diff -r be944660c56a -r 3d72ae0968f4 wp/wp-includes/random_compat/random.php
--- a/wp/wp-includes/random_compat/random.php	Wed Sep 21 18:19:35 2022 +0200
+++ b/wp/wp-includes/random_compat/random.php	Tue Sep 27 16:37:53 2022 +0200
@@ -3,12 +3,12 @@
  * Random_* Compatibility Library
  * for using the new PHP 7 random_* API in PHP 5 projects
  *
- * @version 2.0.10
- * @released 2017-03-13
+ * @version 2.0.17
+ * @released 2018-07-04
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015 - 2017 Paragon Initiative Enterprises
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -54,9 +54,9 @@
 
 $RandomCompatDIR = dirname(__FILE__);
 
-require_once $RandomCompatDIR . '/byte_safe_strings.php';
-require_once $RandomCompatDIR . '/cast_to_int.php';
-require_once $RandomCompatDIR . '/error_polyfill.php';
+require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'byte_safe_strings.php';
+require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'cast_to_int.php';
+require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'error_polyfill.php';
 
 if (!is_callable('random_bytes')) {
     /**
@@ -76,9 +76,9 @@
     if (extension_loaded('libsodium')) {
         // See random_bytes_libsodium.php
         if (PHP_VERSION_ID >= 50300 && is_callable('\\Sodium\\randombytes_buf')) {
-            require_once $RandomCompatDIR . '/random_bytes_libsodium.php';
+            require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_libsodium.php';
         } elseif (method_exists('Sodium', 'randombytes_buf')) {
-            require_once $RandomCompatDIR . '/random_bytes_libsodium_legacy.php';
+            require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_libsodium_legacy.php';
         }
     }
 
@@ -117,7 +117,7 @@
             // place, that is not helpful to us here.
 
             // See random_bytes_dev_urandom.php
-            require_once $RandomCompatDIR . '/random_bytes_dev_urandom.php';
+            require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_dev_urandom.php';
         }
         // Unset variables after use
         $RandomCompat_basedir = null;
@@ -159,7 +159,7 @@
         extension_loaded('mcrypt')
     ) {
         // See random_bytes_mcrypt.php
-        require_once $RandomCompatDIR . '/random_bytes_mcrypt.php';
+        require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_mcrypt.php';
     }
     $RandomCompatUrandom = null;
 
@@ -182,9 +182,10 @@
         if (!in_array('com', $RandomCompat_disabled_classes)) {
             try {
                 $RandomCompatCOMtest = new COM('CAPICOM.Utilities.1');
-                if (method_exists($RandomCompatCOMtest, 'GetRandom')) {
+                /** @psalm-suppress TypeDoesNotContainType */
+                if (is_callable(array($RandomCompatCOMtest, 'GetRandom'))) {
                     // See random_bytes_com_dotnet.php
-                    require_once $RandomCompatDIR . '/random_bytes_com_dotnet.php';
+                    require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_com_dotnet.php';
                 }
             } catch (com_exception $e) {
                 // Don't try to use it.
@@ -203,8 +204,9 @@
          * and hope the developer won't let it fail silently.
          *
          * @param mixed $length
-         * @return void
+         * @psalm-suppress InvalidReturnType
          * @throws Exception
+         * @return string
          */
         function random_bytes($length)
         {
@@ -212,12 +214,13 @@
             throw new Exception(
                 'There is no suitable CSPRNG installed on your system'
             );
+            return '';
         }
     }
 }
 
 if (!is_callable('random_int')) {
-    require_once $RandomCompatDIR . '/random_int.php';
+    require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_int.php';
 }
 
 $RandomCompatDIR = null;