[Python-ideas] Python's Source of Randomness and the random.py module Redux

[Petr Viktorin]

On Thu, Sep 10, 2015 at 3:30 AM, Donald Stufft <donald at stufft.io> wrote:
[...]
>
> So I guess my suggestion would be, let's deprecate the module scope functions
> and rename random.Random to random.DeterministicRandom. This absolves us of
> needing to change the behavior of people's existing code (besides deprecating
> it) and we don't need to decide if a userland CSPRNG is safe or not while still
> moving us to a situation that is far more likely to have users doing the right
> thing.

There is one use case that would be hit by that: the kid writing their
first rock-paper-scissors game.
A beginner who just learned the `if` statement isn't ready for a
discussion of cryptography vs. reproducible results, and
random.SystemRandom.random() would just become a magic incantation to
learn. It would feel like requiring sys.stdout.write() instead of
print().

Functions like paretovariate(), getstate(), or seed(), which require
some understanding of (pseudo)randomness, can be moved to a specific
class, but I don't think deprecating random(), randint(), randrange(),
choice(), and shuffle() would not be a good idea. Switching them to a
cryptographically safe RNG is OK from this perspective, though.