Anthony Ferrara

It's never used by itself as an entropy source. It's always paired with at least one or two others. It wasn't intended to provide strong randomness, just more entropy. And...

Looking at the implementation, I can't help but to see the similarities with the already added MicroTime Source: https://github.com/ircmaxell/RandomLib/blob/master/lib/RandomLib/Source/MicroTime.php#L67 It looks like it's doing basically the same thing, looping and...

Definitely. Haven't started thinking about string interpolation, but definitely like the idea of ruby/es6 expressions. The one other thing I'm thinking about is native support for Hack's XHP style embedded...

An additional mcrypt source (or two) can definitely be added. I wouldn't "replace" the dev/(u)random sources, but augment them. Additionally, if security is a concern, the server wouldn't be running...

Honestly, I trust mcrypt more than I do OpenSSL, having read the source code of both. Note: that's not an endorsement of mcrypt, but a hit on OpenSSL.

I will be deprecating random_compat. Use either RandomLib or https://github.com/paragonie/random_compat (which is a php7 compatibility pack). Random_compat was more of an experiment.

Well, it should be its own compatibility library that doesn't expose other APIs. I will however port RandomLib and others to use the new APIs internally :-)

yeah, that's sane. I thought someone was working on one already? I would be happy to do it (and host it). It's up to you.

I would base it on https://github.com/ircmaxell/random_compat

Note: you'll also need to modify `increaseBufferPointer()` in JsonStreamingParser.cpp, which also refers to BUFFER_MAX_LENGTH: ``` void JsonStreamingParser::increaseBufferPointer() { bufferPos = min(bufferPos + 1, BUFFER_MAX_LENGTH - 1); } ```