Skip to content

Bump password-hash to 0.1.2 due to breaking change#147

Closed
trevor-crypto wants to merge 1 commit into
RustCrypto:masterfrom
trevor-crypto:patch-1
Closed

Bump password-hash to 0.1.2 due to breaking change#147
trevor-crypto wants to merge 1 commit into
RustCrypto:masterfrom
trevor-crypto:patch-1

Conversation

@trevor-crypto

@trevor-crypto trevor-crypto commented Mar 24, 2021

Copy link
Copy Markdown

I had a use case where I was using the v0.7.3 of pbkdf2, and when dependabot bumped to v0.7.4 there was an error with compiling pbkdf2:

 if Base64::decode(count, &mut count_arr)?.len() != 4 {
    |                                                         ^ the trait `From<base64ct::Error>` is not implemented for `HasherError`
...

I found that this is due to my version of password-hash being stuck on v0.1.1. Once I did a cargo update -p password-hash all was resolved.

@trevor-crypto
Bump password-hash to 0.1.2 due to breaking change
5a1997a 
I had a use case where I was using the v0.7.3 of `pbkdf2`, and when dependabot bumped to v0.7.4 there was an error with compiling `pbkdf2`:

```
 if Base64::decode(count, &mut count_arr)?.len() != 4 {
    |                                                         ^ the trait `From<base64ct::Error>` is not implemented for `HasherError`
...
```
I found that this is due to my version of `password-hash` being stuck on v0.1.1. Once I did a `cargo update -p password-hash` all was resolved.
@tarcieri

tarcieri commented Mar 24, 2021

Copy link
Copy Markdown
Member

Aah, okay. This looks like an accidental SemVer breaking change I wasn't expecting while bumping base64ct (see #144).

I tried addressing it in an alternative way: yanking the v0.1.1 release so v0.1.2 is the only version published. If you'd like, I can merge this too.

@trevor-crypto

trevor-crypto commented Mar 24, 2021

Copy link
Copy Markdown
Author

@tarcieri I see...Not sure how that happened then. Maybe the correct thing for me to have done was cargo clean first

It isn't a blocker anymore for me, so it's up to you to close or merge 😌 Thanks!

@tarcieri

tarcieri commented Mar 24, 2021

Copy link
Copy Markdown
Member

It's really an oversight on my part for pushing out a SemVer-breaking release. I believed all the usages of base64ct were internal to the crate, forgetting the error type was part of the public API.

Anyway, I think yanking the previous releases is sufficient to address this issue, so I'm going to close this.

@tarcieri tarcieri closed this Mar 24, 2021
@trevor-crypto trevor-crypto deleted the patch-1 branch March 24, 2021 15:57
@tarcieri tarcieri mentioned this pull request Mar 27, 2021
Closed
tarcieri added a commit that referenced this pull request Mar 27, 2021
@tarcieri
pbkdf2+scrypt: pin to password-hash v0.1.2
e56fc8e 
We've had some reports of compile errors due to an unexpected
SemVer-breaking change (#147, #150).

This pins the `password-hash` version to one that's guaranteed to be
compatible with the current releases.
@tarcieri tarcieri mentioned this pull request Mar 27, 2021
Merged
tarcieri added a commit that referenced this pull request Mar 27, 2021
@tarcieri
pbkdf2+scrypt: pin to password-hash v0.1.2 (#151)
fd6a7ed 
We've had some reports of compile errors due to an unexpected
SemVer-breaking change (#147, #150).

This pins the `password-hash` version to one that's guaranteed to be
compatible with the current releases.
dns2utf8 pushed a commit to dns2utf8/password-hashes that referenced this pull request Jan 24, 2023
@tarcieri
Merge pull request RustCrypto#147 from RustCrypto/crypto-mac/use-new-…
372e206 
…mac-in-dev-macro

crypto-mac: use NewMac in test macros
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@trevor-crypto @tarcieri