On 15/09/15 16:47, Nick Coghlan wrote:
* providing random.system and random.seedable submodules so you can explicitly opt in to using the one you want without having to manage your own RNG instances
I do not think these names are helpful. The purpose was to increase security, not confuse the user even more. What does "seedable" mean? Secure as in ChaCha20? Insecure as in MT19937? Something else? A name like "seedable" does not convey any useful information about the security to an un(der)informed web developer. A name like "random.system" does not convey any information about numerical applicability to an un(der)informed researcher. The module names should rather indicate how the generators are intended to be used. I suggest: random.crypto.* (os.urandom, ChaCha20, Arc4Random) random.numeric.* (Mersenne Twister, PCG, XorShift) Deprecate random.random et al. with a visible warning. That should convey the message. Sturla