parentSupport enabling opentracing by user (#9978) (diff)
downloadsynapse-498084228b89d30462df0a5adfcc737fdc21d314.tar.xz
Use Python's secrets module instead of random (#9984)
Functionally identical, but more obviously cryptographically secure.
...Explicit is better than implicit?

Avoids needing to know that SystemRandom() implies a CSPRNG, and
complies with the big scary red box on the documentation for random:

> Warning:
>   The pseudo-random generators of this module should not be used for
>   security purposes. For security or cryptographic uses, see the
>   secrets module.

https://docs.python.org/3/library/random.html

Signed-off-by: Dan Callahan <danc@element.io>
Diffstat (limited to 'scripts/hash_password')
0 files changed, 0 insertions, 0 deletions