Hi,
XAMPP 7.2 with PHP 7.2 on board is out which is absolutely great. Thank you very much for such a quick release, especially that PHP 7.2 introduces several great and important improvements.
One of them is the inclusion of the new cryptography library (libsodium, a fork of the highly praised NaCl [1]) as a core feature of PHP (meaning it is automatically loaded and active) [2]. This is accompanied by the total removal of obsolete mcrypt functions. Unfortunately, the version of PHP provided with the latest release of XAMPP has been compiled WITHOUT libsodium [3]. This means that the only remaining library for crypto is OpenSSL, considered by many as not completely safe (i.e. its pseudorandom byte generator functions).
Does anyone know:
1) if the omission of the libsodium in the latest release of XAMPP was on purpose
2) whether there is any chance to have it included in the next releases?
[1] https://dev.to/paragonie/php-72-the-first-programming-language-to-add-modern-cryptography-to-its-standard-library
[2] http://php.net/manual/en/sodium.setup.php
[3] https://stackoverflow.com/questions/45755795/using-libsodium-in-php-7-2
Best,
Adam
PS. I do know that libsodium can be loaded as PECL extension, but I would like to specifically ask about its inclusion as a PHP core library.