Fix secure-random to ignore random.SystemRandom

pixee · Jan 31, 2024 · e33e8ea · e33e8ea
1 parent 63d2165
commit e33e8ea
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 0 deletions.
diff --git a/src/core_codemods/secure_random.py b/src/core_codemods/secure_random.py
@@ -24,6 +24,7 @@ class SecureRandom(SimpleCodemod):
     detector_pattern = """
         - patterns:
           - pattern: random.$F(...)
+          - pattern-not: random.SystemRandom()
           - pattern-inside: |
               import random
               ...

diff --git a/tests/codemods/test_secure_random.py b/tests/codemods/test_secure_random.py
@@ -174,3 +174,27 @@ def test_random_multifunctions(self, tmpdir):
         """
 
         self.run_and_assert(tmpdir, input_code, expected_output)
+
+    def test_random_systemrandom(self, tmpdir):
+        input_code = """
+        import random
+
+        rand = random.SystemRandom()
+        """
+        self.run_and_assert(tmpdir, input_code, input_code)
+
+    def test_random_systemrandom_importfrom(self, tmpdir):
+        input_code = """
+        from random import SystemRandom
+
+        rand = SystemRandom()
+        """
+        self.run_and_assert(tmpdir, input_code, input_code)
+
+    def test_random_systemrandom_import_alias(self, tmpdir):
+        input_code = """
+        import random as domran
+
+        rand = domran.SystemRandom()
+        """
+        self.run_and_assert(tmpdir, input_code, input_code)