We just published a new release of Snuffleupagus, the 0.5.0, named Elephant Flats, after a mud flat in Antarctica, where some glorious Elephant seals are peacefully living.

This release was done by kkadosh, and doesn't come with any major new feature, but a couple of bugfixes, a lot of internal improvements, and a coverage now close to 100%!

Changelog

Improvements

• Tighten a bit a command-injection prevention rule in the default rules set
• Increased the portability of the testsuite
• Improved documentation
• Usual code cleanup
• Snuffleupagus will throw an informative error when compiled for PHP5
• Snuffleupagus will throw an informative error when compiled without PCRE support
• The testsuite is now run on Alpine, Fedora, Debian and Ubuntu.
• Some rules against now-known vulnerabilities/techniques were added

Bug fixes

• PHP7.4 is fully supported, without any compilation warning
• Snuffleupagus can now be used with PHP compiled without sessions support as a builtin (which is the case on Alpine).
• Fix a compilation warning on FreeBSD
• Cookies hardening is now supported on PHP7.3+

As usual, if you want to help, we have some low hanging fruits ♥

See you in your PHP stack!