v0.3.2 - 2022-11-18

Changed

• deps: updates to golang.org/x/[email protected].
• .github: adjusts dependabot to file version updates against development.

Full Changelog: https://github.com/matthewhartstonge/argon2/compare/v0.3.1...v0.3.2

v0.3.1 - 2022-11-10

Changed

• deps: updates to golang.org/x/[email protected].

Full Changelog: https://github.com/matthewhartstonge/argon2/compare/v0.3.0...v0.3.1

v0.3.0 - 2022-11-05

Added

• .github: adds support for github actions, codeowners and dependabot.

Changed

• deps: updates to [email protected] and golang.org/x/[email protected].
• readme: update badges and remove references to travis ci.
• *: update project licensing.

Fixed

• argon2: fixes grammar and comment line length.

Removed

• dep: removes support for dep.
• travis: removes travis configuration.

Full Changelog: https://github.com/matthewhartstonge/argon2/compare/v0.2.1...v0.3.0

v0.2.1 - 2022-02-22

GPG signed release of v0.2.0.

Added

• tests: adds benchmarks to compare the default recommendations.

Changed

• travis: updates to test against [email protected].
• deps: updates go.mod to [email protected] and x/crypto to latest. (Thanks @ricochet! 🎉)
• explicitly ignores returned error values under benchmarks (errcheck).
• argon2: updates recommended defaults as described by RFC9106.

v0.1.5 - 2021-08-06

Changed

• travis: require go >= v1.9
• deps: bumps to the latest version of golang.org/x/crypto.
  • Upgrades to mitigate users importing a vulnerable version of golang.org/x/crypto/ssh that contains CVE-2020-9283.
  • Upgrades to mitigate users importing a vulnerable version of golang.org/x/text that contains CVE-2020-14040.
• travis: updated to test against go 1.12+, migrates to go mod for dependency management.
• travis: forces use of go modules under ci.
• travis: sets [email protected] as the lowest supported go mod version due to a change in go build.

re-release of v0.1.3, but fixes bad gpg signing of commits.

v0.1.3 - 2020-05-22

Changed

• deps: updated x/crypto@master to point to latest commit.
  • This is mainly to mitigate users from CVEs in other x/crypto implementations, namely CVE-2020-7919 (cryptobyte) and CVE-2020-9283 (ssh).
• readme: added a tl;dr section, updated benchmarks.
• readme: show example of the encoded argon2 string.

Removed

• argon2_test: removed bench marking against native bindings to remove dependencies (lhecker/argon2) under go mod.

v0.1.2 - 2018-09-18

Changed

• SecureZeroMemory: Updated to match upstream for improved performance.
• deps: Updated to support dep v0.5.0
• readme: Update with new benchmark stats due to SecureZeroMemory performance tweak.

Fixed

• readme: Fixed the filepath for the example go run command.

v0.1.1 - 2018-06-14

Changed

• deps: unpinned golang.org/x/crypto