Releases: patrickfav/bcrypt
Releases · patrickfav/bcrypt
v0.10.2
v0.10.1
- Re-Introduce DEFAULT_MAX_PW_LENGTH_BYTE to be code compatible with 0.9.0- (thx for the hint @Andrew-Cottrell)
v0.10.0 [BREAKING CHANGE]
- [BREAKING CHANGE] the null terminator will not be counted to the 72 byte max length anymore. This changes the behaviour IF you used passwords with EXACTLY 72 bytes. #43, #44 (thx @quinot, @mathieutu)
- migrate to Maven Central, Github Actions and Codecov #46
- update many dependencies and remove warnings for CVE-2020-15522 (bc) CVE-2020-15250 (junit) -> were never part of production code #41
v0.10.0-rc
This release has unsigend jar
v0.9.0
Changes
- fix license headers and correct credits to jBcrypt
- add long-password strategy to verifier #21
- fix not returning correct hash version when verifying #24
- allow for custom max password length in Version #22
Breaking
verify(byte[] password, int cost, byte[] salt, byte[] rawBcryptHash23Bytes)
signature changed, addedversion
property (see #24)LongPasswordStrategies
factory methods now require the version for the max password length (see #22)- Verifier now accepts
Version
as a constructor parameter andverifyStrict
therefore does not need one (see #22)
v0.8.0
v0.7.0
v0.6.0
Changes
- change verifier that accepts
String
type to accept more flexibleCharSequence
Known Issues
- cli tool seems to complains about illegal access of some classes with JDK10
v0.5.0
Changes
- allow actual 2^31 rounds (fix integer overflow issue with
1<<31
) #7 - use Apache v2 compatible Radix 64 impl and skip OpenJDK one #8
- add JMH benchmark module #11
Known Issues
- cli tool seems to complains about illegal access of some classes with JDK10
Note
Skip the previous versions (0.3+) because they contain GPL-2 code. Now everything is under Apache 2 again.
v0.4.1
Changes
- Fixes maven dependency build setup (Gradle & Maven should now be able to resolve the dependency)