joepie91

Not all random values are created equal - for security-related code, you need a specific kind of random value.

A summary of this article, if you don't want to read the entire thing:

• Don't use Math.random(). There are extremely few cases where Math.random() is the right answer. Don't use it, unless you've read this entire article, and determined that it's necessary for your case.
• Don't use crypto.getRandomBytes directly. While it's a CSPRNG, it's easy to bias the result when 'transforming' it, such that the output becomes more predictable.
• If you want to generate random tokens or API keys: Use uuid, specifically the uuid.v4() method. Avoid node-uuid - it's not the same package, and doesn't produce reliably secure random values.
• If you want to generate random numbers in a range: Use random-number-csprng.

You should seriously consider reading the entire article, though - it's

gwillem

# Add this snippet to the top of your playbook. 
# It will install python2 if missing (but checks first so no expensive repeated apt updates)
# gwillem@gmail.com

- hosts: all
  gather_facts: False
  
  tasks:
  - name: install python 2
    raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal)

thlorenz

#!/bin/bash

replacements=(
  "NanAsyncWorker/Nan::AsyncWorker"
  "NanAsyncQueueWorker/Nan::AsyncQueueWorker"
  "NanCallback/Nan::Callback"
  "NanSetInternalFieldPointer/Nan::SetInternalFieldPointer"
  "NanGetInternalFieldPointer/Nan::GetInternalFieldPointer"
  "NanNewBufferHandle\\(([^;]+);/Nan::NewBuffer(\\1.ToLocalChecked();"
  "(NanNew(<(v8::)?String>)?\\(\"[^\"]*\"\\))/\\1.ToLocalChecked()"