./security/ruby-bcrypt, OpenBSDs bcrypt() password hashing algorithm for Ruby

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 3.1.11, Package name: ruby22-bcrypt-3.1.11, Maintainer: pkgsrc-users

bcrypt() is a sophisticated and secure hash algorithm designed by The OpenBSD
project for hashing passwords. bcrypt-ruby provides a simple, humane wrapper for
safely handling passwords.

= bcrypt-ruby

An easy way to keep your users' passwords secure.

* http://bcrypt-ruby.rubyforge.org/
* http://github.com/codahale/bcrypt-ruby/tree/master

== Why you should use bcrypt

If you store user passwords in the clear, then an attacker who steals a copy of
your database has a giant list of emails and passwords. Some of your users will
only have one password - for their email account, for their banking account, for
your application. A simple hack could escalate into massive identity theft.

It's your responsibility as a web developer to make your web application secure
- blaming your users for not being security experts is not a professional
response to risk.

bcrypt allows you to easily harden your application against these
kinds of attacks.


Required to run:
[lang/ruby22-base]

Master sites:

SHA1: 91df9b316423f743ced80dd56fb570201701ab7d
RMD160: 851556aeada8419af8f960075bb0424836d0c37a
Filesize: 43 KB

Version history: (Expand)


CVS history: (Expand)


   2016-03-15 16:07:02 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
Update ruby-bcrypt to 3.1.11.

3.1.11 Mar 06 2016
  - Add support for Ruby 2.2 in compiled Windows binaries
   2015-11-04 02:18:12 by Alistair G. Crooks | Files touched by this commit (434)
Log message:
Add SHA512 digests for distfiles for security category

Problems found locating distfiles:
	Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
	Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
	Package libidea: missing distfile libidea-0.8.2b.tar.gz
	Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
	Package uvscan: missing distfile vlp4510e.tar.Z

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-03-08 16:17:22 by Takahiro Kambe | Files touched by this commit (58) | Package updated
Log message:
Add ${GEM_EXTSDIR}/gem.build_complete for new rubygems and updated ruby.
   2015-02-04 17:07:29 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
Update ruby-bcrypt to 3.1.10.

3.1.8  Oct 23 2014
  - Add support for Ruby 2.1 in compiled Windows binaries [GH #102]

3.1.9  Oct 23 2014
  - Rebuild corrupt binaries

3.1.10 Jan 28 2015
  - Fix issue with dumping a BCrypt::Password instance to YAML in Ruby 2.2 [GH \ 
#107 by @mattwildig]
   2014-03-14 18:53:12 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
Update ruby-bcrypt to 3.1.7.

3.1.3  Feb 21 2014
  - Add support for Ruby 2.1 in compiled Windows binaries
  - Rename gem from "bcrypt-ruby" to just "bcrypt". [GH #86 \ 
by @sferik]

3.1.6  Feb 21 2014
  - Dummy version of "bcrypt-ruby" needed a couple version bumps to \ 
fix some
    bugs. It felt wrong to have that at a higher version than the real gem, so
    the real gem is getting bumped to 3.1.6.

3.1.7  Feb 24 2014
  - Rebuild corrupt Java binary version of gem [GH #90]
  - The 2.1 support for Windows binaries alleged in 3.1.3 was a lie -- \ 
documentation removed
   2014-03-13 12:08:54 by Jonathan Perkin | Files touched by this commit (67)
Log message:
Set USE_GCC_RUNTIME=yes for packages which build shared libraries but do
not use libtool to do so.  This is required to correctly depend upon a
gcc runtime package (e.g. gcc47-libs) when using USE_PKGSRC_GCC_RUNTIME.
   2013-09-15 16:56:11 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
Update ruby-bcrypt to 3.1.2.

3.1.0  May 07 2013
  - Add BCrypt::Password.valid_hash?(str) to check if a string is a valid
    bcrypt password hash
  - BCrypt::Password cost should be set to DEFAULT_COST if nil
  - Add BCrypt::Engine.cost attribute for getting/setting a default cost
    externally

3.1.1  Jul 10 2013
  - Remove support for Ruby 1.8 in compiled win32 binaries

3.1.2  Aug 26 2013
  - Add support for Ruby 1.8 and 2.0 (in addition to 1.9) in compiled Windows
    binaries
  - Add support for 64-bit Windows
   2013-04-07 22:49:45 by Blue Rats | Files touched by this commit (91)
Log message:
Edited DESCR in the case of:
 File too long (should be no more than 24 lines).
 Line too long (should be no more than 80 characters).
 Trailing empty lines.
 Trailing white-space.
Trucated the long files as best as possible while preserving the most info
contained in them.