All checksums have been double-checked against existing RMD160 and
SHA512 hashes
Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2
Update ruby-bcrypt package to 3.1.16.
3.1.16 Sep 3 2020
- Fix compilation on FreeBSD. [GH #234]
3.1.15 July 21 2020
- Remove GVL optimization. Apparently it breaks things [GH #230]
3.1.14 July 21 2020
- Start calibration from the minimum cost supported by the algorithm
[GH #206 by @sergey-alekseev]
Update ruby-bcrypt to 3.1.13.
pkgsrc change: correct HOMEPAGE.
3.1.13 May 31 2019
- No longer include compiled binaries for Windows. See GH #173.
- Update C and Java implementations to latest versions [GH #182 by @fonica]
- Bump default cost to 12 [GH #181 by @bdewater]
- Remove explicit support for Rubies 1.8 and 1.9
- Define SKIP_GNU token when building extension (Fixes FreeBSD >= 12)
[GH #189 by @adam12]
Problems found locating distfiles:
Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
Package libidea: missing distfile libidea-0.8.2b.tar.gz
Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
Package uvscan: missing distfile vlp4510e.tar.Z
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
3.1.8 Oct 23 2014
- Add support for Ruby 2.1 in compiled Windows binaries [GH #102]
3.1.9 Oct 23 2014
- Rebuild corrupt binaries
3.1.10 Jan 28 2015
- Fix issue with dumping a BCrypt::Password instance to YAML in Ruby 2.2 [GH #107 by @mattwildig]
3.1.3 Feb 21 2014
- Add support for Ruby 2.1 in compiled Windows binaries
- Rename gem from "bcrypt-ruby" to just "bcrypt". [GH #86 by @sferik]
3.1.6 Feb 21 2014
- Dummy version of "bcrypt-ruby" needed a couple version bumps to fix some
bugs. It felt wrong to have that at a higher version than the real gem, so
the real gem is getting bumped to 3.1.6.
3.1.7 Feb 24 2014
- Rebuild corrupt Java binary version of gem [GH #90]
- The 2.1 support for Windows binaries alleged in 3.1.3 was a lie -- documentation removed
3.1.0 May 07 2013
- Add BCrypt::Password.valid_hash?(str) to check if a string is a valid
bcrypt password hash
- BCrypt::Password cost should be set to DEFAULT_COST if nil
- Add BCrypt::Engine.cost attribute for getting/setting a default cost
externally
3.1.1 Jul 10 2013
- Remove support for Ruby 1.8 in compiled win32 binaries
3.1.2 Aug 26 2013
- Add support for Ruby 1.8 and 2.0 (in addition to 1.9) in compiled Windows
binaries
- Add support for 64-bit Windows
bcrypt() is a sophisticated and secure hash algorithm designed by The
OpenBSD project for hashing passwords. bcrypt-ruby provides a simple,
humane wrapper for safely handling passwords.
= bcrypt-ruby
An easy way to keep your users' passwords secure.
* http://bcrypt-ruby.rubyforge.org/
* http://github.com/codahale/bcrypt-ruby/tree/master
== Why you should use bcrypt
If you store user passwords in the clear, then an attacker who steals
a copy of your database has a giant list of emails and passwords. Some
of your users will only have one password -- for their email account,
for their banking account, for your application. A simple hack could
escalate into massive identity theft.
It's your responsibility as a web developer to make your web
application secure -- blaming your users for not being security
experts is not a professional response to risk.
bcrypt allows you to easily harden your application against these
kinds of attacks.
