Skip to content

fix(deps): update dependency paragonie/constant_time_encoding to v3#54

Open
descope[bot] wants to merge 1 commit intomainfrom
renovate/paragonie-constant_time_encoding-3.x
Open

fix(deps): update dependency paragonie/constant_time_encoding to v3#54
descope[bot] wants to merge 1 commit intomainfrom
renovate/paragonie-constant_time_encoding-3.x

Conversation

@descope
Copy link
Contributor

@descope descope bot commented May 9, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change OpenSSF
paragonie/constant_time_encoding require major 2.7.03.1.3 OpenSSF Scorecard

Release Notes

paragonie/constant_time_encoding (paragonie/constant_time_encoding)

v3.1.3: Version 3.1.3

Compare Source

This release fixes a bug with base64 codecs when ext-sodium installed.

What's Changed

New Contributors

Full Changelog: paragonie/constant_time_encoding@v3.1.2...v3.1.3

v3.1.2: Version 3.1.2

Compare Source

Thanks @​TimWolla for identifying a performance hit caused by attempting to find global functions such as strlen() in the current namespace before the global namespace.

What's Changed

Full Changelog: paragonie/constant_time_encoding@v3.1.1...v3.1.2

v3.1.1: Version 3.1.1

Compare Source

What's Changed

  • Remove mbstring.func_overload compatibility layer by @​TimWolla in #​58
  • Fixed #​27 by making the test less redundant.

Full Changelog: paragonie/constant_time_encoding@v3.1.0...v3.1.1

v3.1.0: Version 3.1.0

Compare Source

Important: If you enable ext-sodium, some codecs will now be faster with our library: hex, base64, base64url. This requires the actual extension be installed; sodium_compat will not provide these implementations.

As with the recent sodium_compat release, this library now incorporates fuzz-testing and mutation testing as part of our development strategy. Fuzz testing is enabled on pull requests; mutation tests on releases.

The current metrics for a mutation test run (using the latest version of Infection):

 1782 mutations were generated:
    1470 mutants were killed by Test Framework
     296 covered mutants were not detected
       5 errors were encountered
      11 time outs were encountered
Metrics:
         Mutation Code Coverage: 100%
         Covered Code MSI: 83%

We set the minimum MSI for covered code to 80% by policy, but will slowly be increasing it in future releases.

What's Changed

Full Changelog: paragonie/constant_time_encoding@v3.0.0...v3.1.0

v3.0.0: Version 3.0.0

Compare Source

  • New major bump due to increased minimum PHP requirements (from PHP 7 to PHP 8)
  • Supports PHP 8.4 without deprecation warnings for implicit null

v2.8.2: Version 2.8.2

Compare Source

Backported fix from https://github.com/paragonie/constant_time_encoding/releases/tag/v3.1.3

What's Changed

Full Changelog: paragonie/constant_time_encoding@v2.8.1...v2.8.2

v2.8.1: Version 2.8.1

Compare Source

I'm going to continue backporting important fixes to v2.x for PHP 7 support while there is still significant v2 usage.

What's Changed

Full Changelog: paragonie/constant_time_encoding@v2.8.0...v2.8.1

v2.8.0: Version 2.8.0

Compare Source

This release backports the ext-sodium performance enhancement from v3.1.0.

What's Changed

Full Changelog: paragonie/constant_time_encoding@v2.7.0...v2.8.0

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Never, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@descope descope bot added the renovate label May 9, 2025
@descope descope bot requested a review from gaokevin1 as a code owner May 9, 2025 19:07
@descope descope bot enabled auto-merge (squash) May 9, 2025 19:07
@descope descope bot force-pushed the renovate/paragonie-constant_time_encoding-3.x branch from ddd218c to 8044cd5 Compare June 26, 2025 16:51
@descope descope bot force-pushed the renovate/paragonie-constant_time_encoding-3.x branch from 8044cd5 to bb539b1 Compare July 1, 2025 16:14
@descope descope bot force-pushed the renovate/paragonie-constant_time_encoding-3.x branch from bb539b1 to 264b38a Compare July 4, 2025 07:28
@descope descope bot force-pushed the renovate/paragonie-constant_time_encoding-3.x branch from 264b38a to 78ac558 Compare July 15, 2025 17:38
descope-approve[bot]
descope-approve bot previously approved these changes Jul 15, 2025
View reviewed changes
@descope descope bot force-pushed the renovate/paragonie-constant_time_encoding-3.x branch 3 times, most recently from 3a19908 to 6e827cd Compare October 15, 2025 01:34
@descope descope bot force-pushed the renovate/paragonie-constant_time_encoding-3.x branch from 6e827cd to 446c77f Compare October 15, 2025 16:34
@descope descope bot removed the renovate label Feb 17, 2026
@descope descope bot changed the title fix(deps): update dependency paragonie/constant_time_encoding to v3 chore(deps): update dependency paragonie/constant_time_encoding to v3 Feb 17, 2026
@descope descope bot added the renovate label Feb 17, 2026
@descope descope bot changed the title chore(deps): update dependency paragonie/constant_time_encoding to v3 fix(deps): update dependency paragonie/constant_time_encoding to v3 Feb 17, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@descope-approve descope-approve[bot] descope-approve[bot] left review comments

@gaokevin1 gaokevin1 Awaiting requested review from gaokevin1 gaokevin1 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

renovate

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants