Sand Fox
-
Unsigned
Unsigned is a fixed (but arbitrary) length unsigned integer arithmetic library for native PHP. It was created as a helper for the Random Extension Polyfill to remove hard dependency on the GMP. It may be useful for weird arithmetic with shifts and unsigned overflows that is used in RNGS, encryptors, hashes, etc. (But it won't be cryptographically secure! Time based attacks are quite possible because of some optimizations) Performance greatly depends on the PHP version, with PHP 8.0+ it performs quite nicely, only slightly slower than GMP.
-
Polyfill for Random Extension
Announcing my new library, a polyfill for the new sexy
ext-randomfrom PHP 8.2 that I mentioned a couple of posts ago. It requires PHP 7.1+ and the GMP extension.There will be some limitations with the compatibility but it's already usable for most simple use cases. Grab it here: https://sandfox.dev/php/random-polyfill.html
Many thanks to Go Kudo for his work on the original extension.
-
Python Type Hints
Python type hints are garbage.
-
Early Look at PHP 8.2
It's a month before the feature freeze so we can predict what the release will look like. So far it seems like an underwhelming release without any killer features. It still has very nice language improvements.
These are the things I would like to highlight:
-
License Manager for Composer
I found myself in a need to filter away some licenses for my dependencies (AGPL, I'm looking at you). I've found a well known plugin for that: metasyntactical/composer-plugin-license-check.
The problem that I found with it is that it doesn't prevent you from installing blacklisted packages. I mean it was designed to do that but fails on Composer 2.0+.
I started investigating for the ways to fix that but ended up with a feature complete plugin. It also offers some more flexibility in the config.
Grab it here: https://sandfox.dev/php/composer-license-manager.html
-
No Discrimination
In these uneasy times I just want to remind to all these passionate activists around that there are other ethical points beyond any given "today thing" even when the today thing is truly horrible.
The Open Source Definition states that open-source software must comply with the following criteria:
5. No Discrimination Against Persons or Groups The license must not discriminate against any person or group of persons.
6. No Discrimination Against Fields of Endeavor The license must not restrict anyone from making use of the program in a specific field of endeavor. For example, it may not restrict the program from being used in a business, or from being used for genetic research.
So whether you are breaking these rules for fun or showing your political position, you should remember:
It is not as fun as it seems.
You are not hurting the people you hate, you are hurting the open-source community.
-
PHP 5: if (\false)
I was wondering why the typical class alias boilerplate code uses this weird backslash in
if (\false)like here for example.It turns out this code will wish you a happy debugging in PHP 5.3-5.6:
Not a very useful knowledge now but an interesting history fact.
-
PHP 8.1 Syntax Showcase
PHP 8.1 was released when I was suffering from COVID so I'm a bit late.
<?php enum Status { case OK; case Error; } #[SomeAttr(new SomeNestedAttr())] class TestTest { public function __construct( public readonly Status $status = Status::OK, private Logger $logger = new FileLogger(perm: 0o644), ) {} public function process(Iterator&Countable $value) { if (count($value) === 0) { $this->error(); } } public function error(): never { $this->logger->error('Error!'); exit; } } $test = new TestTest(); $arr1 = ['a' => new ArrayObject()]; $arr2 = ['b' => new ArrayIterator()]; $result = array_map($test->process(...), [...$arr1, ...$arr2]);
-
Torrent File 2.2
-
CVE-2021-41106
Nice, now I have my first CVE :D The one I've found, not the one I've created :D
If you're using
lcobucci/jwt, please upgrade.