2022年6月20日(月) 23:58 Nicolas Grekas <nicolas.grekas+...@gmail.com>:
> > An RFC has been created to fix an issue in Random Extension 5.x. > > > > https://wiki.php.net/rfc/random_extension_improvement > > > > Voting on this RFC will begin in two weeks (2022-07-02), in time for the > > PHP 8.2 Feature Freeze. (Vote finished in 2022-07-16, Feature Freeze is > > 2022-07-19) > > > > In the unlikely event that the Random Extension 5.x RFC is rejected, this > > RFC will become invalid regardless of the outcome of the vote. > > > > Hi, thanks for the update, that makes sense to me. > > I'm wondering: does Random\SerializableEngine extend Random\Engine? Can > this be mentioned in the RFC? If not, what about making it this way? Having > this interface only contain __(un)serialize would look strange to me, aka > too broad for the name and the purpose. > > I'm also wondering: is CombinedLCG worth it? I must admit I don't know when > I should use it instead of MT19937. > > Since the names are all super opaque to many of us, documentation should be > very clear about the use case of each implementation... (if can reduce the > number of implementations, that's even better :) ) > > Cheers, > Nicolas > Hi > Having this interface only contain __(un)serialize would look strange to me, aka > too broad for the name and the purpose. Indeed. This was designed back when the Serializable interface was still going strong, so it is already outdated. The OO approach to serialization no longer applies, and this may need to be eliminated. > CombinedLCG This is provided as an OOP implementation for the `lcg_value()` function, but I don't actually want it to be used anymore, so I probably shouldn't provide a class for it. And to begin with, the current CombinedLCG cannot even be seeded with arbitrary values. However, I think it needs to remain in the internal API either way. (The option of not providing it to userland is a valid one.) What do you think about the `Random\CryptoSecureEngine` interface? It is just a marker interface with no methods. However, I currently think it is better than adding a method like `isSecure(): bool` to the `Random\Engine`. Best regards Go Kudo
