coolify/tests/Unit/InsecurePrngArchTest.php

<?php

/**
 * Architecture tests to prevent use of insecure PRNGs in application code.
 *
 * mt_rand() and rand() are not cryptographically secure. Use random_int()
 * or random_bytes() instead for any security-sensitive context.
 *
 * @see GHSA-33rh-4c9r-74pf
 */
arch('app code must not use mt_rand')
    ->expect('App')
    ->not->toUse(['mt_rand', 'mt_srand']);

arch('app code must not use rand')
    ->expect('App')
    ->not->toUse(['rand', 'srand']);
refactor: use random_int() for email change verification codes Replace mt_rand/rand with random_int for stronger randomness guarantees in verification code generation and Blade component keying. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-03-28 11:25:54 +00:00			`<?php`

			`/**`
			`* Architecture tests to prevent use of insecure PRNGs in application code.`
			`*`
			`* mt_rand() and rand() are not cryptographically secure. Use random_int()`
			`* or random_bytes() instead for any security-sensitive context.`
			`*`
			`* @see GHSA-33rh-4c9r-74pf`
			`*/`
			`arch('app code must not use mt_rand')`
			`->expect('App')`
			`->not->toUse(['mt_rand', 'mt_srand']);`

			`arch('app code must not use rand')`
			`->expect('App')`
			`->not->toUse(['rand', 'srand']);`