Summary: Using the `random` module in the Grist `UUID()` function is not cryptographically secure, and is only necessary for the old pynbox (Python 2) sandbox which doesn't support `os.urandom`. This diff uses the `uuid.uuidv4()` function from the Python standard library when possible, which is more secure, only falling back to the old implementation when necessary. Test Plan: Added Python unit tests to check both implementations. Reviewers: dsagal Subscribers: paulfitz, dsagal Differential Revision: https://phab.getgrist.com/D3578pull/13/head
parent
3ad78590c2
commit
31f54065f5
Loading…
Reference in new issue