Skip to content

BisonDB v1.1.0

Choose a tag to compare

View all tags
@Abdullah-Masood-05 Abdullah-Masood-05 released this 14 Jun 11:29
· 6 commits to main since this release
v1.1.0
699ee93

Authentication (wire protocol v2)

BisonDB now requires every connection to authenticate before any data command.

⚠️ No TLS yet — the transport is UNENCRYPTED. Credentials and data travel in clear text. Use only on loopback or a trusted LAN until the TLS phase ships.

Highlights

  • Users & rolesread / readWrite / admin, enforced by a central capability guard.
  • Argon2id password hashing (memory-hard, via Monocypher) with per-user salts; plaintext is never stored. 256-bit session tokens; only a BLAKE2b-256 hash is kept in memory.
  • Wire protocol → v2: authenticate, authenticateToken, logout, createUser, dropUser, changePassword, listUsers; new AuthRequired / AuthFailed / Forbidden / TokenExpired codes; serverStatus.security block. Breaking for v1 clients.
  • First-run bootstrap: bisond --init-admin <user> (password from $BISONDB_ADMIN_PASSWORD), a one-time stderr bootstrap token, or the offline bisonc auth create-admin.
  • Clients: bisonsh gains --username/--token and auth ... meta-commands; bisonc remote commands accept --username/--token.

See docs/protocol.md and the Security page.

Download

bisondb-1.1.0-windows-x64.zip — statically linked bisond / bisonsh / bisonc (only Windows system DLLs; no runtime to install).

Assets 3
Loading