RubyGems - bcrypt - Versions diffs - 3.1.18 → 3.1.19 - Mend

bcrypt 3.1.18 → 3.1.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ba8b7b14c18d5ad7f8dcd58b2e719925695a8af445b232d50fc21695b3cd4200
-  data.tar.gz: a3a566bb869dcc9001dbeae8041595152444596253d152c9a374ce9c1503d817
+  metadata.gz: 3d928c8b1764d15c593b64010a766c6dd8ed28c6cc634710aa1ef22616e9ce92
+  data.tar.gz: '0485ba6c9431e9cef69201de5d207181325385247a32e89d2e33ca87e57d184f'
 SHA512:
-  metadata.gz: 9e21ae566338f46280af6576c42b54d6dfe9e75619c35a72b87f6401bef689be8526b3385a556f332c28d9a939ca7cd4f2104ef1483f4cc24d144ba837b69af4
-  data.tar.gz: 1c2e714911083b8aa457d9d16c5dd084acd6610e67a4f2c489ec137b1c503f2753d4a2c98e06446bc7771caec176b7b24a207f7395541e32c31268c8d8773551
+  metadata.gz: ac2844a3ab59a8ca724a362cf68dd68083ae2059769479f00d198097fb3efc7a37e8461aeea3b67fdbf6aa48167ea5de7be520a52339b8991954baa373652dec
+  data.tar.gz: 89ab8573f7567b61fa7ad4ed4edbd5c4e222400b7bf8b38e357d36276f853050c3f3d416911d5a74f7a7a5cdae19852cee8a06c5baba3d72e830eb637e331ecc

data/CHANGELOG CHANGED Viewed

@@ -1,3 +1,7 @@
+3.1.19 June 22 2023
+  - Deprecate passing the third argument to `BCrypt::Engine.hash_secret` [GH #207 by @sergey-alekseev]
+  - Add GC guards so the C compiler won't optimize out references [GH #270]
 3.1.18 May 16 2022
   - Unlock GVL when calculating hashes and salts [GH #260]
   - Fix compilation warnings in `ext/mri/bcrypt_ext.c` [GH #261]

data/Rakefile CHANGED Viewed

@@ -50,8 +50,8 @@ end
 if RUBY_PLATFORM =~ /java/
   Rake::JavaExtensionTask.new('bcrypt_ext', GEMSPEC) do |ext|
     ext.ext_dir = 'ext/jruby'
-    ext.source_version = "1.7"
-    ext.target_version = "1.7"
+    ext.source_version = "1.8"
+    ext.target_version = "1.8"
   end
 else
   Rake::ExtensionTask.new("bcrypt_ext", GEMSPEC) do |ext|

data/bcrypt.gemspec CHANGED Viewed

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name = 'bcrypt'
-  s.version = '3.1.18'
+  s.version = '3.1.19'
   s.summary = "OpenBSD's bcrypt() password hashing algorithm."
   s.description = <<-EOF

data/ext/mri/bcrypt_ext.c CHANGED Viewed

@@ -49,6 +49,9 @@ static VALUE bc_salt(VALUE self, VALUE prefix, VALUE count, VALUE input) {
     if(!salt) return Qnil;
     str_salt = rb_str_new2(salt);
+    RB_GC_GUARD(prefix);
+    RB_GC_GUARD(input);
     free(salt);
     return str_salt;
@@ -99,6 +102,8 @@ static VALUE bc_crypt(VALUE self, VALUE key, VALUE setting) {
     out = rb_str_new2(value);
+    RB_GC_GUARD(key);
+    RB_GC_GUARD(setting);
     free(args.data);
     return out;

data/lib/bcrypt/engine.rb CHANGED Viewed

@@ -53,6 +53,13 @@ module BCrypt
     # Given a secret and a valid salt (see BCrypt::Engine.generate_salt) calculates
     # a bcrypt() password hash. Secrets longer than 72 bytes are truncated.
     def self.hash_secret(secret, salt, _ = nil)
+      unless _.nil?
+        warn "[DEPRECATION] Passing the third argument to " \
+             "`BCrypt::Engine.hash_secret` is deprecated. " \
+             "Please do not pass the third argument which " \
+             "is currently not used."
+      end
       if valid_secret?(secret)
         if valid_salt?(salt)
           if RUBY_PLATFORM == "java"

data/spec/bcrypt/password_spec.rb CHANGED Viewed

@@ -31,6 +31,12 @@ describe "Creating a hashed password" do
   specify "should tolerate very long string secrets" do
     expect { BCrypt::Password.create("abcd"*1024) }.not_to raise_error
   end
+  specify "blows up when null bytes are in the string" do
+    # JRuby can handle the null bytes
+    skip if RUBY_ENGINE == 'jruby'
+    expect { BCrypt::Password.create( "foo\0bar".chop  ) }.to raise_error
+  end
 end
 describe "Reading a hashed password" do

metadata CHANGED Viewed

@@ -1,38 +1,38 @@
 --- !ruby/object:Gem::Specification
 name: bcrypt
 version: !ruby/object:Gem::Version
-  version: 3.1.18
+  version: 3.1.19
 platform: ruby
 authors:
 - Coda Hale
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-05-16 00:00:00.000000000 Z
+date: 2023-06-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: rake-compiler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 1.2.0
-  type: :development
+  name: rake-compiler
   prerelease: false
+  type: :development
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 1.2.0
 - !ruby/object:Gem::Dependency
-  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
         version: '3'
-  type: :development
+  name: rspec
   prerelease: false
+  type: :development
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -50,10 +50,10 @@ extra_rdoc_files:
 - README.md
 - COPYING
 - CHANGELOG
+- lib/bcrypt.rb
 - lib/bcrypt/password.rb
 - lib/bcrypt/engine.rb
 - lib/bcrypt/error.rb
-- lib/bcrypt.rb
 files:
 - ".github/workflows/ruby.yml"
 - ".gitignore"
@@ -89,7 +89,7 @@ homepage: https://github.com/bcrypt-ruby/bcrypt-ruby
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options:
 - "--title"
 - bcrypt-ruby
@@ -110,8 +110,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
-signing_key:
+rubygems_version: 3.2.29
+signing_key:
 specification_version: 4
 summary: OpenBSD's bcrypt() password hashing algorithm.
 test_files: []