From 498084228b89d30462df0a5adfcc737fdc21d314 Mon Sep 17 00:00:00 2001
From: Dan Callahan <danc@element.io>
Date: Fri, 14 May 2021 10:58:46 +0100
Subject: Use Python's secrets module instead of random (#9984)

Functionally identical, but more obviously cryptographically secure.
...Explicit is better than implicit?

Avoids needing to know that SystemRandom() implies a CSPRNG, and
complies with the big scary red box on the documentation for random:

> Warning:
>   The pseudo-random generators of this module should not be used for
>   security purposes. For security or cryptographic uses, see the
>   secrets module.

https://docs.python.org/3/library/random.html

Signed-off-by: Dan Callahan <danc@element.io>
---
 changelog.d/9984.misc | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 changelog.d/9984.misc

(limited to 'changelog.d')

diff --git a/changelog.d/9984.misc b/changelog.d/9984.misc
new file mode 100644
index 0000000000..97bd747f26
--- /dev/null
+++ b/changelog.d/9984.misc
@@ -0,0 +1 @@
+Simplify a few helper functions.
-- 
cgit 1.4.1