This repository has been archived by the owner on Jul 21, 2023. It is now read-only.
Update tweetnacl to the latest version 🚀 #80
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![greenkeeper[bot]](https://avatars.githubusercontent.com/in/505?s=60&v=4){kind=small}
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Version 1.0.0-rc.1 of tweetnacl just got published.
The version 1.0.0-rc.1 is not covered by your current version range.
Without accepting this pull request your project will work just like it did before. There might be a bunch of new features, fixes and perf improvements that the maintainers worked on for you though.
I recommend you look into these changes and try to get onto the latest version of tweetnacl.
Given that you have a decent test suite, a passing build is a strong indicator that you can take advantage of these changes by merging the proposed change into your project. Otherwise this branch is a great starting point for you to work on the update.
Release Notes
v1.0.0-rc.1 (Release candidate)IMPORTANT! In previous versions,
nacl.secretbox.open,nacl.box.open,and
nacl.box.afterreturnedfalsewhen opening failed (for example, whenusing incorrect key, nonce, or when input was maliciously or accidentally
modified after encryption). This version instead returns
null.The usual way to check for this condition:
if (!result) { ... }is correct and will continue to work.
However, direct comparison with
false:if (result == false) { ... }it will no longer work and will not detect failure. Please check
your code for this condition.
(
nacl.sign.openalways returnednull, so it is not affected.)Arguments type check now uses
instanceof Uint8Arrayinstead ofObject.prototype.toString.nacl.util(moved to a separate package in v0.14.0).Commits
The new version differs by 15 commits .
88b8ea4v1.0.0-rc.1fa1a877README: rename curve25519 to x255193f145dfREADME: add Yarn instructions8e3e89bAdd yarn.lock to .npmignore8626b70Make secretbox.open, box.open, box.after return null instead of false for failuref0346edRemove deprecation checksc74f296benchmark: use best times instead of average; use more precise time when available3908735Use instanceof Uint8Array instead of toString to check for correct typeb392b02README: publish information about auditbaa85b0README: add MEGA as a userf1353d0README: fix typos0ce90f2README: note that nacl-fast is used by defaultb8e6bcaUpdate electron0d4f425.gitignore: ignore C build results10b9d92Update dependenciesSee the full diff.
Not sure how things should work exactly?
There is a collection of frequently asked questions and of course you may always ask my humans.
Your Greenkeeper Bot 🌴