{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":45525618,"defaultBranch":"master","name":"ruby-argon2","ownerLogin":"technion","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2015-11-04T08:34:05.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/1948596?v=4","public":true,"private":false,"isOrgOwned":false},"refInfo":{"name":"","listCacheKey":"v0:1693819950.0","currentOid":""},"activityList":{"items":[{"before":"6312a8fb3a6c6c5e771a736572e63d47485e8613","after":"3388d7e05e8b486ea4ba8bd2aeb1e9988f025f13","ref":"refs/heads/master","pushedAt":"2023-09-04T09:24:28.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"technion","name":"Joshua Small","path":"/technion","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1948596?s=80&v=4"},"commit":{"message":"Semver bump for #62","shortMessageHtmlLink":"Semver bump for #62"}},{"before":"e4e74b80f50113e39efe1fc36a645346356a43a1","after":"6312a8fb3a6c6c5e771a736572e63d47485e8613","ref":"refs/heads/master","pushedAt":"2023-08-31T08:28:30.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"technion","name":"Joshua Small","path":"/technion","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1948596?s=80&v=4"},"commit":{"message":"Make default costs RFC 9106's second preferred option; introduce named cost profiles (#62)\n\n* Make default costs RFC 9106's second preferred option\r\n\r\nRFC 9106 is the formal standard for describing Argon2. It also gives the official recommended cost parameters that should be sufficient for all environments. This commit introduces the concept of named profiles for a set of cost parameters/values and changes the default costs to `:rfc_9106_low_memory`, the second preferred option in the RFC. The RFC's first choice can be quite computationally expensive and, mirroring Python's `argon2-cffi`, we leave that as an opt-in choice.\r\n\r\nA developer can use one of the named profiles, or continue to hand specify costs:\r\n\r\n```ruby\r\nhasher = Argon2::Password.new(profile: :rfc_9106_high_memory)\r\nhasher.create(\"password\")\r\n => \"$argon2id$v=19$m=2097152,t=1,p=4$LvHa74Yax7uCWPN7P6/oQQ$V1dMt4dfuYSmLpwUTpKUzg+RrXjWzWHlE6NLowBzsAg\"\r\n\r\nhasher = Argon2::Password.new(t_cost: 2, m_cost: 16, p_cost: 1)\r\nhasher.create(\"password\")\r\n => \"$argon2i$v=19$m=65536,t=2,p=1$jL7lLEAjDN+pY2cG1N8D2g$iwj1ueduCvm6B9YVjBSnAHu+6mKzqGmDW745ALR38Uo\"\r\n```\r\n\r\nThe list of named cost profiles are:\r\n\r\n* `:rfc_9106_high_memory`: the first recommended option but is expensive\r\n* `:rfc_9106_low_memory`: the second recommended option (default)\r\n* `:pre_rfc_9106`: the previous default costs for `ruby-argon2` <= v2.2.0, before offering RFC 9106 named profiles\r\n* `:unsafe_cheapest`: Strictly for testing, the minimum costs allowed by Argon2 for the fastest hashing speed\r\n\r\nA developer can see the list of profiles with `Argon2::Profiles.to_a` and the actual cost values with `.to_h` or `[name]`. As guidance changes over time (OWASP has its own recommended values), the list of profiles may expand or even change their values.\r\n\r\n* Satisfy rubocop","shortMessageHtmlLink":"Make default costs RFC 9106's second preferred option; introduce name…"}},{"before":"72faac76b0e808bea21d455c6ead8b5ef6424269","after":"e4e74b80f50113e39efe1fc36a645346356a43a1","ref":"refs/heads/master","pushedAt":"2023-08-19T03:29:33.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"technion","name":"Joshua Small","path":"/technion","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1948596?s=80&v=4"},"commit":{"message":"Terrible fix relating to broken #61 fix","shortMessageHtmlLink":"Terrible fix relating to broken #61 fix"}},{"before":"3282118946d4aba1ba5138fc11f36833edea5692","after":"72faac76b0e808bea21d455c6ead8b5ef6424269","ref":"refs/heads/master","pushedAt":"2023-08-19T03:24:14.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"technion","name":"Joshua Small","path":"/technion","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1948596?s=80&v=4"},"commit":{"message":"Fixes #61","shortMessageHtmlLink":"Fixes #61"}},{"before":"b46b65be0edefa61529d0ea827b85e36a618d465","after":"3282118946d4aba1ba5138fc11f36833edea5692","ref":"refs/heads/master","pushedAt":"2023-07-08T11:11:20.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"technion","name":"Joshua Small","path":"/technion","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1948596?s=80&v=4"},"commit":{"message":"Rewrite all signatures.\nFixes #59, which is some new version of steep or something.","shortMessageHtmlLink":"Rewrite all signatures."}},{"before":"d62ecf8b4ec6b8c1651fade5a5ebdc856e8aef42","after":"b46b65be0edefa61529d0ea827b85e36a618d465","ref":"refs/heads/master","pushedAt":"2023-04-11T10:08:30.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"technion","name":"Joshua Small","path":"/technion","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1948596?s=80&v=4"},"commit":{"message":"Remove extra spaces added in d62ecf8b4 (#58)","shortMessageHtmlLink":"Remove extra spaces added in d62ecf8 (#58)"}},{"before":"8d2c1328bd3b9e6a0b97e178eed3b67d3638d0ca","after":"d62ecf8b4ec6b8c1651fade5a5ebdc856e8aef42","ref":"refs/heads/master","pushedAt":"2023-04-11T01:22:19.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"technion","name":"Joshua Small","path":"/technion","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1948596?s=80&v=4"},"commit":{"message":"Expose the default costs used through constants (#57)\n\nThis allows third-party libraries to inspect those values and\r\nuse them.","shortMessageHtmlLink":"Expose the default costs used through constants (#57)"}}],"hasNextPage":false,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAADeMVfsQA","startCursor":null,"endCursor":null}},"title":"Activity · technion/ruby-argon2"}