v1.02 2017-06-21
- Add password_needs_rehash() function.
- Add more tests.
- Add experimental unharnessed comparisons with output from real PHP functions in test scripts.
- Add this file and some Makefile.PL improvements.
v1.03 2017-06-21
- Minor documentation change.
v1.04 2017-06-21
- Update README file text that nobody probably reads anyway.
v1.05 2017-06-22
- Hopefully fix warnings about ambiguous use of shift without parenthesis in Perl 5.8.
v1.06 2017-06-23
- Replace // operator that only exists since Perl 5.10.
v1.07 2017-06-24
- Increased MIN_PERL_VERSION in Makefile.PL to 5.10 because builds were failing on 5.8
- Replace require_ok() with plain 'use' in test scripts.
v1.08 2020-05-25
- Add support for new algorithms PASSWORD_ARGON2I (PHP >= 7.2) and PASSWORD_ARGON2ID (PHP >= 7.3) for compatibility with latest PHP versions.
- Add password_algos() function that exists since PHP 7.4
v1.09 2020-05-25
- Mention the new Argon2 algorithms in the documentation.
- Make minimal PHP version for unit tests 7.3.
- Only try to require Crypt::Argon2 when needed.
v1.10 2020-05-26
- Add CONTRIBUTING.md
- Fix a POD comment.
v1.11 2021-02-19
- Add check and support for Crypt::Argon2 function argon2_needs_rehash() since version 0.008.
v1.12 2022-01-13
- Use Readonly module for private constants.
- Improve legability of some regexes.
- Improved unit tests, in particular for long and UTF-8 passwords.
- Treat given passwords as strings of bytes instead of characters.
v1.13 2022-01-16
- Replace use of Crypt::Eksblowfish::Bcrypt with the new Crypt::Bcrypt module.
- Replace the dependency on version.pm >= 0.77 with a ->can() check.
- Even though the PASSWORD_BCRYPT salt option is deprecated, if you do pass it (which you shouldn't) then it must be 16 bytes long.
- Cleaned up some whitespace.
v1.14 2023-01-03
- Use algo name instead of int in password_hash() error message when Argon2 hashing is requested but required Crypt::Argon2 module is not installed.
- Make password_needs_rehash() call password_info() as a method instead of function for better subclass support.
v2.00 2024-01-08
- Improved documentation.
- Moved most of the code into new 'protected' methods (all prefixed with an underscore) for easier overridding in subclasses, should there be a desire to do so.
- Static method get_info() now returns either a hashref or undef if the argument format is unrecognized. Previously it was a hash or hashref depending on the context.
- Static method verify() now returns undef (previously 0) if the crypted string format is unrecognized.
v2.01 2024-01-11
- Make _needs_rehash() call _get_info() instead of password_get_info()