All Versions
53
Latest Version
Avg Release Cycle
127 days
Latest Release
1282 days ago

Changelog History
Page 5

  • v1.0.4 Changes

    October 02, 2015

    ✂ Removed redundant if() checks, since lib/random.php is the entrypoint people should use.

  • v1.0.3 Changes

    October 02, 2015

    🚀 This release contains bug fixes contributed by the community.

    • Avoid a PHP Notice when PHP is running without the mbstring extension
    • ✅ Use a compatible version of PHPUnit for testing on older versions of PHP

    ⚡️ Although none of these bugs were outright security-affecting, updating ASAP is still strongly encouraged.

  • v1.0.2 Changes

    September 23, 2015

    Less strict input validation on random_int() parameters. PHP 7's random_int() accepts strings and floats that look like numbers, so we should too.

    Thanks @dd32 for correcting this oversight.

  • v1.0.1 Changes

    September 10, 2015

    👻 Instead of throwing an Exception immediately on insecure platforms, only do so when random_bytes() is invoked.

  • v1.0.0 Changes

    September 07, 2015

    Our API is now stable and forward-compatible with the CSPRNG features in PHP 7 (as of 7.0.0 RC3).

    A lot of great people have contributed their time and expertise to make this 🚀 compatibility library possible. That this library has reached a stable release is more a reflection on the community than it is on PIE.

    We are confident that random_compat will serve as the simplest and most secure CSPRNG interface available for PHP5 projects.

  • v0.9.7 Changes

    September 01, 2015

    An attempt to achieve compatibility with Error/TypeError in the RFC.

    🐎 This should be identical to 1.0.0 sans any last-minute changes or performance enhancements.

  • v0.9.6 Changes

    August 06, 2015
    • Split the implementations into their own file (for ease of auditing)
    • Corrected the file type check after /dev/urandom has been opened (thanks @narfbg and @jedisct1)

  • v0.9.5 Changes

    July 31, 2015
    • Validate that /dev/urandom is a character device
    • ✂ Remove support for /dev/arandom which is an old OpenBSD feature, thanks @jedisct1
    • Prevent race conditions on the filetype() check, thanks @jedisct1
    • 🐎 Buffer file reads to 8 bytes (performance optimization; PHP defaults to 8192 bytes)

  • v0.9.4 Changes

    July 27, 2015
    • ➕ Add logic to verify that /dev/arandom and /dev/urandom are actually devices.
    • Some clean-up in the comments

  • v0.9.3 Changes

    July 22, 2015

    🚀 Unless the Exceptions change to PHP 7 fails, this should be the last pre-release 🔖 version. If need be, we'll make one more pre-release version with compatible behavior.

    🔄 Changes since 0.9.2:

    • Prioritize /dev/arandom and /dev/urandom over mcrypt. 🚚 @oittaa removed the -1 and +1 juggling on $range calculations for random_int()
    • 👍 Whitespace and comment clean-up, plus better variable names
    • Actually put a description in the composer.json file...