[Python-ideas] Python's Source of Randomness and the random.py module Redux
abarnert at yahoo.com
Thu Sep 10 10:20:15 CEST 2015
On Sep 10, 2015, at 00:35, Petr Viktorin <encukou at gmail.com> wrote:
>> On Thu, Sep 10, 2015 at 3:30 AM, Donald Stufft <donald at stufft.io> wrote:
>> So I guess my suggestion would be, let's deprecate the module scope functions
>> and rename random.Random to random.DeterministicRandom. This absolves us of
>> needing to change the behavior of people's existing code (besides deprecating
>> it) and we don't need to decide if a userland CSPRNG is safe or not while still
>> moving us to a situation that is far more likely to have users doing the right
> There is one use case that would be hit by that: the kid writing their
> first rock-paper-scissors game.
> A beginner who just learned the `if` statement isn't ready for a
> discussion of cryptography vs. reproducible results, and
> random.SystemRandom.random() would just become a magic incantation to
> learn. It would feel like requiring sys.stdout.write() instead of
> Functions like paretovariate(), getstate(), or seed(), which require
> some understanding of (pseudo)randomness, can be moved to a specific
> class, but I don't think deprecating random(), randint(), randrange(),
> choice(), and shuffle() would not be a good idea. Switching them to a
> cryptographically safe RNG is OK from this perspective, though.
Silently switching them could break a lot of code.
I don't think there's any way around making them warn the user that they need to do something. I think the patch I just sent is a good way of doing that: the minimum thing they need to do is a one-liner, which is explained in the warning, and it also gives them enough information to check the docs or google the message and get some understanding of the choice if they're at all inclined to do so. (And if they aren't, well, either one works for the use case you're talking about, so let them flip a coin, or call random.choice.;))
More information about the Python-ideas