sebbASF commented on PR #300: URL: https://github.com/apache/commons-codec/pull/300#issuecomment-2258130887
I've added some more tests to CryptTest based on the Javadoc. Some fail if the RE is terminated after the salt characters. The Javadoc says that '$' will terminate the salt. At present arbitrary characters such as '%' will silently terminate the salt; this seems wrong. But equally disallowing the '$hash' suffix is wrong. An alternative might be to allow an optional '$' followed by any characters. For example, replace '.*' at the end of the RE with '($|\\$.*)' -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
