From 5dda33eb1839c491c3f36ce70329527b32e1e9a3 Mon Sep 17 00:00:00 2001 From: hhartzer <100533792+hhartzer@users.noreply.github.com> Date: Fri, 8 Mar 2024 21:48:39 +0000 Subject: [PATCH] fix: Improve randomness (#101) (#103) * fix: Improve randomness (#101) Fixes: #101 * Update shortuuid/main.py * Appease pre-commit --------- Co-authored-by: Stavros Korokithakis --- .pre-commit-config.yaml | 18 +++------ .travis.yml | 1 - CHANGELOG.md | 88 ++++++----------------------------------- README.md | 2 +- pyproject.toml | 3 +- shortuuid/main.py | 7 ++-- 6 files changed, 22 insertions(+), 97 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 148198e..b75f7f8 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -4,20 +4,12 @@ repos: hooks: - id: conventional-pre-commit stages: [commit-msg] -- repo: https://github.com/ambv/black - rev: 22.12.0 +- repo: https://github.com/astral-sh/ruff-pre-commit + rev: v0.3.1 hooks: - - id: black -- repo: https://github.com/asottile/reorder_python_imports - rev: v3.9.0 - hooks: - - id: reorder-python-imports -- repo: https://github.com/PyCQA/flake8 - rev: '6.0.0' - hooks: - - id: flake8 - args: ["--config=setup.cfg"] - language_version: python3 + - id: ruff + args: [ --fix ] + - id: ruff-format - repo: https://github.com/pycqa/pydocstyle rev: 6.2.2 hooks: diff --git a/.travis.yml b/.travis.yml index 167ba90..c18f0d4 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,7 +3,6 @@ arch: - amd64 - ppc64le python: - - "3.5" - "3.6" - "3.7" - "3.8" diff --git a/CHANGELOG.md b/CHANGELOG.md index 0fc1764..819afe9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,116 +3,52 @@ ## Unreleased -### Fixes - -* Annotate *args as Any (#95) [Kamil Essekkat] - - -## v1.0.10 (2022-11-09) - ### Features * Add the `encode` and `decode` commands to the cli. [Tim Crothers] * Add type hinting (#77) [Pablo Collado] -### Fixes - -* Forgot to bump the version, oops. [Stavros Korokithakis] - -* Fix type annotations. [Stavros Korokithakis] - +* Add `prefix` and `max_length` to the Django field. [Stavros Korokithakis] -## v1.0.9 (2022-05-08) +* Add Django ShortUUIDField. [Stavros Korokithakis] -### Fixes +* Added basic input type validation to encode and decode (#49) [Ivan Savov] -* Correctly account for length when prefix is used (fixes #71) [Stavros Korokithakis] +* Drop support for Python before 3.5. [Stavros Korokithakis] +* Add simple command-line interface (#43) [Éric Araujo] -## v1.0.8 (2021-11-11) +* Make int_to_string and string_to_int available globally. [Stavros Korokithakis] ### Fixes -* Include the COPYING file in releases. [Stavros Korokithakis] - +* Improve randomness (#101) [Henrich Hartzer] -## v1.0.7 (2021-11-08) - -### Features +* Annotate *args as Any (#95) [Kamil Essekkat] -* Add `prefix` and `max_length` to the Django field. [Stavros Korokithakis] +* Forgot to bump the version, oops. [Stavros Korokithakis] +* Fix type annotations. [Stavros Korokithakis] -## v1.0.6 (2021-11-08) +* Correctly account for length when prefix is used (fixes #71) [Stavros Korokithakis] -### Fixes +* Include the COPYING file in releases. [Stavros Korokithakis] * Fix compatibility for python versions older than 3.8 (#61) [Adrian Zuber] - -## v1.0.5 (2021-11-08) - -### Fixes - * Don't try to get the version from the pyproject.toml, as it's a hassle. [Stavros Korokithakis] * Fix slow loading times from using pkg_resources (fixes #59) [Stavros Korokithakis] - -## v1.0.4 (2021-11-08) - -### Fixes - * Fix the cli interface that the previous release broke. [Stavros Korokithakis] - -## v1.0.3 (2021-11-08) - -### Features - -* Add Django ShortUUIDField. [Stavros Korokithakis] - - -## v1.0.2 (2021-11-08) - -### Features - -* Added basic input type validation to encode and decode (#49) [Ivan Savov] - -### Fixes - * Use sys.version_info since sys.version returns string that interprets 3.10 as 3.1 in comparison. (#54) [Karthikeyan Singaravelan] - -## v1.0.1 (2020-03-06) - -### Features - -* Drop support for Python before 3.5. [Stavros Korokithakis] - -### Fixes - * Use README as the long description on PyPI. [Stavros Korokithakis] - -## v1.0.0 (2020-03-05) - -### Features - -* Add simple command-line interface (#43) [Éric Araujo] - -### Fixes - * Make encode and decode MSB-first (#36) [Keane Nguyen] * Make the URL check more robust (fixes #32) [Stavros Korokithakis] -## v0.5.0 (2017-02-19) - -### Features - -* Make int_to_string and string_to_int available globally. [Stavros Korokithakis] - - diff --git a/README.md b/README.md index af6502a..02c5896 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ Installation To install `shortuuid` you need: -- Python 3.x. +- Python 3.6+ If you have the dependencies, you have multiple options of installation: diff --git a/pyproject.toml b/pyproject.toml index 4294e0f..979fc61 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,6 @@ license = "BSD-3-Clause" classifiers = [ "License :: OSI Approved :: BSD License", "Programming Language :: Python", - "Programming Language :: Python :: 3.5", "Programming Language :: Python :: 3.6", "Programming Language :: Python :: 3.7", "Programming Language :: Python :: 3.8", @@ -23,7 +22,7 @@ include = ["COPYING"] shortuuid = "shortuuid.cli:cli" [tool.poetry.dependencies] -python = ">=3.5" +python = ">=3.6" [build-system] requires = ["poetry-core"] diff --git a/shortuuid/main.py b/shortuuid/main.py index 359d328..f9d7edd 100644 --- a/shortuuid/main.py +++ b/shortuuid/main.py @@ -1,7 +1,7 @@ """Concise UUID generation.""" -import binascii + import math -import os +import secrets import uuid as _uu from typing import List from typing import Optional @@ -104,8 +104,7 @@ def random(self, length: Optional[int] = None) -> str: if length is None: length = self._length - random_num = int(binascii.b2a_hex(os.urandom(length)), 16) - return int_to_string(random_num, self._alphabet, padding=length)[:length] + return "".join(secrets.choice(self._alphabet) for _ in range(length)) def get_alphabet(self) -> str: """Return the current alphabet used for new UUIDs."""