inslash 1.0.2 → 1.0.3

package/LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2026 Inslash
+Copyright (c) 2026 Reshuk Sapkota
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

package/package.json

@@ -1,15 +1,39 @@
-{
-  "name": "inslash",
-  "version": "1.0.2",
-  "main": "index.js",
-  "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1"
-  },
-  "keywords": [],
-  "author": "Reshuk Sapkota",
-  "license": "MIT",
-  "description": "",
-  "dependencies": {
-    "crypto": "^1.0.1"
-  }
-}
+{
+  "name": "inslash",
+  "version": "1.0.3",
+  "description": "A modern, upgradeable, and secure password hashing utility with passport encoding and hash ancestry.",
+  "main": "index.js",
+  "types": "index.d.ts", 
+  "scripts": {
+    "test": "node cstest.js"
+  },
+  "keywords": [
+    "password",
+    "hash",
+    "security",
+    "crypto",
+    "salt",
+    "pepper",
+    "upgradeable",
+    "passport",
+    "nodejs"
+  ],
+  "author": "Reshuk Sapkota",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/reshuk-code/inslash"
+  },
+  "bugs": {
+    "url": "https://github.com/reshuk-code/inslash/issues"
+  },
+  "homepage": "https://github.com/reshuk-code/inslash#readme",
+  "files": [
+    "index.js",
+    "README.md",
+    "LICENSE"
+  ],
+  "engines": {
+    "node": ">=16"
+  }
+}

package/cstest.js

@@ -1,49 +0,0 @@
-const { hash, verify } = require("./script");
-
-const SECRET_KEY = "supersecret";
-
-// 1. Rainbow Table Attack
-(async () => {
-    const a = await hash("password123", SECRET_KEY);
-    const b = await hash("password123", SECRET_KEY);
-    console.log("Rainbow Table Test:", a.hash !== b.hash ? "PASS" : "FAIL");
-
-    // 2. Brute Force Attack (timing)
-    console.time("Low Iterations");
-    await hash("password123", SECRET_KEY, { iterations: 1000 });
-    console.timeEnd("Low Iterations");
-
-    console.time("High Iterations");
-    await hash("password123", SECRET_KEY, { iterations: 200_000 });
-    console.timeEnd("High Iterations");
-
-    // 3. Timing Attack (should use timingSafeEqual)
-    const v = await verify("password123", a.passport, SECRET_KEY);
-    console.log("Timing Safe Equal Test:", v.valid ? "PASS" : "FAIL");
-
-    // 4. Salt Storage
-    console.log("Salt Unique Test:", a.salt !== b.salt ? "PASS" : "FAIL");
-
-    // 5. Pepper Security
-    process.env.HASH_PEPPER = "pepper";
-    const withPepper = await hash("password123", SECRET_KEY);
-    process.env.HASH_PEPPER = "";
-    const vPepper = await verify("password123", withPepper.passport, SECRET_KEY);
-    console.log("Pepper Security Test:", vPepper.valid ? "FAIL" : "PASS");
-
-    // 6. Upgrade Path
-    const vUpgrade = await verify("password123", a.passport, SECRET_KEY, { iterations: 200_000 });
-    console.log("Upgrade Path Test:", vUpgrade.needsUpgrade ? "PASS" : "FAIL");
-
-    // 7. Input Validation
-    try {
-        await hash(null, SECRET_KEY);
-        console.log("Null Input Test: FAIL");
-    } catch {
-        console.log("Null Input Test: PASS");
-    }
-
-    // 8. Collision Resistance
-    const c = await hash("passwordABC", SECRET_KEY);
-    console.log("Collision Resistance Test:", a.hash !== c.hash ? "PASS" : "FAIL");
-})();

package/test.js

@@ -1,22 +0,0 @@
-const { hash, verify } = require("./script");
-
-const SECRET_KEY = process.env.HASH_SECRET || "abcd";
-
-// create hash
-(async () => {
-    const result = await hash("Happy", SECRET_KEY, {
-        iterations: 150_000
-    });
-
-    console.log(result);
-
-    // verify
-    const verifyResult = await verify(
-        "Happy",
-        result.passport, // <-- use passport, not salt/hash
-        SECRET_KEY,
-        { iterations: result.iterations }
-    );
-
-    console.log(verifyResult); // { valid: true, needsUpgrade: false, upgradedPassport: null }
-})();