John Rouillard <rouilj+...@cs.umb.edu> added the comment: Hi all:
In message <20171111153201.827854C03FF@itserver6.localdomain>, John Rouillard writes: >In message <1510376704.3.0.213398074469.issue...@psf.upfronthosting.co.za>, >Berker Peksag writes: >>Thank you for your quick response and for your detailed analysis, John. Well it gets more wierd. >>I will attach a patch to implement your suggestions. >> >>> My thought was that the random function wasn't so random. The new 1.5.1+ >>> (what will be 1.6) roundup uses more random data than 1.4.20. Addition >>> of nonces to protect against csrf etc. consumes random data. >> >>Should I open an upstream issue to document this at >> http://roundup.sourceforge.net/docs/upgrading.html ? Hmm, seems roundup is borking something in the random module. I created a default tracker using ./demo.py in a current checkout of the roundup tree. I added 30 issues and my implementation of your random action. I also added: print random.random() print random.random() inside the handler. I get the same sequence every time: 0.8774733181 0.652775856602 I access the http://...?@action=randomurl. That's not right Every import of random is supposed to be seeded with the current time or some os specific random data every time. Then once it's seeded the same instance of random should be updating the random state so the next call to random produces the next random number. AFAICT, what I see should be happening only if something in the code is calling random.seed() with the same value every time the url is accessed. However even when I comment out all of the seed() calls in the roundup code (all located in roundup/cgi/client.py) I get the same results as above. So there are no calls to random.seed in the roundup code base. Restarting the server by rerunning ./demo.py generates a new sequence with different values. Shoving a random.seed() in the handler function is merely covering up something that is broke. I'll keep poking at it to try to figure out why random seems to be losing state, but I am stumped here. _______________________________________________________ PSF Meta Tracker <metatrac...@psf.upfronthosting.co.za> <http://psf.upfronthosting.co.za/roundup/meta/issue644> _______________________________________________________ _______________________________________________ Tracker-discuss mailing list Tracker-discuss@python.org https://mail.python.org/mailman/listinfo/tracker-discuss Code of Conduct: https://www.python.org/psf/codeofconduct/
