All Versions
10
Latest Version
Avg Release Cycle
104 days
Latest Release
2984 days ago

Changelog History

  • v3.0.4 Changes

    January 26, 2016

    ๐Ÿ“š Password Validator is now PHP 7.0 compatible! Thanks to @nicoSWD for documentation updates and to @garethellis36 for the PHP 7.0 compatibility PR.

  • v3.0.3 Changes

    March 25, 2015

    โšก๏ธ Updates wp-cli/php-cli-tools dependency

  • v3.0.2 Changes

    September 18, 2014
    • ๐Ÿ›  Fixes a bug in AbstractDecorator::isValid().
    • ๐Ÿ“‡ Renames a few args to match the PasswordValidatorInterface.
  • v3.0.1 Changes

    May 14, 2014

    โฌ†๏ธ Cleans up UpgradeDecoratorTest.

  • v3.0.0 Changes

    May 14, 2014

    ๐Ÿ‘ Password Validator now supports salts for legacy hashing

    โž• Adds an optional $legacySalt argument as the third argument to PasswordValidatorInterface::isValid. This allows the use of a salt in the $validatorCallback to validate legacy hashes in the UpgradeDecorator. Usage of salts in the UpgradeDecorator was previously not possible.

    Which means you can now ...

    ... use @karptonite's Rehashing Password Hashes password security upgrade technique, which I highly recommend. Please read and re-read his post, make sure you understand it, and then implement user authentication against the new hashes with Password Validator and the UpgradeDecorator (A sample implementation is demonstrated in the JeremyKendall\Password\Tests\Decorator\KarptoniteRehashUpgradeDecoratorTest unit test).

    IMPORTANT: This is a backwards incompatible change

    • The PasswordValidatorInterface::isValid method signature has changed
    • Only users of the StorageDecorator should be impacted.

    If you're using the StorageDecorator, your call to PasswordValidatorInterface::isValid must now include the $salt argument, even if it's set to null.

    - <= 2.0.3: $storageDecorator->isValid('password', 'hash', 'username');

    = 3.0.0: $storageDecorator->isValid('password', 'hash', $salt = null, 'username');

  • v2.0.3 Changes

    March 14, 2014

    ๐Ÿš€ This release is to fix my Semantic Versioning mistake of releasing 1.0.0 as the production release after releasing 2.0.3-beta as the final beta. 2.0.3 === 1.0.0. The version number is solely intended to get back on track with semver.

  • v2.0.3-beta Changes

    February 15, 2014

    ๐Ÿ›  Fixes a dependency issue (see #2 and #3).

    Thanks to @unisys12 for the report and the fix!

  • v2.0.2-beta Changes

    January 29, 2014
    • ๐Ÿ›  Fixes rehash bug
      • password_needs_rehash didn't get options passed
      • password_needs_rehash always returned true when cost != 10
    • โšก๏ธ Various housekeeping/cruft updates
  • v2.0.1-beta Changes

    January 12, 2014
    • ๐Ÿ“š Updates documentation
  • v1.0.0

    February 17, 2014