Changelog History
Page 5
-
v1.0.4 Changes
October 02, 2015✂ Removed redundant
if()
checks, sincelib/random.php
is the entrypoint people should use. -
v1.0.3 Changes
October 02, 2015🚀 This release contains bug fixes contributed by the community.
- Avoid a PHP Notice when PHP is running without the mbstring extension
- ✅ Use a compatible version of PHPUnit for testing on older versions of PHP
⚡️ Although none of these bugs were outright security-affecting, updating ASAP is still strongly encouraged.
-
v1.0.2 Changes
September 23, 2015Less strict input validation on
random_int()
parameters. PHP 7'srandom_int()
accepts strings and floats that look like numbers, so we should too.Thanks @dd32 for correcting this oversight.
-
v1.0.1 Changes
September 10, 2015👻 Instead of throwing an Exception immediately on insecure platforms, only do so when
random_bytes()
is invoked. -
v1.0.0 Changes
September 07, 2015Our API is now stable and forward-compatible with the CSPRNG features in PHP 7 (as of 7.0.0 RC3).
A lot of great people have contributed their time and expertise to make this 🚀 compatibility library possible. That this library has reached a stable release is more a reflection on the community than it is on PIE.
We are confident that random_compat will serve as the simplest and most secure CSPRNG interface available for PHP5 projects.
-
v0.9.7 Changes
September 01, 2015An attempt to achieve compatibility with Error/TypeError in the RFC.
🐎 This should be identical to 1.0.0 sans any last-minute changes or performance enhancements.
-
v0.9.6 Changes
August 06, 2015 -
v0.9.5 Changes
July 31, 2015- Validate that
/dev/urandom
is a character device- Reported by @lokdnet
- Investigated by @narfbg and frymaster on StackOverflow
- ✂ Remove support for
/dev/arandom
which is an old OpenBSD feature, thanks @jedisct1 - Prevent race conditions on the
filetype()
check, thanks @jedisct1 - 🐎 Buffer file reads to 8 bytes (performance optimization; PHP defaults to 8192 bytes)
- Validate that
-
v0.9.4 Changes
July 27, 2015- ➕ Add logic to verify that
/dev/arandom
and/dev/urandom
are actually devices. - Some clean-up in the comments
- ➕ Add logic to verify that
-
v0.9.3 Changes
July 22, 2015🚀 Unless the Exceptions change to PHP 7 fails, this should be the last pre-release 🔖 version. If need be, we'll make one more pre-release version with compatible behavior.
🔄 Changes since 0.9.2:
- Prioritize
/dev/arandom
and/dev/urandom
over mcrypt. 🚚 @oittaa removed the -1 and +1 juggling on$range
calculations forrandom_int()
- 👍 Whitespace and comment clean-up, plus better variable names
- Actually put a description in the composer.json file...
- Prioritize