Skip to content

pbkdf2: remove default simple feature #336

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Aug 30, 2022
Merged

pbkdf2: remove default simple feature #336

merged 2 commits into from
Aug 30, 2022

Conversation

@tarcieri
Copy link
Member

@tarcieri tarcieri commented Aug 29, 2022

I suspect that most users of this crate care about the low-level pbkdf2 API as opposed to the higher-level password hashing API which implements the PHC string format.

The simple API pulls in quite a few dependencies (to the point I'm encountering dependency conflicts).

@tarcieri
pbkdf2: remove default simple feature
77a105b 
I suspect that most users of this crate care about the low-level
`pbkdf2` API as opposed to the higher-level password hashing API which
implements the PHC string format.

The `simple` API pulls in quite a few dependencies (to the point I'm
encountering dependency conflicts).
@tarcieri tarcieri requested a review from newpavlov August 29, 2022 23:10
@tarcieri
Copy link
Member Author

tarcieri commented Aug 29, 2022

Here's an example resolution failure I'm encountering via a transitive dependency:

error: failed to select a version for `base64ct`.
    ... required by package `pem-rfc7468 v0.6.0`
    ... which satisfies dependency `pem-rfc7468 = "^0.6"` of package `der v0.6.0`
    ... which satisfies dependency `der = "^0.6"` of package `ecdsa v0.14.4`
    ... which satisfies dependency `ecdsa = "^0.14"` of package `signatory v0.26.0`
    ... which satisfies dependency `signatory = "^0.26"` of package `iqkms-signing v0.0.0 (/Users/bascule/src/iqlusion/iqkms/iqkms-signing)`
    ... which satisfies path dependency `signing` (locked to 0.0.0) of package `iqkms-ethereum v0.0.0 (/Users/bascule/src/iqlusion/iqkms/iqkms-ethereum)`
    ... which satisfies path dependency `ethereum` (locked to 0.0.0) of package `iqkmsd v0.0.0 (/Users/bascule/src/iqlusion/iqkms/iqkmsd)`
versions that meet the requirements `^1.4` are: 1.5.1, 1.5.2, 1.5.0, 1.4.1

all possible versions conflict with previously selected packages.

  previously selected package `base64ct v1.0.1`
    ... which satisfies dependency `base64ct = ">=1, <1.1.0"` of package `password-hash v0.3.2`
    ... which satisfies dependency `password-hash = "^0.3"` of package `pbkdf2 v0.10.0`
    ... which satisfies dependency `pbkdf2 = "^0.10.0"` of package `eth-keystore v0.4.1`

tarcieri
tarcieri commented Aug 29, 2022
View reviewed changes
pbkdf2/Cargo.toml
[package]
name = "pbkdf2"
version = "0.11.0"
version = "0.12.0-pre"
Copy link
Member Author

@tarcieri tarcieri Aug 29, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In addition to this change, I think we're about due for another release of password-hash

newpavlov
newpavlov approved these changes Aug 30, 2022
View reviewed changes
Copy link
Member

@newpavlov newpavlov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you also update changelog for pbkdf2? Also, I think it could be worth to include some ideas mentioned in #335. I may create a PR for it a bit later.

@tarcieri
Copy link
Member Author

tarcieri commented Aug 30, 2022

Sure. I'm in no rush to get another release out, so I think exploring some of the ideas from #335 would be great.

@tarcieri tarcieri merged commit 3c5c37f into master Aug 30, 2022
@tarcieri tarcieri deleted the pbkdf2/remove-default-simple-feature branch August 30, 2022 15:31
@tarcieri tarcieri mentioned this pull request Mar 5, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@newpavlov newpavlov newpavlov approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@tarcieri @newpavlov