diff --git a/bandit/blacklists/calls.py b/bandit/blacklists/calls.py index 309794248..ee8df2078 100644 --- a/bandit/blacklists/calls.py +++ b/bandit/blacklists/calls.py @@ -191,6 +191,7 @@ | | | - random.randrange | | | | | - random.randint | | | | | - random.choice | | +| | | - random.choices | | | | | - random.uniform | | | | | - random.triangular | | +------+---------------------+------------------------------------+-----------+ @@ -447,6 +448,7 @@ def gen_blacklist(): 'random.randrange', 'random.randint', 'random.choice', + 'random.choices', 'random.uniform', 'random.triangular'], 'Standard pseudo-random generators are not suitable for ' diff --git a/examples/random_module.py b/examples/random_module.py index ffdbb5be7..9191bdad8 100644 --- a/examples/random_module.py +++ b/examples/random_module.py @@ -6,6 +6,7 @@ bad = random.randrange() bad = random.randint() bad = random.choice() +bad = random.choices() bad = random.uniform() bad = random.triangular() diff --git a/tests/functional/test_functional.py b/tests/functional/test_functional.py index df6e219ab..173d4d67b 100644 --- a/tests/functional/test_functional.py +++ b/tests/functional/test_functional.py @@ -355,8 +355,8 @@ def test_popen_wrappers(self): def test_random_module(self): '''Test for the `random` module.''' expect = { - 'SEVERITY': {'UNDEFINED': 0, 'LOW': 6, 'MEDIUM': 0, 'HIGH': 0}, - 'CONFIDENCE': {'UNDEFINED': 0, 'LOW': 0, 'MEDIUM': 0, 'HIGH': 6} + 'SEVERITY': {'UNDEFINED': 0, 'LOW': 7, 'MEDIUM': 0, 'HIGH': 0}, + 'CONFIDENCE': {'UNDEFINED': 0, 'LOW': 0, 'MEDIUM': 0, 'HIGH': 7} } self.check_example('random_module.py', expect)