Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
Sodium Compat
Assessments

Sodium Compat Laravel Package

paragonie/sodium_compat

Pure-PHP polyfill for PHP’s Sodium (libsodium) cryptography API. Transparently uses the native sodium extension when available; otherwise falls back to a compatible implementation. v1 supports PHP 5.2+ incl. 32-bit; v2 targets PHP 8.1+ only.

View on GitHub
Deep Wiki
Context7

Product Decisions This Supports

  • Enables secure cryptography in environments where native libsodium is unavailable (e.g., shared hosting, legacy servers), eliminating environment-specific code paths.
  • Provides a consistent, audited API for encryption, authentication, and key management across all PHP versions, reducing security risks from custom implementations.
  • Supports a strategic build-vs-buy decision by leveraging a battle-tested, production-ready solution instead of building in-house crypto (which is error-prone and high-risk).
  • Facilitates roadmap planning for future upgrades to native ext/sodium with zero code changes, ensuring long-term maintainability and compliance.

When to Consider This Package

  • Adopt when your infrastructure lacks the ability to install native PHP extensions (e.g., restricted hosting, multi-tenant platforms) or when cross-environment consistency is critical (e.g., dev/staging/production parity).
  • When security compliance requires standardized, vetted cryptographic primitives without reinventing the wheel.
  • Avoid when all target environments can reliably install native libsodium (for optimal performance), or when your project already uses a different crypto library with no migration path (e.g., OpenSSL-only codebases).

How to Pitch It (Stakeholders)

  • Executives: "This package ensures our application uses industry-standard, audited cryptography without server modifications or infrastructure costs. It eliminates security risks from inconsistent crypto implementations across environments, directly protecting user data and meeting compliance requirements with minimal effort—no custom code, no new dependencies, just proven security out of the box."
  • Engineering: "It’s a drop-in polyfill that mirrors the native sodium_* API, so you can write crypto code once and run it everywhere. No environment-specific logic, no refactoring for production—same code works on shared hosting, cloud servers, or local dev. Switch to native ext/sodium later with zero code changes, backed by a 900+ star, security-reviewed library trusted by production systems."
Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
davejamesmiller/laravel-breadcrumbs
artisanry/parsedown
christhompsontldr/phpsdk
enqueue/dsn
bunny/bunny
enqueue/test
enqueue/null
enqueue/amqp-tools
milesj/emojibase
bower-asset/punycode
bower-asset/inputmask
bower-asset/jquery
bower-asset/yii2-pjax
laravel/nova
spatie/laravel-mailcoach
spatie/laravel-superseeder
laravel/liferaft
nst/json-test-suite
danielmiessler/sec-lists
jackalope/jackalope-transport