Junio C Hamano <gitster@xxxxxxxxx> writes: > Taylor Blau <me@xxxxxxxxxxxx> writes: > >> I was wondering where else we call srand() within Git, and it looks like >> the only other spot is in `lock_file_timeout()`. > > lock_file_timeout() should be updated to match git_mkstemps_mode(), > which was taught to use the csprng_bytes() function with 47efda96 > (wrapper: use a CSPRNG to generate random file names, 2022-01-17), > and this new caller may want to do so as well, perhaps? I dunno, > but the caller then does not have to worry about "initializing it > just once". Of course, the obvious downside is that crypto-secure one may be, unlike for its use in mkstemps(), way overkill for lockfiles and cron dispersion purposes, as these codepaths are not on the target surface.
