Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove the use of mt_rand #5857

Merged
merged 1 commit into from
Mar 2, 2024
Merged

Remove the use of mt_rand #5857

merged 1 commit into from
Mar 2, 2024

Conversation

bbeversdorf
Copy link
Contributor

mt_rand does not generate cryptographically secure values (https://www.php.net/manual/en/function.mt-rand.php). This logic should be updated to follow best practices because this key should be random. Although the outcome is the same, because of the limited character set, it sets precedence to follow good security practices.

Remove the use of mt_rand
4fa8e5c 
`mt_rand` does not generate cryptographically secure values. This logic should be updated to follow best practices because this key should be random. Although the outcome is the same, because of the limited character set, it sets precedence to follow good security practices.
@weitzman
Copy link
Member

weitzman commented Feb 4, 2024

what does drupal 10 use? i'd like to call its routine, if possible.

@weitzman weitzman merged commit a6585cd into drush-ops:12.x Mar 2, 2024
2 checks passed
weitzman pushed a commit that referenced this pull request Mar 2, 2024
@weitzman
Remove the use of mt_rand (#5857)
35840da 
`mt_rand` does not generate cryptographically secure values. This logic should be updated to follow best practices because this key should be random. Although the outcome is the same, because of the limited character set, it sets precedence to follow good security practices.
@weitzman weitzman mentioned this pull request Mar 24, 2024
Merged
@weitzman weitzman mentioned this pull request Apr 25, 2024
Merged
@weitzman weitzman mentioned this pull request May 11, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@weitzman weitzman Awaiting requested review from weitzman weitzman is a code owner

@greg-1-anderson greg-1-anderson Awaiting requested review from greg-1-anderson greg-1-anderson is a code owner

Assignees
No one assigned
Labels
stat-needs-work
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@bbeversdorf @weitzman