Want to make PHP's exceptions more helpful to your users, even if they're speaking to it over a JSON API or command line script? github.com/paragonie/corn… Note: v1.x of this library targets EOL versions of PHP. You'll ideally want to use version 2 at a minimum.

But anyway, consider this a holiday gift to the PHP community. (I might have proposed it to FIG, if I were a member, and wasn't wary of endless bikeshedding.)

Fun activity:

Go through the plugins/extensions/whathaveyou for your favorite CMS/framework (especially eCommerce) and see which ones disable certificate validation for HTTPS requests.

paragonie.com/blog/2017/10/c… Plugins for payment gateways that disable either are worth 5 points, unless they disable both, in which case they're worth 20 points.

Let's talk about some of the open source libraries that @ParagonIE has created over the years to make it easier to make secure PHP applications.

paragonie.com/software First, the polyfill libraries:

random_compat exists so that your framework can use the newer PHP 7 CSPRNG API even if they support PHP 5. It's used by a lot of projects, including WordPress.

github.com/paragonie/rand…

I've drafted several blog posts in the past week and scrapped them all. None of them feel important enough to write about, let alone publish. This isn't coming from a position of writer's block. This is coming from a position of empathy. Time is precious, and I hate to waste anyone's.