Skip to content

Releases: patrickfav/bcrypt

v0.10.2

12 Feb 20:32
Compare
Choose a tag to compare
  • Fix deployment setup

v0.10.1

12 Feb 08:47
v0.10.1
a982903
Compare
Choose a tag to compare
  • Re-Introduce DEFAULT_MAX_PW_LENGTH_BYTE to be code compatible with 0.9.0- (thx for the hint @Andrew-Cottrell)

v0.10.0 [BREAKING CHANGE]

11 Feb 15:29
v0.10.0
2596227
Compare
Choose a tag to compare
  • [BREAKING CHANGE] the null terminator will not be counted to the 72 byte max length anymore. This changes the behaviour IF you used passwords with EXACTLY 72 bytes. #43, #44 (thx @quinot, @mathieutu)
  • migrate to Maven Central, Github Actions and Codecov #46
  • update many dependencies and remove warnings for CVE-2020-15522 (bc) CVE-2020-15250 (junit) -> were never part of production code #41

v0.10.0-rc

11 Feb 14:17
v0.10.0-rc
21d8fb8
Compare
Choose a tag to compare
v0.10.0-rc Pre-release
Pre-release

This release has unsigend jar

v0.9.0

29 Oct 06:38
v0.9.0
009cbd8
Compare
Choose a tag to compare

Changes

  • fix license headers and correct credits to jBcrypt
  • add long-password strategy to verifier #21
  • fix not returning correct hash version when verifying #24
  • allow for custom max password length in Version #22

Breaking

  • verify(byte[] password, int cost, byte[] salt, byte[] rawBcryptHash23Bytes) signature changed, added version property (see #24)
  • LongPasswordStrategies factory methods now require the version for the max password length (see #22)
  • Verifier now accepts Version as a constructor parameter and verifyStrict therefore does not need one (see #22)

v0.8.0

15 Apr 21:11
v0.8.0
6fe0708
Compare
Choose a tag to compare

Changes

  • add new verify API signature accepting char array password and byte array hash #16
  • add OSGi support #15

v0.7.0

26 Jan 20:20
v0.7.0
90a1829
Compare
Choose a tag to compare

Minor Changes

  • add OSWAP dependency check plugin to Maven POM #14
  • minor refactorings

v0.6.0

09 Nov 10:25
v0.6.0
83126cb
Compare
Choose a tag to compare

Changes

  • change verifier that accepts String type to accept more flexible CharSequence

Known Issues

  • cli tool seems to complains about illegal access of some classes with JDK10

v0.5.0

11 Aug 14:59
v0.5.0
66fa301
Compare
Choose a tag to compare

Changes

  • allow actual 2^31 rounds (fix integer overflow issue with 1<<31) #7
  • use Apache v2 compatible Radix 64 impl and skip OpenJDK one #8
  • add JMH benchmark module #11

Known Issues

  • cli tool seems to complains about illegal access of some classes with JDK10

Note

Skip the previous versions (0.3+) because they contain GPL-2 code. Now everything is under Apache 2 again.

v0.4.1

23 Jul 07:08
v0.4.1
550e6f2
Compare
Choose a tag to compare

Changes

  • Fixes maven dependency build setup (Gradle & Maven should now be able to resolve the dependency)