minor #4709 Add caution note for random function usage (xelan)

fabpot · fabpot · commit 2996f0b4274b · 2025-11-04T14:12:13.000+01:00
This PR was merged into the 3.x branch. Discussion ---------- Add caution note for random function usage See https://www.php.net/manual/en/function.array-rand.php and https://www.php.net/manual/en/function.mt-rand.php. Users should know that the Twig function is a convenience feature, but unusable e.g. for serious gaming/gambling apps due to the potential predictability and limited value range. Commits ------- 02c5a4b Add caution note for random function usage
diff --git a/doc/functions/random.rst b/doc/functions/random.rst
@@ -10,6 +10,11 @@ parameter type:
 * a random integer between the integer parameter (when negative) and 0 (inclusive).
 * a random integer between the first integer and the second integer parameter (inclusive).
 
+.. caution::
+
+    The ``random`` function does not produce cryptographically secure random numbers.
+    Do not use them for purposes that require returned values to be unguessable. 
+
 .. code-block:: twig
 
     {{ random(['apple', 'orange', 'citrus']) }} {# example output: orange #}
