haveibeenpwned v0.2.0.0 Release Notes
Release Date: 2020-11-18 // over 3 years ago-
0.2.0.0
- 💥 Breaking change in order to make the API and the implementation more secure.
- There is a new HaveIBeenPwnedResult_Secure constructor which signals that the given password was not found in any database.
- The
HaveIBeenPwnedResult_Disclosed
constructor has been renamed toHaveIBeenPwnedResult_Pwned
, as its behaviour changed. (Valid passwords are no longer signalled by this constructor.)
- 🔒 Also internally, a "not found in database" is no longer represented as a disclosed count of zero. This improves security in the case of an incorrect database entry, having a disclosed count of 0, which would make this library report that password as "secure", although it actually has been leaked.
- 💥 Breaking change in order to make the API and the implementation more secure.