[openstreetmap/openstreetmap-website] Drop support for legacy MD5 passwords (PR #7048)
Tom Hughes
notifications at github.com
Thu Apr 30 10:17:19 UTC 2026
@tomhughes commented on this pull request.
> @@ -40,6 +34,10 @@ def self.upgrade?(hash, _salt)
true
end
+ def self.valid?(hash, salt)
+ Argon2::HashFormat.valid_hash?(hash) || salt&.include?("!")
That's the PBKDF2 passwords which were used between MD5 and Argon2 and the `test_pbkdf2_...` tests should be testing them?
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/7048#discussion_r3167205145
You are receiving this because you are subscribed to this thread.
Message ID: <openstreetmap/openstreetmap-website/pull/7048/review/4204296751 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20260430/e46cfadd/attachment.htm>
More information about the rails-dev
mailing list