gchan / password_blocklist Goto Github PK

This:

PasswordBlacklist::Checker.new.blacklisted? ')'

will cause a

RegexpError: unmatched close parenthesis: /)/

Similarly

PasswordBlacklist::Checker.new.blacklisted? '.*'

Always returns true because of it is not interpreted as a verbatim string.

Could you please use

/#{Regexp.quote(password.to_s)}/

In your check?

Thank you!

Current thoughts on how to rename this RubyGem 💭

• Maintain functionality of published gems - do not break projects that depend on this library
  • Allow people to use the existing published gems (no yanking)
• Encourage folks to use the renamed version of the gem
  • Release one last version of the current named gem with a deprecation notice? e.g. print to stdout a friendly message?
• Provide an easy migration process
  • Unix script to do a find and replace. e.g. sed
• Reserve the new name of the RubyGem by publishing a pre version
• Consider the process factory_bot underwent. What went well, what didn't?

FYI,

This project may be of use to you...
https://github.com/berzerk0/Probable-Wordlists

I ended up creating a similar tool for one of my projects that uses the larger and more comprehensive word lists found here: https://github.com/berzerk0/Probable-Wordlists.

Dealing with such large lists is problematic because of their sheer size as this will require loading a large number of strings into memory or doing an operating system level comparison on the file. I found that I could get reasonable performance by recognizing that a large number of the words in the large lists were invalid due to other restrictions (i.e., not long enough, no number, no symbol, etc...).