From 4af909da11d3aa22ac4151302e2c48d5de549c55 Mon Sep 17 00:00:00 2001
From: "pixeebot[bot]" <104101892+pixeebot[bot]@users.noreply.github.com>
Date: Thu, 2 May 2024 19:05:14 -0400
Subject: [PATCH] Secure Source of Randomness (#1)

Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>
---
 altair/utils/data.py       | 6 +++---
 altair/utils/server.py     | 4 ++--
 sphinxext/altairgallery.py | 6 +++---
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/altair/utils/data.py b/altair/utils/data.py
index 871b43092..935cb87f9 100644
--- a/altair/utils/data.py
+++ b/altair/utils/data.py
@@ -1,6 +1,5 @@
 import json
 import os
-import random
 import hashlib
 import warnings
 from typing import Union, MutableMapping, Optional, Dict, Sequence, TYPE_CHECKING, List
@@ -17,6 +16,7 @@
 
 
 from typing import Protocol, TypedDict, Literal
+import secrets
 
 
 if TYPE_CHECKING:
@@ -136,7 +136,7 @@ def sample(
                         "frac cannot be None if n is None and data is a dictionary"
                     )
                 n = int(frac * len(values))
-            values = random.sample(values, n)
+            values = secrets.SystemRandom().sample(values, n)
             return {"values": values}
         else:
             # Maybe this should raise an error or return something useful?
@@ -149,7 +149,7 @@ def sample(
                     "frac cannot be None if n is None with this data input type"
                 )
             n = int(frac * len(pa_table))
-        indices = random.sample(range(len(pa_table)), n)
+        indices = secrets.SystemRandom().sample(range(len(pa_table)), n)
         return pa_table.take(indices)
     else:
         # Maybe this should raise an error or return something useful? Currently,
diff --git a/altair/utils/server.py b/altair/utils/server.py
index 2ec2b32fc..0cee1ba1a 100644
--- a/altair/utils/server.py
+++ b/altair/utils/server.py
@@ -12,7 +12,7 @@
 from http import server
 from io import BytesIO as IO
 import itertools
-import random
+import secrets
 
 JUPYTER_WARNING = """
 Note: if you're in the Jupyter notebook, Chart.serve() is not the best
@@ -70,7 +70,7 @@ def do_GET(self):
 def find_open_port(ip, port, n=50):
     """Find an open port near the specified port"""
     ports = itertools.chain(
-        (port + i for i in range(n)), (port + random.randint(-2 * n, 2 * n))
+        (port + i for i in range(n)), (port + secrets.SystemRandom().randint(-2 * n, 2 * n))
     )
 
     for port in ports:
diff --git a/sphinxext/altairgallery.py b/sphinxext/altairgallery.py
index a6310ddd9..0be93f372 100644
--- a/sphinxext/altairgallery.py
+++ b/sphinxext/altairgallery.py
@@ -1,7 +1,6 @@
 import hashlib
 import os
 import json
-import random
 import collections
 from operator import itemgetter
 import warnings
@@ -25,6 +24,7 @@
 from altair.utils.execeval import eval_block
 from tests.examples_arguments_syntax import iter_examples_arguments_syntax
 from tests.examples_methods_syntax import iter_examples_methods_syntax
+import secrets
 
 
 EXAMPLE_MODULE = "altair.examples"
@@ -278,8 +278,8 @@ def run(self):
             if indices:
                 examples = [examples[i] for i in indices]
             if shuffle:
-                random.seed(seed)
-                random.shuffle(examples)
+                secrets.SystemRandom().seed(seed)
+                secrets.SystemRandom().shuffle(examples)
             if size:
                 examples = examples[:size]