Session-Token reviews

RSS | Module Info

Session-Token (1.007)

Author here.

Thanks for your comments Dana.

- On windows I'm definitely planning on using Crypt::Random::Seed. I just need to get a windows VM up and running so I can test it (patches welcome).

- It's true that Session::Token doesn't itself include code for seeding from anything other than /dev/urandom. However, if you prefer to seed from another source, feel free to generate the seed data however you like and pass it in as the seed parameter to the Session::Token constructor.



Session-Token (1.007) *****


- Fast. Seriously fast.

- It does a small set of things very well.

- Great documentation.

- Author is very responsive.

- Author has looked closely at similar modules on CPAN.

- Completely self-contained if not on Win32.


- On Win32 you get a huge dependency chain. Crypt::URandom and Crypt::Random::Seed both do the Win32 API internally, avoiding Any::Moose and the rest of Crypt::Random::Source.

- The random source is unable to be changed from /dev/urandom. This is arguably a feature, as adding options can lead to mistakes or security issues; however it could be problematic for people who want or need a different source.