rspec/rules/S2245/ask-yourself.adoc

== Ask Yourself Whether

* the code using the generated value requires it to be unpredictable. It is the case for all encryption mechanisms or when a secret value, such as a password, is hashed.
* the function you use generates a value which can be predicted (pseudo-random).
* the generated value is used multiple times.
* an attacker can access the generated value.

There is a risk if you answered yes to any of those questions.
Add rules 2000-2999 2020-06-30 12:48:07 +02:00			`== Ask Yourself Whether`

			`* the code using the generated value requires it to be unpredictable. It is the case for all encryption mechanisms or when a secret value, such as a password, is hashed.`
			`* the function you use generates a value which can be predicted (pseudo-random).`
			`* the generated value is used multiple times.`
			`* an attacker can access the generated value.`

			`There is a risk if you answered yes to any of those questions.`