{"id":2757,"library":"rstr","title":"rstr: Generate Random Strings","description":"rstr is a Python helper module designed for easily generating random strings of various types. It is suitable for applications such as fuzz testing, generating dummy data, or creating random values based on regular expressions. The library is currently at version 3.2.2 and is actively maintained.","status":"active","version":"3.2.2","language":"en","source_language":"en","source_url":"https://github.com/leapfrogonline/rstr","tags":["random string generation","regex","fuzz testing","data generation","utility"],"install":[{"cmd":"pip install rstr","lang":"bash","label":"Install stable version"}],"dependencies":[],"imports":[{"symbol":"rstr","correct":"import rstr"},{"symbol":"Rstr","correct":"from rstr import Rstr"},{"symbol":"xeger","correct":"from rstr import xeger"}],"quickstart":{"code":"import rstr\nfrom rstr import Rstr, xeger\nfrom random import SystemRandom\n\n# Generate a random string from a custom alphabet\nprint(f\"Random string from 'ABC': {rstr.rstr('ABC')}\")\n\n# Generate a fixed-length random string\nprint(f\"4-char string from '0123456789': {rstr.rstr('0123456789', 4)}\")\n\n# Generate a random string matching a regex pattern\nprint(f\"Random string matching '[a-z]{{5,10}}': {xeger(r'[a-z]{5,10}')}\")\n\n# Use a cryptographically secure random source for sensitive cases\ncs_rstr = Rstr(SystemRandom())\nprint(f\"Secure random string (16 hex chars): {cs_rstr.rstr('0123456789abcdef', 16)}\")","lang":"python","description":"Demonstrates basic random string generation, fixed-length generation, regex-based generation with `xeger`, and how to use a cryptographically secure random number generator."},"warnings":[{"fix":"For sensitive applications, initialize `Rstr` with `random.SystemRandom()`: `from rstr import Rstr; from random import SystemRandom; secure_rstr = Rstr(SystemRandom())`.","message":"By default, `rstr` uses Python's `random` module (Mersenne Twister), which is a pseudorandom number generator and is NOT cryptographically secure. Do not use default `rstr` for generating sensitive data like passwords or security tokens.","severity":"gotcha","affected_versions":"All versions"},{"fix":"Simplify regex patterns where possible, or consider using `star_plus_limit` argument of `Xeger` class to control repetition bounds more strictly for performance-critical scenarios. Profile performance with your specific patterns..","message":"The `xeger()` function, which generates strings from regular expressions, can be very slow for complex or ambiguous regex patterns, as it may take a long time to find matching strings.","severity":"gotcha","affected_versions":"All versions"},{"fix":"You can explicitly set the `star_plus_limit` when creating an `Xeger` instance to change this upper bound: `xeger_instance = Xeger(star_plus_limit=200); xeger_instance.xeger(r'a*')`..","message":"When using `xeger()`, the `*` (zero or more) and `+` (one or more) metacharacters are not truly infinite. They have an arbitrary upper bound of 100 repetitions by default, which might not match expectations for very long strings. The maximum possible is 65535.","severity":"gotcha","affected_versions":"All versions"},{"fix":"Ensure your project runs on Python 3.7 or newer. If Python 2.x compatibility is required, you must use an older `rstr` version (e.g., <3.0.0), which is not recommended due to lack of maintenance..","message":"Version 3.0.0 of `rstr` dropped support for Python 2.x. Attempts to use versions 3.x on Python 2.x environments will result in import errors or other incompatibilities.","severity":"breaking","affected_versions":">=3.0.0"}],"env_vars":null,"last_verified":"2026-04-10T00:00:00.000Z","next_check":"2026-07-09T00:00:00.000Z"}