semgrep · p4p3r · Nov 20, 2024 · Nov 20, 2024
diff --git a/python/lang/security/insecure-uuid-version.yaml b/python/lang/security/insecure-uuid-version.yaml
@@ -2,7 +2,7 @@ rules:
   - id: insecure-uuid-version
     patterns:
       - pattern: uuid.uuid1(...)
-    message: |
+    message: >-
       Using UUID version 1 for UUID generation can lead to predictable UUIDs based on system information (e.g., MAC address, timestamp). This may lead to security risks such as the sandwich attack. Consider using `uuid.uuid4()` instead for better randomness and security.
     metadata:
       references:
@@ -30,4 +30,4 @@ rules:
     fix-regex:
       regex: uuid1
       replacement: uuid4
-
+