Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

StringBuffer -> StringBuilder and other modernizations #20

Open
wants to merge 2 commits into
base: master
Choose a base branch
from

Conversation

GlenKPeterson
Copy link

Thank you for adding a Maven project to https://github.com/djmdjm/jBCrypt

BCrypt needs to be efficient because it relies on "work" for security. If someone else can make a faster version, they can break your encryption more cheaply than you can make it. StringBuilder is a more efficient replacement for StringBuffer, so I wanted to make that change.

Using supported software is considered more secure than unsupported, so I moved us up to Java 8.

Added the Maven Enforcer plugin to make checking versions easier in the future.

Upgraded to the latest JUnit.

Added CHANGELOG.md and .gitignore files.

Basically I wanted to update things as securely as possible while changing as little as possible. What do you think?

…ent.

 Efficiency is important because of the work required by this algorithm.
 - Added maven.compiler.source/target = 1.8 since that's the earliest still-maintained version of Java.
 - Added Maven enforcer plugin to be sure we are building with the latest defaults for Maven.
 - Upgraded Junit from 3.8.1 to 4.13.1 (the latest).
 - Added Changelog file
@v4ultboy
Copy link

v4ultboy commented Oct 5, 2022

I ended up using Password4j which is frequently maintained.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants