Willie.Veldkamp/ProxmoxVE-Local
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix for code scanning alert no. 4: Insecure randomness

Browse Source 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
This commit is contained in:
CanbiZ
2025-12-12 11:29:52 +01:00
committed by GitHub
parent c16c8d54db
commit a91986db01
1 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/app/_components/VersionDisplay.tsx
View File

@@ -416,11 +416,20 @@ export function VersionDisplay({ onOpenReleaseNotes }: VersionDisplayProps = {})
setShowUpdateConfirmation(true); setShowUpdateConfirmation(true);
}; };
// Helper to generate secure random string
function getSecureRandomString(length: number): string {
const array = new Uint8Array(length);
window.crypto.getRandomValues(array);
// Convert to base36 string (alphanumeric)
return Array.from(array, b => b.toString(36)).join('').substr(0, length);
}
const handleConfirmUpdate = () => { const handleConfirmUpdate = () => {
// Close the confirmation modal // Close the confirmation modal
setShowUpdateConfirmation(false); setShowUpdateConfirmation(false);
// Start the actual update process // Start the actual update process
const sessionId = `update_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`; const randomSuffix = getSecureRandomString(9);
const sessionId = `update_${Date.now()}_${randomSuffix}`;
const startTime = Date.now(); const startTime = Date.now();
setIsUpdating(true); setIsUpdating(true);