Random Compat Laravel Package

• Fix #175 - Fix CAPICOM usage on Windows
• Widen PHPUnit version range
• Test PHP 8.1 in GitHub Actions (thanks @jrfnl!)
• Fix unit tests on PHP 8.1

• Switched from Travis CI to Github Actions
• Minor whitespace change (never-ending Scrutinizer suggestion)

• Adds support for PHP 8 projects in Composer constraint
• Fixes Travis CI for future development (Note: This required largely disabling Psalm.)

• If /dev/urandom cannot be read on Unix-based operating systems, a Exception with a specific error message will be thrown.
• Fixed Psalm nits.
• Updated the README to include a reference to the support contract offering by Paragon Initiative Enterprises.

• Version 2.0.16 failed Psalm checks on PHP v5.6 with Psalm v1. We could not reproduce this failure locally, so we've suppressed the MissingReturnType check (that is to say, demoted it to "info").

• Fixed type-checking consistencies that forced us to use Psalm in non-strict mode (i.e. totallyTyped="false").
• README cleanup, added a header to the Version 9.99.99 section.
  • If you're confused by v9.99.99 and it's causing stuff to break, see this section of the README for the solution to your problem.
• Trimmed down and annotated our psalm.xml file with explanations for why each assertion is suppressed.

• A reported, but difficult to reproduce, problem with file inclusion on some Windows machines was fixed by replacing / with DIRECTORY_SEPARATOR. For most users (i.e. not running Windows) this change should be of zero consequence. For everyone else, it should mean random_compat magically works when it didn't before.

• Update version information.
• Updated README with better instructions, including new information about the v9.99.99 tag.

• #139 - Add polyfill keyword to composer.json
• Ensure the docblocks are consistent to aid static analysis efforts in other libraries; see https://github.com/paragonie/random_compat/commit/cbe0b11b78140bc62a921fec33a730fdaa6540d6

• Fix version number in constant in lib/random.php
• Upgrade your dependency from ^1 to ^1|^2 if you want other changes (i.e. better compatibility with type-safety), because the v2 branch is where most of the development effort is focused. Continued support for v1.x is considered "only for emergencies".

• Minor docblock issue that's breaking Psalm downstream.

• Minor docblock corrections.
• Re-issuing a PHP Archive to attempt to address an issue with the Phar provided. See #134.

• Mcrypt can now be used on PHP < 5.3.7 if you're not on Windows.
• Minor boyscouting changes.

Backported changes from version 2:

• Version 2.0.10 - 2017-03-13
  • Mcrypt can now be used on PHP < 5.3.7 if you're not on Windows.
• Version 2.0.9 - 2017-03-03
  • More Psalm integration fixes.
• Version 2.0.8 - 2017-03-03
  • Prevent function already declared error for random_int() caused by misusing the library (really you should only ever include lib/random.php and never any of the other files). See #125.
• Version 2.0.6, 2.0.7 - 2017-02-27
  • Just updates to psalm.xml to silence false positives.
• Version 2.0.5 - 2017-02-27
  • Run random_compat through the static analysis tool, psalm, as part of our continuous integration process.
  • Minor readability enhancements (#122 and several docblock changes).
• Version 2.0.4 - 2016-11-07
  • Don't unnecessarily prevent mcrypt_create_iv() from being used. See #111.
• Version 2.0.3 - 2016-10-17
  • Updated lib/error_polyfill.php to resolve corner cases.
  • The README was updated to help users troubleshoot and fix insecure environments.
  • Tags will now be signed by the GnuPG key used by the security team at Paragon Initiative Enterprises, LLC.
• Version 2.0.2 - 2016-04-03
  • Added a consistency check (discovered by Taylor Hornby in his PHP encryption library). It wasn't likely causing any trouble for us.

More Psalm integration fixes.

Prevent function already declared error for random_int() caused by misusing the library (really you should only ever include lib/random.php and never any of the other files). See #125.

Apparently psalm locally works, but psalm on Travis CI likes to randomly fail to recognize that a constant exists when it does.

Yeah.... no.

I didn't bother updating the changelog. It's a ditto for 2.0.6.

• Just an update to psalm.xml to silence false positives.

• Run random_compat through the static analysis tool, psalm, as part of our continuous integration process.
• Minor readability enhancements (#122 and several docblock changes).

• Don't unnecessarily prevent mcrypt_create_iv() from being used. See #111.

Please speak up if this change causes issues for you.

• Updated lib/error_polyfill.php to resolve corner cases.
• The README was updated to help users troubleshoot and fix insecure environments.
• Tags will now be signed by the GnuPG key used by the security team at Paragon Initiative Enterprises, LLC.

Added a consistency check (discovered by Taylor Hornby in his PHP encryption library). It wasn't likely causing any trouble for us.

Update comment in random.php

Update comment in random.php

Due to downstream errors, the OpenSSL removal now belongs in version 2.0.0.

Restored OpenSSL in the version 1 branch in preparation to remove OpenSSL in version 2.

• Add more possible values to open_baseir check. Thanks @narfbg

• Add more possible values to open_baseir check. Thanks @narfbg

Removed openssl_random_pseudo_bytes() entirely. If you are using random_compat in PHP on a Unix-like OS but cannot access /dev/urandom, version 1.3+ will throw an Exception. If you want to trust OpenSSL, feel free to write your own fallback code. e.g.

try {
    $bytes = random_bytes(32);
} catch (Exception $ex) {
    $strong = false;
    $bytes = openssl_random_pseudo_bytes(32, $strong);
    if (!$strong) {
        throw $ex;
    }
}

• To prevent applications from hanging, if /dev/urandom is not accessible to PHP, skip mcrypt (which just fails before giving OpenSSL a chance and was morally equivalent to not offering OpenSSL at all).