Version 1.0.0

The PHP implementation of libsodium is now believed to be stable. We believe this to be the case due to several factors:

• Our unit test suite, which also includes a comprehensive (borderline pedantic) set of test cases to ensure compatibility with PECL libsodium
• All changes have been verified through Psalm (a static analysis tool) as part of our continuous integration
• An internal code review from our development team (not a substitute for an audit)

The last low-hanging fruit were whitespace issues that made the code slightly harder to read and verify.

Sodium Compat has not been audited by an independent third party. Some open source projects may not adopt this library until that situation changes. Audits are expensive, but well worth the expense.

Some general advice for PHP developers:

• If an audit were to be conducted and any vulnerabilities found, the only likely outcome is side-channels (e.g. cache timing leaks with OpCache) that are only a threat on PHP 7.1 and below without the PHP extension from PECL. Our inputs always produce valid outputs (as proven by our compatibility test suites).
• If you desire to use some of the new cryptography features in PHP 7.2 without requiring your users upgrade to 7.2, sodium_compat can provide a reasonable level of security for your users even without PECL.
• If security against local attackers (e.g. cross-VM attacks on cloud providers) is a huge concern, wait for PHP 7.2 or install the PHP extension from PECL and they should no longer be a concern.

We strongly recommend the PHP extension from PECL or PHP 7.2. But for all else, this should be adequate.

EDIT: Version 1.0.1 fixes a regression from a fix between 0.8.1 and 1.0.0 that only affects you if you're on PHP < 5.6.0.