Bhavya Kaushal requested to merge crypto-random-gen into main Feb 27, 2024

SAST Vulnerable MRE Addition or Enhancement

Background Information

gitlab-org/gitlab#440264 (closed) is aimed towards enhancing the Javascript Node Insecure Random Generator Community Rule

Changes Summary

This MRE adds test cases that demonstrate Javascript Node Insecure Random Generator vulnerability by using cryptographically weak random number generators like crypto.pseudoRandomBytes() and Math.random()

Adding MRE for Node Insecure Random Generator Rule

SAST Vulnerable MRE Addition or Enhancement

Background Information

Changes Summary

Merge request reports