You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Some security scan on our app points to that (js) api and reports that it is a weak random number generator. It also reports that there are better alternatives like using crypto.randomBytes().
Would want to know if this module's operation is security-critical in any way and specifically how those variables which are assigned values from expressions using Math.random() actually used.
The text was updated successfully, but these errors were encountered:
Some security scan on our app points to that (js) api and reports that it is a weak random number generator. It also reports that there are better alternatives like using crypto.randomBytes().
Would want to know if this module's operation is security-critical in any way and specifically how those variables which are assigned values from expressions using
Math.random()actually used.The text was updated successfully, but these errors were encountered: