| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2025-09-17 | Increased the default PBKDF2 iterations for Django 6.1. | Jacob Walls | |
| 2025-07-23 | Refs #36500 -- Rewrapped long docstrings and block comments via a script. | django-bot | |
| Rewrapped long docstrings and block comments to 79 characters + newline using script from https://github.com/medmunds/autofix-w505. | |||
| 2025-07-22 | Fixed #36226 -- Accepted str or bytes for password and salt in password hashers. | Roel Delos Reyes | |
| Co-authored-by: Screamadelica <1621456391@sjtu.edu.cn> | |||
| 2025-01-15 | Increased the default PBKDF2 iterations for Django 6.0. | Sarah Boyce | |
| 2024-08-08 | Added test for acheck_password() to ensure make_password is called for ↵ | Natalia | |
| unusable passwords. This is a follow up for the fix of CVE-2024-39329 (5d8645857936c142a3973694799c52165e2bdcdb) where the timing of verify_password() was standardized when checking unusable passwords. | |||
| 2024-07-09 | Fixed CVE-2024-39329 -- Standarized timing of verify_password() when ↵ | Michael Manfre | |
| checking unusuable passwords. Refs #20760. Thanks Michael Manfre for the fix and to Adam Johnson for the review. | |||
| 2024-05-22 | Increased the default PBKDF2 iterations for Django 5.2. | Natalia | |
| 2024-05-17 | Fixed #35428 -- Increased parallelism of the ScryptPasswordHasher. | SaJH | |
| 2024-01-26 | Applied Black's 2024 stable style. | Mariusz Felisiak | |
| https://github.com/psf/black/releases/tag/24.1.0 | |||
| 2023-09-18 | Increased the default PBKDF2 iterations for Django 5.1. | Mariusz Felisiak | |
| 2023-09-18 | Refs #33691 -- Removed insecure password hashers per deprecation timeline. | Mariusz Felisiak | |
| 2023-05-18 | Fixed #34565 -- Added support for async checking of user passwords. | HappyDingning | |
| 2023-03-20 | Fixed some typos in comments, docstrings, and tests. | Liyang Zhang | |
| 2023-02-04 | Increased the default PBKDF2 iterations for Django 5.0. | Mariusz Felisiak | |
| Follow up to 9a1848f48c1f7f627a52b2063a8a8428e77765d6. | |||
| 2023-01-17 | Increased the default PBKDF2 iterations for Django 5.0. | Mariusz Felisiak | |
| 2023-01-17 | Refs #33691 -- Removed django.contrib.auth.hashers.CryptPasswordHasher per ↵ | Mariusz Felisiak | |
| deprecation timeline. | |||
| 2022-10-20 | Skipped scrypt tests when OpenSSL 1.1+ is not installed. | HieuPham9720 | |
| 2022-07-23 | Refs #33691 -- Deprecated insecure password hashers. | Claude Paroz | |
| SHA1PasswordHasher, UnsaltedSHA1PasswordHasher, and UnsaltedMD5PasswordHasher are now deprecated. | |||
| 2022-05-17 | Increased the default PBKDF2 iterations for Django 4.2. | Carlton Gibson | |
| 2022-05-11 | Fixed #33691 -- Deprecated django.contrib.auth.hashers.CryptPasswordHasher. | Mariusz Felisiak | |
| 2022-02-07 | Refs #33476 -- Refactored code to strictly match 88 characters line length. | Mariusz Felisiak | |
| 2022-02-07 | Refs #33476 -- Reformatted code with Black. | django-bot | |
| 2021-09-20 | Increased the default PBKDF2 iterations for Django 4.1. | Mariusz Felisiak | |
| 2021-09-06 | Refs #32508 -- Raised TypeError/ValueError instead of using "assert" in ↵ | Mateo Radman | |
| encode() methods of remaining password hashers. | |||
| 2021-07-22 | Fixed #32275 -- Added scrypt password hasher. | ryowright | |
| Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com> | |||
| 2021-07-22 | Refs #32508 -- Raised TypeError/ValueError instead of using "assert" in ↵ | Mariusz Felisiak | |
| encode() methods of some password hashers. | |||
| 2021-01-14 | Increased the default PBKDF2 iterations for Django 4.0. | Mariusz Felisiak | |
| 2021-01-14 | Fixed #31358 -- Increased salt entropy of password hashers. | Jon Moroney | |
| Co-authored-by: Florian Apolloner <florian@apolloner.eu> | |||
| 2021-01-14 | Refs #31358 -- Added bcrypt password hashers tests for must_update() with ↵ | Jon Moroney | |
| salt(). | |||
| 2020-12-28 | Refs #31358 -- Fixed decoding salt in Argon2PasswordHasher. | Florian Apolloner | |
| Argon2 encodes the salt as base64 for representation in the final hash output. To be able to accurately return the used salt from decode(), add padding, b64decode, and decode from latin1 (for the remote possibility that someone supplied a custom hash consisting solely of bytes -- this would require a manual construction of the hash though, Django's interface does not allow for that). | |||
| 2020-06-23 | Refs #31358 -- Added decode() to password hashers. | Jon Moroney | |
| By convention a hasher which does not use a salt should populate the decode dict with `None` rather than omit the dict key. Co-Authored-By: Florian Apolloner <apollo13@users.noreply.github.com> | |||
| 2020-06-17 | Fixed #30472 -- Made Argon2PasswordHasher use Argon2id. | Florian Apolloner | |
| 2020-06-17 | Added test for old Argon2i hashes with version attribute. | Florian Apolloner | |
| 2020-05-13 | Increased the default PBKDF2 iterations for Django 3.2. | Mariusz Felisiak | |
| 2020-03-31 | Fixed #31375 -- Made contrib.auth.hashers.make_password() accept only bytes ↵ | Hasan Ramezani | |
| or strings. | |||
| 2020-03-31 | Refs #31375 -- Added test for contrib.auth.hashers.make_password() bytes ↵ | Hasan Ramezani | |
| support. | |||
| 2020-01-30 | Replaced assertWarns() with SimpleTestCase.assertWarnsMessage() in tests. | Hasan Ramezani | |
| 2020-01-03 | Refs #31040 -- Fixed crypt.crypt() call in test_hashers.py. | Mariusz Felisiak | |
| An empty string is invalid salt in Python 3 and raises exception since Python 3.9, see https://bugs.python.org/issue38402. | |||
| 2019-09-12 | Increased the default PBKDF2 iterations for Django 3.1. | Carlton Gibson | |
| 2019-01-17 | Increased the default PBKDF2 iterations for Django 3.0. | Tim Graham | |
| 2018-05-17 | Increased the default PBKDF2 iterations for Django 2.2. | Tim Graham | |
| 2018-05-13 | Increased the default PBKDF2 iterations for Django 2.1. | Tim Graham | |
| 2018-03-22 | Fixed #28718 -- Allowed user to request a password reset if their password ↵ | Tim Graham | |
| doesn't use an enabled hasher. Regression in aeb1389442d0f9669edf6660b747fd10693b63a7. Reverted changes to is_password_usable() from 703c266682be39f7153498ad0d8031231f12ee79 and documentation changes from 92f48680dbd2e02f2b33f6ad0e35b7d337889fb2. | |||
| 2018-02-26 | Fixed #29161 -- Removed BCryptPasswordHasher from PASSWORD_HASHERS. | Tim Graham | |
| 2018-02-07 | Refs #27795 -- Removed force_bytes/text() usage in tests. | Tim Graham | |
| 2017-09-29 | Completed test coverage for BasePasswordHasher. | Mads Jensen | |
| 2017-09-29 | Moved BasePasswordHasher tests to its own test case. | Mads Jensen | |
| 2017-05-24 | Refs #27804 -- Used subTest() in several tests. | Bruno Alla | |
| 2017-01-25 | Refs #23919 -- Removed misc Python 2/3 references. | Tim Graham | |
| 2017-01-20 | Refs #23919 -- Removed django.test.mock Python 2 compatibility shim. | Tim Graham | |
 |
index : chango.git | |
| django |
| summaryrefslogtreecommitdiff |