Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Ban uniqid() from codebase #57588

New issue
Copy link
New issue
Copy link
Closed
#57856
Closed
Ban uniqid() from codebase#57588
#57856
Copy link
Labels
RFCRFC = Request For Comments (proposals about features that you want to be discussed)RFC = Request For Comments (proposals about features that you want to be discussed)
@derrabus

Description

@derrabus
derrabus
opened on Jun 28, 2024
Issue body actions

Description

Following #57542, I'd like to review our usages of the uniqid() function. It is currently considered for deprecation and removal.

I'm not sure if this the RFC for the deprecation will actually pass, but I agree with the motives behind that proposal. We should stop using that function.

We have quite a few usages in our codebase that can be clustered by the following concerns:

Generate a collision-free temporary file.

symfony/src/Symfony/Bridge/PsrHttpMessage/Factory/HttpFoundationFactory.php

Line 110 in 435f194

return tempnam(sys_get_temp_dir(), uniqid('symfony', true));

The tempnam() function should be good enough for this purpose. And if it's not, maybe we can add a safer replacement to the Filesystem component?

Generate a collision-free random value for tests

symfony/src/Symfony/Bridge/PsrHttpMessage/Tests/Factory/HttpFoundationFactoryTest.php

Line 175 in 6115ab0

$uniqid = uniqid();

It might be even better to work with a constant value in such situations.

Salt for a random string

symfony/src/Symfony/Bridge/Twig/NodeVisitor/TranslationDefaultDomainNodeVisitor.php

Line 117 in 6ce530c

return \sprintf('__internal_%s', hash('xxh128', uniqid(mt_rand(), true)));

We might as well just use random_bytes() in such situations.

Generate a collision-free identifier

symfony/src/Symfony/Component/Messenger/Bridge/Redis/Transport/Connection.php

Line 524 in 6ce530c

$id = uniqid('', true);

A UUIDv7 would probably be better suited in these cases. That would mean that we would need to pull symfony/uid as a dependency in several packages, but that seems reasonable to me.

Example

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    RFCRFC = Request For Comments (proposals about features that you want to be discussed)RFC = Request For Comments (proposals about features that you want to be discussed)

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      Morty Proxy This is a proxified and sanitized view of the page, visit original site.