Module InsecureRandomness
Provides default sources, sinks, and sanitizers for reasoning about random values that are not cryptographically secure, as well as extension points for adding your own.
Import path
import codeql.ruby.security.InsecureRandomnessCustomizations
Classes
CharacterIndexing | A index call, considered as a sink for random values that are not cryptographiocally secure |
CryptoKeySink | A cryptographic key, considered as a sink for random values that are not cryptographically secure. |
DefaultSource | A simple random number generator that is not cryptographically secure. |
Sanitizer | A sanitizer for random values that are not cryptographically secure. |
SensitiveWriteSink | A sensitive write, considered as a sink for random values that are not cryptographically secure. |
Sink | A data flow sink for random values that are not cryptographically secure. |
Source | A data flow source for random values that are not cryptographically secure. |