./security/ruby-bcrypt, OpenBSDs bcrypt() password hashing algorithm for Ruby

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 3.1.12, Package name: ruby24-bcrypt-3.1.12, Maintainer: pkgsrc-users

bcrypt() is a sophisticated and secure hash algorithm designed by The OpenBSD
project for hashing passwords. bcrypt-ruby provides a simple, humane wrapper for
safely handling passwords.

= bcrypt-ruby

An easy way to keep your users' passwords secure.

* http://bcrypt-ruby.rubyforge.org/
* http://github.com/codahale/bcrypt-ruby/tree/master

== Why you should use bcrypt

If you store user passwords in the clear, then an attacker who steals a copy of
your database has a giant list of emails and passwords. Some of your users will
only have one password - for their email account, for their banking account, for
your application. A simple hack could escalate into massive identity theft.

It's your responsibility as a web developer to make your web application secure
- blaming your users for not being security experts is not a professional
response to risk.

bcrypt allows you to easily harden your application against these
kinds of attacks.


Required to run:
[lang/ruby24-base]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 1df8f30b414c3d53dc3b052b5bdee6ec320649be
RMD160: 989ca6032648a4387c1342b13ff0787cfa24418c
Filesize: 43.5 KB

Version history: (Expand)


CVS history: (Expand)


   2018-09-23 18:05:28 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
security/ruby-bcrypt: update to 3.1.12

3.1.12 May 16 2018
  - Add support for Ruby 2.3, 2.4, and 2.5 in compiled Windows binaries
  - Fix compatibility with libxcrypt [GH #164 by @besser82]
   2017-07-31 00:32:28 by Thomas Klausner | Files touched by this commit (229)
Log message:
Switch github HOMEPAGEs to https.
   2016-03-15 16:07:02 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
Update ruby-bcrypt to 3.1.11.

3.1.11 Mar 06 2016
  - Add support for Ruby 2.2 in compiled Windows binaries
   2015-11-04 02:18:12 by Alistair G. Crooks | Files touched by this commit (434)
Log message:
Add SHA512 digests for distfiles for security category

Problems found locating distfiles:
	Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
	Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
	Package libidea: missing distfile libidea-0.8.2b.tar.gz
	Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
	Package uvscan: missing distfile vlp4510e.tar.Z

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-03-08 16:17:22 by Takahiro Kambe | Files touched by this commit (58) | Package updated
Log message:
Add ${GEM_EXTSDIR}/gem.build_complete for new rubygems and updated ruby.
   2015-02-04 17:07:29 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
Update ruby-bcrypt to 3.1.10.

3.1.8  Oct 23 2014
  - Add support for Ruby 2.1 in compiled Windows binaries [GH #102]

3.1.9  Oct 23 2014
  - Rebuild corrupt binaries

3.1.10 Jan 28 2015
  - Fix issue with dumping a BCrypt::Password instance to YAML in Ruby 2.2 [GH \ 
#107 by @mattwildig]
   2014-03-14 18:53:12 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
Update ruby-bcrypt to 3.1.7.

3.1.3  Feb 21 2014
  - Add support for Ruby 2.1 in compiled Windows binaries
  - Rename gem from "bcrypt-ruby" to just "bcrypt". [GH #86 \ 
by @sferik]

3.1.6  Feb 21 2014
  - Dummy version of "bcrypt-ruby" needed a couple version bumps to \ 
fix some
    bugs. It felt wrong to have that at a higher version than the real gem, so
    the real gem is getting bumped to 3.1.6.

3.1.7  Feb 24 2014
  - Rebuild corrupt Java binary version of gem [GH #90]
  - The 2.1 support for Windows binaries alleged in 3.1.3 was a lie -- \ 
documentation removed
   2014-03-13 12:08:54 by Jonathan Perkin | Files touched by this commit (67)
Log message:
Set USE_GCC_RUNTIME=yes for packages which build shared libraries but do
not use libtool to do so.  This is required to correctly depend upon a
gcc runtime package (e.g. gcc47-libs) when using USE_PKGSRC_GCC_RUNTIME.