diff --git a/wp-includes/random_compat/byte_safe_strings.php b/wp-includes/random_compat/byte_safe_strings.php
index 3de86b223c..ef24488f9e 100644
--- a/wp-includes/random_compat/byte_safe_strings.php
+++ b/wp-includes/random_compat/byte_safe_strings.php
@@ -5,7 +5,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015 - 2017 Paragon Initiative Enterprises
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -28,8 +28,9 @@
 
 if (!is_callable('RandomCompat_strlen')) {
     if (
-        defined('MB_OVERLOAD_STRING') &&
-        ini_get('mbstring.func_overload') & MB_OVERLOAD_STRING
+        defined('MB_OVERLOAD_STRING')
+            &&
+        ((int) ini_get('mbstring.func_overload')) & MB_OVERLOAD_STRING
     ) {
         /**
          * strlen() implementation that isn't brittle to mbstring.func_overload
@@ -82,8 +83,8 @@ if (!is_callable('RandomCompat_substr')) {
 
     if (
         defined('MB_OVERLOAD_STRING')
-        &&
-        ini_get('mbstring.func_overload') & MB_OVERLOAD_STRING
+            &&
+        ((int) ini_get('mbstring.func_overload')) & MB_OVERLOAD_STRING
     ) {
         /**
          * substr() implementation that isn't brittle to mbstring.func_overload
@@ -93,7 +94,7 @@ if (!is_callable('RandomCompat_substr')) {
          *
          * @param string $binary_string
          * @param int $start
-         * @param int $length (optional)
+         * @param int|null $length (optional)
          *
          * @throws TypeError
          *
@@ -118,6 +119,7 @@ if (!is_callable('RandomCompat_substr')) {
                  * mb_substr($str, 0, NULL, '8bit') returns an empty string on
                  * PHP 5.3, so we have to find the length ourselves.
                  */
+                /** @var int $length */
                 $length = RandomCompat_strlen($binary_string) - $start;
             } elseif (!is_int($length)) {
                 throw new TypeError(
@@ -133,7 +135,12 @@ if (!is_callable('RandomCompat_substr')) {
                 return '';
             }
 
-            return (string) mb_substr($binary_string, $start, $length, '8bit');
+            return (string) mb_substr(
+                (string) $binary_string,
+                (int) $start,
+                (int) $length,
+                '8bit'
+            );
         }
 
     } else {
@@ -145,7 +152,7 @@ if (!is_callable('RandomCompat_substr')) {
          *
          * @param string $binary_string
          * @param int $start
-         * @param int $length (optional)
+         * @param int|null $length (optional)
          *
          * @throws TypeError
          *
@@ -172,10 +179,17 @@ if (!is_callable('RandomCompat_substr')) {
                     );
                 }
 
-                return (string) substr($binary_string, $start, $length);
+                return (string) substr(
+                    (string )$binary_string,
+                    (int) $start,
+                    (int) $length
+                );
             }
 
-            return (string) substr($binary_string, $start);
+            return (string) substr(
+                (string) $binary_string,
+                (int) $start
+            );
         }
     }
 }
diff --git a/wp-includes/random_compat/cast_to_int.php b/wp-includes/random_compat/cast_to_int.php
index 9a4fab9919..1b1bbfe8de 100644
--- a/wp-includes/random_compat/cast_to_int.php
+++ b/wp-includes/random_compat/cast_to_int.php
@@ -5,7 +5,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015 - 2017 Paragon Initiative Enterprises
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -27,19 +27,19 @@
  */
 
 if (!is_callable('RandomCompat_intval')) {
-    
+
     /**
      * Cast to an integer if we can, safely.
-     * 
+     *
      * If you pass it a float in the range (~PHP_INT_MAX, PHP_INT_MAX)
      * (non-inclusive), it will sanely cast it to an int. If you it's equal to
      * ~PHP_INT_MAX or PHP_INT_MAX, we let it fail as not an integer. Floats 
      * lose precision, so the <= and => operators might accidentally let a float
      * through.
-     * 
+     *
      * @param int|float $number    The number we want to convert to an int
      * @param bool      $fail_open Set to true to not throw an exception
-     * 
+     *
      * @return float|int
      * @psalm-suppress InvalidReturnType
      *
@@ -50,14 +50,16 @@ if (!is_callable('RandomCompat_intval')) {
         if (is_int($number) || is_float($number)) {
             $number += 0;
         } elseif (is_numeric($number)) {
+            /** @psalm-suppress InvalidOperand */
             $number += 0;
         }
+        /** @var int|float $number */
 
         if (
             is_float($number)
-            &&
+                &&
             $number > ~PHP_INT_MAX
-            &&
+                &&
             $number < PHP_INT_MAX
         ) {
             $number = (int) $number;
diff --git a/wp-includes/random_compat/error_polyfill.php b/wp-includes/random_compat/error_polyfill.php
index 6a91990ce6..c02c5c8b4c 100644
--- a/wp-includes/random_compat/error_polyfill.php
+++ b/wp-includes/random_compat/error_polyfill.php
@@ -1,12 +1,12 @@
 <?php
 /**
- * Random_* Compatibility Library 
+ * Random_* Compatibility Library
  * for using the new PHP 7 random_* API in PHP 5 projects
- * 
+ *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015 - 2017 Paragon Initiative Enterprises
- * 
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
+ *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
  * in the Software without restriction, including without limitation the rights
@@ -30,7 +30,7 @@ if (!class_exists('Error', false)) {
     // We can't really avoid making this extend Exception in PHP 5.
     class Error extends Exception
     {
-        
+
     }
 }
 
@@ -38,12 +38,12 @@ if (!class_exists('TypeError', false)) {
     if (is_subclass_of('Error', 'Exception')) {
         class TypeError extends Error
         {
-            
+
         }
     } else {
         class TypeError extends Exception
         {
-            
+
         }
     }
 }
diff --git a/wp-includes/random_compat/random.php b/wp-includes/random_compat/random.php
index df74c8a4b6..9429ec3018 100644
--- a/wp-includes/random_compat/random.php
+++ b/wp-includes/random_compat/random.php
@@ -3,12 +3,12 @@
  * Random_* Compatibility Library
  * for using the new PHP 7 random_* API in PHP 5 projects
  *
- * @version 2.0.10
- * @released 2017-03-13
+ * @version 2.0.17
+ * @released 2018-07-04
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015 - 2017 Paragon Initiative Enterprises
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -54,9 +54,9 @@ if (!defined('RANDOM_COMPAT_READ_BUFFER')) {
 
 $RandomCompatDIR = dirname(__FILE__);
 
-require_once $RandomCompatDIR . '/byte_safe_strings.php';
-require_once $RandomCompatDIR . '/cast_to_int.php';
-require_once $RandomCompatDIR . '/error_polyfill.php';
+require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'byte_safe_strings.php';
+require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'cast_to_int.php';
+require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'error_polyfill.php';
 
 if (!is_callable('random_bytes')) {
     /**
@@ -76,9 +76,9 @@ if (!is_callable('random_bytes')) {
     if (extension_loaded('libsodium')) {
         // See random_bytes_libsodium.php
         if (PHP_VERSION_ID >= 50300 && is_callable('\\Sodium\\randombytes_buf')) {
-            require_once $RandomCompatDIR . '/random_bytes_libsodium.php';
+            require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_libsodium.php';
         } elseif (method_exists('Sodium', 'randombytes_buf')) {
-            require_once $RandomCompatDIR . '/random_bytes_libsodium_legacy.php';
+            require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_libsodium_legacy.php';
         }
     }
 
@@ -117,7 +117,7 @@ if (!is_callable('random_bytes')) {
             // place, that is not helpful to us here.
 
             // See random_bytes_dev_urandom.php
-            require_once $RandomCompatDIR . '/random_bytes_dev_urandom.php';
+            require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_dev_urandom.php';
         }
         // Unset variables after use
         $RandomCompat_basedir = null;
@@ -159,7 +159,7 @@ if (!is_callable('random_bytes')) {
         extension_loaded('mcrypt')
     ) {
         // See random_bytes_mcrypt.php
-        require_once $RandomCompatDIR . '/random_bytes_mcrypt.php';
+        require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_mcrypt.php';
     }
     $RandomCompatUrandom = null;
 
@@ -182,9 +182,10 @@ if (!is_callable('random_bytes')) {
         if (!in_array('com', $RandomCompat_disabled_classes)) {
             try {
                 $RandomCompatCOMtest = new COM('CAPICOM.Utilities.1');
-                if (method_exists($RandomCompatCOMtest, 'GetRandom')) {
+                /** @psalm-suppress TypeDoesNotContainType */
+                if (is_callable(array($RandomCompatCOMtest, 'GetRandom'))) {
                     // See random_bytes_com_dotnet.php
-                    require_once $RandomCompatDIR . '/random_bytes_com_dotnet.php';
+                    require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_bytes_com_dotnet.php';
                 }
             } catch (com_exception $e) {
                 // Don't try to use it.
@@ -203,8 +204,9 @@ if (!is_callable('random_bytes')) {
          * and hope the developer won't let it fail silently.
          *
          * @param mixed $length
-         * @return void
+         * @psalm-suppress InvalidReturnType
          * @throws Exception
+         * @return string
          */
         function random_bytes($length)
         {
@@ -212,12 +214,13 @@ if (!is_callable('random_bytes')) {
             throw new Exception(
                 'There is no suitable CSPRNG installed on your system'
             );
+            return '';
         }
     }
 }
 
 if (!is_callable('random_int')) {
-    require_once $RandomCompatDIR . '/random_int.php';
+    require_once $RandomCompatDIR.DIRECTORY_SEPARATOR.'random_int.php';
 }
 
 $RandomCompatDIR = null;
diff --git a/wp-includes/random_compat/random_bytes_com_dotnet.php b/wp-includes/random_compat/random_bytes_com_dotnet.php
index fc1926e5ca..537d02b27a 100644
--- a/wp-includes/random_compat/random_bytes_com_dotnet.php
+++ b/wp-includes/random_compat/random_bytes_com_dotnet.php
@@ -1,22 +1,22 @@
 <?php
 /**
- * Random_* Compatibility Library 
+ * Random_* Compatibility Library
  * for using the new PHP 7 random_* API in PHP 5 projects
- * 
+ *
  * The MIT License (MIT)
- * 
- * Copyright (c) 2015 - 2017 Paragon Initiative Enterprises
- * 
+ *
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
+ *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
  * in the Software without restriction, including without limitation the rights
  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  * copies of the Software, and to permit persons to whom the Software is
  * furnished to do so, subject to the following conditions:
- * 
+ *
  * The above copyright notice and this permission notice shall be included in
  * all copies or substantial portions of the Software.
- * 
+ *
  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -41,6 +41,7 @@ if (!is_callable('random_bytes')) {
     function random_bytes($bytes)
     {
         try {
+            /** @var int $bytes */
             $bytes = RandomCompat_intval($bytes);
         } catch (TypeError $ex) {
             throw new TypeError(
@@ -54,12 +55,14 @@ if (!is_callable('random_bytes')) {
             );
         }
 
+        /** @var string $buf */
         $buf = '';
         if (!class_exists('COM')) {
             throw new Error(
                 'COM does not exist'
             );
         }
+        /** @var COM $util */
         $util = new COM('CAPICOM.Utilities.1');
         $execCount = 0;
 
@@ -68,12 +71,12 @@ if (!is_callable('random_bytes')) {
          * get N bytes of random data, then CAPICOM has failed us.
          */
         do {
-            $buf .= base64_decode($util->GetRandom($bytes, 0));
+            $buf .= base64_decode((string) $util->GetRandom($bytes, 0));
             if (RandomCompat_strlen($buf) >= $bytes) {
                 /**
                  * Return our random entropy buffer here:
                  */
-                return RandomCompat_substr($buf, 0, $bytes);
+                return (string) RandomCompat_substr($buf, 0, $bytes);
             }
             ++$execCount;
         } while ($execCount < $bytes);
@@ -85,4 +88,4 @@ if (!is_callable('random_bytes')) {
             'Could not gather sufficient random data'
         );
     }
-}
\ No newline at end of file
+}
diff --git a/wp-includes/random_compat/random_bytes_dev_urandom.php b/wp-includes/random_compat/random_bytes_dev_urandom.php
index df5b91524e..c4e31ccbbb 100644
--- a/wp-includes/random_compat/random_bytes_dev_urandom.php
+++ b/wp-includes/random_compat/random_bytes_dev_urandom.php
@@ -1,22 +1,22 @@
 <?php
 /**
- * Random_* Compatibility Library 
+ * Random_* Compatibility Library
  * for using the new PHP 7 random_* API in PHP 5 projects
- * 
+ *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015 - 2017 Paragon Initiative Enterprises
- * 
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
+ *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
  * in the Software without restriction, including without limitation the rights
  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  * copies of the Software, and to permit persons to whom the Software is
  * furnished to do so, subject to the following conditions:
- * 
+ *
  * The above copyright notice and this permission notice shall be included in
  * all copies or substantial portions of the Software.
- * 
+ *
  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -36,6 +36,7 @@ if (!is_callable('random_bytes')) {
      * random numbers in accordance with best practices
      *
      * Why we use /dev/urandom and not /dev/random
+     * @ref https://www.2uo.de/myths-about-urandom
      * @ref http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers
      *
      * @param int $bytes
@@ -46,25 +47,47 @@ if (!is_callable('random_bytes')) {
      */
     function random_bytes($bytes)
     {
+        /** @var resource $fp */
         static $fp = null;
+
         /**
          * This block should only be run once
          */
         if (empty($fp)) {
             /**
-             * We use /dev/urandom if it is a char device.
-             * We never fall back to /dev/random
+             * We don't want to ever read C:\dev\random, only /dev/urandom on
+             * Unix-like operating systems. While we guard against this
+             * condition in random.php, it doesn't hurt to be defensive in depth
+             * here.
+             *
+             * To that end, we only try to open /dev/urandom if we're on a Unix-
+             * like operating system (which means the directory separator is set
+             * to "/" not "\".
              */
-            $fp = fopen('/dev/urandom', 'rb');
-            if (!empty($fp)) {
-                $st = fstat($fp);
-                if (($st['mode'] & 0170000) !== 020000) {
-                    fclose($fp);
-                    $fp = false;
+            if (DIRECTORY_SEPARATOR === '/') {
+                if (!is_readable('/dev/urandom')) {
+                    throw new Exception(
+                        'Environment misconfiguration: ' .
+                        '/dev/urandom cannot be read.'
+                    );
+                }
+                /**
+                 * We use /dev/urandom if it is a char device.
+                 * We never fall back to /dev/random
+                 */
+                /** @var resource|bool $fp */
+                $fp = fopen('/dev/urandom', 'rb');
+                if (is_resource($fp)) {
+                    /** @var array<string, int> $st */
+                    $st = fstat($fp);
+                    if (($st['mode'] & 0170000) !== 020000) {
+                        fclose($fp);
+                        $fp = false;
+                    }
                 }
             }
 
-            if (!empty($fp)) {
+            if (is_resource($fp)) {
                 /**
                  * stream_set_read_buffer() does not exist in HHVM
                  *
@@ -83,6 +106,7 @@ if (!is_callable('random_bytes')) {
         }
 
         try {
+            /** @var int $bytes */
             $bytes = RandomCompat_intval($bytes);
         } catch (TypeError $ex) {
             throw new TypeError(
@@ -103,7 +127,7 @@ if (!is_callable('random_bytes')) {
          * if (empty($fp)) line is logic that should only be run once per
          * page load.
          */
-        if (!empty($fp)) {
+        if (is_resource($fp)) {
             /**
              * @var int
              */
@@ -123,29 +147,28 @@ if (!is_callable('random_bytes')) {
                  */
                 $read = fread($fp, $remaining);
                 if (!is_string($read)) {
-                    if ($read === false) {
-                        /**
-                         * We cannot safely read from the file. Exit the
-                         * do-while loop and trigger the exception condition
-                         *
-                         * @var string|bool
-                         */
-                        $buf = false;
-                        break;
-                    }
+                    /**
+                     * We cannot safely read from the file. Exit the
+                     * do-while loop and trigger the exception condition
+                     *
+                     * @var string|bool
+                     */
+                    $buf = false;
+                    break;
                 }
                 /**
                  * Decrease the number of bytes returned from remaining
                  */
                 $remaining -= RandomCompat_strlen($read);
                 /**
-                 * @var string|bool
+                 * @var string $buf
                  */
-                $buf = $buf . $read;
+                $buf .= $read;
             } while ($remaining > 0);
 
             /**
              * Is our result valid?
+             * @var string|bool $buf
              */
             if (is_string($buf)) {
                 if (RandomCompat_strlen($buf) === $bytes) {
diff --git a/wp-includes/random_compat/random_bytes_libsodium.php b/wp-includes/random_compat/random_bytes_libsodium.php
index 4af1a24227..2e56290182 100644
--- a/wp-includes/random_compat/random_bytes_libsodium.php
+++ b/wp-includes/random_compat/random_bytes_libsodium.php
@@ -1,22 +1,22 @@
 <?php
 /**
- * Random_* Compatibility Library 
+ * Random_* Compatibility Library
  * for using the new PHP 7 random_* API in PHP 5 projects
- * 
+ *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015 - 2017 Paragon Initiative Enterprises
- * 
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
+ *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
  * in the Software without restriction, including without limitation the rights
  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  * copies of the Software, and to permit persons to whom the Software is
  * furnished to do so, subject to the following conditions:
- * 
+ *
  * The above copyright notice and this permission notice shall be included in
  * all copies or substantial portions of the Software.
- * 
+ *
  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -43,6 +43,7 @@ if (!is_callable('random_bytes')) {
     function random_bytes($bytes)
     {
         try {
+            /** @var int $bytes */
             $bytes = RandomCompat_intval($bytes);
         } catch (TypeError $ex) {
             throw new TypeError(
@@ -60,6 +61,7 @@ if (!is_callable('random_bytes')) {
          * \Sodium\randombytes_buf() doesn't allow more than 2147483647 bytes to be
          * generated in one invocation.
          */
+        /** @var string|bool $buf */
         if ($bytes > 2147483647) {
             $buf = '';
             for ($i = 0; $i < $bytes; $i += 1073741824) {
@@ -69,10 +71,11 @@ if (!is_callable('random_bytes')) {
                 $buf .= \Sodium\randombytes_buf($n);
             }
         } else {
+            /** @var string|bool $buf */
             $buf = \Sodium\randombytes_buf($bytes);
         }
 
-        if ($buf !== false) {
+        if (is_string($buf)) {
             if (RandomCompat_strlen($buf) === $bytes) {
                 return $buf;
             }
diff --git a/wp-includes/random_compat/random_bytes_libsodium_legacy.php b/wp-includes/random_compat/random_bytes_libsodium_legacy.php
index 705af5262b..f78b2199a2 100644
--- a/wp-includes/random_compat/random_bytes_libsodium_legacy.php
+++ b/wp-includes/random_compat/random_bytes_libsodium_legacy.php
@@ -1,22 +1,22 @@
 <?php
 /**
- * Random_* Compatibility Library 
+ * Random_* Compatibility Library
  * for using the new PHP 7 random_* API in PHP 5 projects
- * 
+ *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015 - 2017 Paragon Initiative Enterprises
- * 
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
+ *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
  * in the Software without restriction, including without limitation the rights
  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  * copies of the Software, and to permit persons to whom the Software is
  * furnished to do so, subject to the following conditions:
- * 
+ *
  * The above copyright notice and this permission notice shall be included in
  * all copies or substantial portions of the Software.
- * 
+ *
  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -43,6 +43,7 @@ if (!is_callable('random_bytes')) {
     function random_bytes($bytes)
     {
         try {
+            /** @var int $bytes */
             $bytes = RandomCompat_intval($bytes);
         } catch (TypeError $ex) {
             throw new TypeError(
diff --git a/wp-includes/random_compat/random_bytes_mcrypt.php b/wp-includes/random_compat/random_bytes_mcrypt.php
index aac9c013d4..0b13fa73c5 100644
--- a/wp-includes/random_compat/random_bytes_mcrypt.php
+++ b/wp-includes/random_compat/random_bytes_mcrypt.php
@@ -1,22 +1,22 @@
 <?php
 /**
- * Random_* Compatibility Library 
+ * Random_* Compatibility Library
  * for using the new PHP 7 random_* API in PHP 5 projects
- * 
+ *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015 - 2017 Paragon Initiative Enterprises
- * 
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
+ *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
  * in the Software without restriction, including without limitation the rights
  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  * copies of the Software, and to permit persons to whom the Software is
  * furnished to do so, subject to the following conditions:
- * 
+ *
  * The above copyright notice and this permission notice shall be included in
  * all copies or substantial portions of the Software.
- * 
+ *
  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -42,6 +42,7 @@ if (!is_callable('random_bytes')) {
     function random_bytes($bytes)
     {
         try {
+            /** @var int $bytes */
             $bytes = RandomCompat_intval($bytes);
         } catch (TypeError $ex) {
             throw new TypeError(
@@ -55,10 +56,11 @@ if (!is_callable('random_bytes')) {
             );
         }
 
