gosec: G404 - Use of weak rng

math/rand is good enough for uuids. disabling rule locally.

internal/disk/disk_test.go

@@ -41,6 +41,8 @@ func TestDisk_DynamicallyResizePartitionTable(t *testing.T) {
 		},
 	}
 	var expectedSize uint64 = 2147483648
+	// math/rand is good enough in this case
+	/* #nosec G404 */
 	rng := rand.New(rand.NewSource(0))
 	pt = disk.CreatePartitionTable(mountpoints, 1024, pt, rng)
 	assert.GreaterOrEqual(t, expectedSize, pt.Size)

internal/distro/rhel84/distro.go

@@ -295,6 +295,8 @@ func (t *imageType) Manifest(c *blueprint.Customizations,
 	packageSpecSets map[string][]rpmmd.PackageSpec,
 	seed int64) (distro.Manifest, error) {
 	source := rand.NewSource(seed)
+	// math/rand is good enough in this case
+	/* #nosec G404 */
 	rng := rand.New(source)
 	pipeline, err := t.pipeline(c, options, repos, packageSpecSets["packages"], packageSpecSets["build-packages"], rng)
 	if err != nil {

internal/distro/rhel84/distro_v2.go

@@ -137,6 +137,8 @@ func (t *imageTypeS2) Manifest(c *blueprint.Customizations,
 	packageSpecSets map[string][]rpmmd.PackageSpec,
 	seed int64) (distro.Manifest, error) {
 	source := rand.NewSource(seed)
+	// math/rand is good enough in this case
+	/* #nosec G404 */
 	rng := rand.New(source)
 	pipelines, err := t.pipelines(c, options, repos, packageSpecSets, rng)
 	if err != nil {

internal/distro/rhel85/distro.go

@@ -338,6 +338,8 @@ func (t *imageType) Manifest(customizations *blueprint.Customizations,
 	}
 
 	source := rand.NewSource(seed)
+	// math/rand is good enough in this case
+	/* #nosec G404 */
 	rng := rand.New(source)
 
 	pipelines, err := t.pipelines(t, customizations, options, repos, packageSpecSets, rng)

internal/distro/rhel85/distro_internal_test.go

@@ -28,6 +28,8 @@ var mountpoints = []blueprint.FilesystemCustomization{
 	},
 }
 
+// math/rand is good enough in this case
+/* #nosec G404 */
 var rng = rand.New(rand.NewSource(0))
 
 func containsMountpoint(expected []disk.Partition, mountpoint string) bool {

internal/distro/rhel86/distro.go

@@ -372,6 +372,8 @@ func (t *imageType) Manifest(customizations *blueprint.Customizations,
 	}
 
 	source := rand.NewSource(seed)
+	// math/rand is good enough in this case
+	/* #nosec G404 */
 	rng := rand.New(source)
 
 	pipelines, err := t.pipelines(t, customizations, options, repos, packageSpecSets, rng)

internal/distro/rhel86/distro_internal_test.go

@@ -28,6 +28,8 @@ var mountpoints = []blueprint.FilesystemCustomization{
 	},
 }
 
+// math/rand is good enough in this case
+/* #nosec G404 */
 var rng = rand.New(rand.NewSource(0))
 
 func containsMountpoint(expected []disk.Partition, mountpoint string) bool {

internal/distro/rhel90/distro.go

@@ -372,6 +372,8 @@ func (t *imageType) Manifest(customizations *blueprint.Customizations,
 	}
 
 	source := rand.NewSource(seed)
+	// math/rand is good enough in this case
+	/* #nosec G404 */
 	rng := rand.New(source)
 
 	pipelines, err := t.pipelines(t, customizations, options, repos, packageSpecSets, rng)

internal/distro/rhel90beta/distro.go

@@ -373,6 +373,8 @@ func (t *imageType) Manifest(customizations *blueprint.Customizations,
 	}
 
 	source := rand.NewSource(seed)
+	// math/rand is good enough in this case
+	/* #nosec G404 */
 	rng := rand.New(source)
 
 	pipelines, err := t.pipelines(t, customizations, options, repos, packageSpecSets, rng)

internal/weldr/api_test.go

@@ -564,6 +564,8 @@ func TestBlueprintsChanges(t *testing.T) {
 
 	api, _ := createWeldrAPI(tempdir, rpmmd_mock.BaseFixture)
 	rand.Seed(time.Now().UnixNano())
+	// math/rand is good enough in this case
+	/* #nosec G404 */
 	id := strconv.Itoa(rand.Int())
 	ignoreFields := []string{"commit", "timestamp"}
 
@@ -606,6 +608,8 @@ func TestBlueprintsUndo(t *testing.T) {
 
 	api, _ := createWeldrAPI(tempdir, rpmmd_mock.BaseFixture)
 	rand.Seed(time.Now().UnixNano())
+	// math/rand is good enough in this case
+	/* #nosec G404 */
 	id := strconv.Itoa(rand.Int())
 	ignoreFields := []string{"commit", "timestamp"}