[Python-ideas] Pre-PEP Adding A Secrets Module To The Standard Library

Steven D'Aprano steve at pearwood.info
Tue Sep 22 05:23:02 CEST 2015

On Mon, Sep 21, 2015 at 05:32:44PM -0400, Terry Reedy wrote:
> On 9/21/2015 12:22 PM, Steven D'Aprano wrote:
> >On Sun, Sep 20, 2015 at 09:00:08AM +0300, Serhiy Storchaka wrote:
> >>randbelow() is just an alias for randrange() with single argument.
> >>randint(a, b) == randrange(a, b+1).
> >>
> >>These functions are redundant and they have non-zero cost.
> >
> >But they already exist in the random module, so adding them to secrets
> >doesn't cost anything extra.
> I think the redundancy in random is a mistake.  The cost is confusion 
> and extra memory load, and there need to more ofter refer to the manual, 
> for essentially zero gain. 

Sorry, I don't understand what you mean.

Do you mean that it is a mistake for the random module to have randint 
and randrange? Or that it is a mistake for the secrets module to include 
functions that the random module includes?

> When I read two names, I expect them to do 
> two different things.  The question is whether to propagate the mistake 
> to a new module.

If you are referring to randint versus randrange, they do do different 
things. Look at their signatures.

randint(a, b) follows the ubiquitous API of "generate a random integer 
from the closed range a through b inclusive". 

randrange([start,] end [, step]) follows the Python practice of 
specifying a half-open interval, and has a more complex signature.

Even though randrange is more Pythonic, I've never actually used it. 
randint is always what I've wanted. E.g.

def die():
    # Roll a die.
    return randint(1, 6)

is far more natural than randrange(1, 7), Pythonic half-open intervals 
or not.

But I'm satisfied that others may think differently, and by Tim's 
argument that excluding one or the other will be more confusing than 
including them both.


More information about the Python-ideas mailing list