TSLint no-math-random Rule
TSLint rule to disallow
Math.random() function is not seed-able, not secure,
and not really that random. So, how about we disable it completely in projects
where using it could cause something bad.
Add this to your package's
devDependencies, then in your
the following lines:
That's it! With this rule enabled any calls to
Math.random() will result in a
TSLint's built in rule ban can accomplish much of what this package allows.
The main upside to this is that you don't need this package; Hurrah! The only
downside is that if you selectively disable the
ban rule for a line/block of
code, you've disabled all banned syntax which could hypothetically allow
Also, I think the rule name is clearer as
no-math-random rather than
but to each their own.
However, in reality using
ban is probably easier. I won't be offended.
I made this rule for two simple reasons:
- To make sure developers do not use JS's built in Math.random when better solutions exist.
- Because I wanted to learn some under the hood stuff with how TS and TSLint work.
The only thing you probably care about is the first. But if you did not know, JS's built in Math.random() leaves lot to be desired (seeding), and is an easy trap to fall into if you want to get into cryptography.
If in your project you use some superior source of randomness via some PRNG package, then you can ban the usage of JS's built-in PRNG using this rule!
But mostly this exists for the second reason :P