I just published a new release of
Snuffleupagus,
the hardening module for php7+ and php8+,
version 0.11.0, codename "Mastodon",
named after the member of the genus Mammut that lived from the late Miocene to the early Holocene.
This release features a couple of new features, implemented by cgzones, as well as a couple of minor improvements.
Changelog
- Compatibility with PHP8.4
- Print key and value on INI violations
- Improve
scripts/generate_rules.phpwith regard to functions from global space prefixed with\ - Add option to specify the allowed "php" wrapper types
- Make 'phar' filenames work in
sp.disabled_functions - Improve the documentation
- Improve the default set of rules, especially with regard to portability
- Improve the Debian packaging
- Improve behaviour when dealing with broken configuration file
- Update the internal deprecation checks
- Don't whitelist files if the function name is actually a method of a class in
scripts/generate_rules.php - Ignore function definition in
scripts/generate_rules.php - Improve configuration dumping
- Fixed compilation on FreeBSD
As usual, if you want to help, we have some low hanging fruits ♥
See you in your PHP stack!