-        $buf = @mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM);
+        /** @var string|bool $buf */
+        $buf = @mcrypt_create_iv((int) $bytes, (int) MCRYPT_DEV_URANDOM);
         if (
-            $buf !== false
-            &&
+            is_string($buf)
+                &&
             RandomCompat_strlen($buf) === $bytes
         ) {
             /**
diff --git a/wp-includes/random_compat/random_int.php b/wp-includes/random_compat/random_int.php
index 5b2143a162..ff80dfa438 100644
--- a/wp-includes/random_compat/random_int.php
+++ b/wp-includes/random_compat/random_int.php
@@ -7,7 +7,7 @@ if (!is_callable('random_int')) {
      *
      * The MIT License (MIT)
      *
-     * Copyright (c) 2015 - 2017 Paragon Initiative Enterprises
+     * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
      *
      * Permission is hereby granted, free of charge, to any person obtaining a copy
      * of this software and associated documentation files (the "Software"), to deal
@@ -51,6 +51,7 @@ if (!is_callable('random_int')) {
          */
 
         try {
+            /** @var int $min */
             $min = RandomCompat_intval($min);
         } catch (TypeError $ex) {
             throw new TypeError(
@@ -59,6 +60,7 @@ if (!is_callable('random_int')) {
         }
 
         try {
+            /** @var int $max */
             $max = RandomCompat_intval($max);
         } catch (TypeError $ex) {
             throw new TypeError(
@@ -90,11 +92,18 @@ if (!is_callable('random_int')) {
          *          so we can minimize the number of discards
          */
         $attempts = $bits = $bytes = $mask = $valueShift = 0;
+        /** @var int $attempts */
+        /** @var int $bits */
+        /** @var int $bytes */
+        /** @var int $mask */
+        /** @var int $valueShift */
 
         /**
          * At this point, $range is a positive number greater than 0. It might
          * overflow, however, if $max - $min > PHP_INT_MAX. PHP will cast it to
          * a float and we will lose some precision.
+         *
+         * @var int|float $range
          */
         $range = $max - $min;
 
@@ -115,6 +124,7 @@ if (!is_callable('random_int')) {
              * @ref http://3v4l.org/XX9r5  (64-bit)
              */
             $bytes = PHP_INT_SIZE;
+            /** @var int $mask */
             $mask = ~0;
 
         } else {
@@ -129,16 +139,19 @@ if (!is_callable('random_int')) {
                 }
                 ++$bits;
                 $range >>= 1;
+                /** @var int $mask */
                 $mask = $mask << 1 | 1;
             }
             $valueShift = $min;
         }
 
+        /** @var int $val */
         $val = 0;
         /**
          * Now that we have our parameters set up, let's begin generating
          * random integers until one falls between $min and $max
          */
+        /** @psalm-suppress RedundantCondition */
         do {
             /**
              * The rejection probability is at most 0.5, so this corresponds
@@ -169,6 +182,7 @@ if (!is_callable('random_int')) {
             for ($i = 0; $i < $bytes; ++$i) {
                 $val |= ord($randomByteString[$i]) << ($i * 8);
             }
+            /** @var int $val */
 
             /**
              * Apply mask
diff --git a/wp-includes/version.php b/wp-includes/version.php
index 031deddb04..6261680483 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -16,7 +16,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '6.0-alpha-52741';
+$wp_version = '6.0-alpha-52742';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.