Revision history for haveibeenpwned
0.2.0.1
- Add readme to extra-source-files so that it appears on hackage
0.2.0.0
- Breaking change in order to make the API and the implementation more secure.
- There is a new HaveIBeenPwnedResult_Secure constructor which signals that the given password was not found in any database.
- The
HaveIBeenPwnedResult_Disclosed
constructor has been renamed to HaveIBeenPwnedResult_Pwned
, as its behaviour changed. (Valid passwords are no longer signalled by this constructor.)
- Also internally, a "not found in database" is no longer represented as a disclosed count of zero. This improves security in the case of an incorrect database entry, having a disclosed count of 0, which would make this library report that password as "secure", although it actually has been leaked.
0.1.0.0