Adding MRE for Node Insecure Random Generator Rule
SAST Vulnerable MRE Addition or Enhancement
Background Information
gitlab-org/gitlab#440264 (closed) is aimed towards enhancing the Javascript Node Insecure Random Generator Community Rule
Changes Summary
This MRE adds test cases that demonstrate Javascript Node Insecure Random Generator vulnerability by using cryptographically weak random number generators like crypto.pseudoRandomBytes()
and Math.random()