std::rand docs and a new weak_rng function #8349
Closed
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The weak_rng as you can see in the docs is made to have a "no-thinking" way to get a fast rng for non-crypto purposes. I think RNG APIs should be as dumb-proof as possible to avoid any mistakes. It's good that the default rng is a secure one, but I don't want to force people to actually google the various algos to be able to know which to choose and possibly make a wrong choice. So if you need a fast non secure one you can use weak_rng. I think that makes sense.
Note that the comments I added do imply that the return value of the rng/weak_rng functions can change in the future. The reason is that if a better algorithm comes up in the future I think we should switch to that. Or at the very least if ISAAC is proven to be unsafe it should be swapped off for something else. Not allowing for this eventuality now means we'll end up with a broken old API that can not be changed for BC reasons and a new std::betterrand::rng() to try and fix that mess. Coming from PHP I have to deal with enough old mistakes that stick around for BC, so I'm trying to avoid this here :)