Some advices and resources

[arku3]

1. From OWASP Password Storage Cheatsheet: Argon2 > scrypt > bcrpyt
2. Bun.password default use Argon2id reference, not bcrypt
3. Node have built-in support for scrypt, for Argon2, consider @node-rs/argon2.

I do want to create a pull request, but I do not quite understand how you would like to organize the info and code example. Maybe all files should be in .md and just use code block?

[louislam]

1. Yes, I actually want to include three of them for each language. Maybe I should finish one language for your reference first.
2. Oops, I will update it.
3. That's really nice.

The repo structure is as follows:

First level (/)

Contains a list of directories, where each directory name is the name of a language or runtime name.

/
├── PHP
├── Bun
├── Java

Second level (e.g. /Bun/)

Contains source files, dependency files (Optional) and README.md (Optional).

In the case of Bun, it should contain at least one of the following files:

bcrypt.js scrypt.js argon2.js

If there are variations, the filename format should follow {algo}-{variation}.js. For example:

bcrypt-async-callback.js bcrypt-async-promise.js bcrypt-sync.js scrypt-async-callback.js scrypt-async-promise.js scrypt-sync.js argon2-async-callback.js argon2-async-promise.js argon2-sync.js

Inside a source file

Each source file should provide code blocks for both hash and verify. The file should be able to be compiled or executed.

An example for Bun:

// Hash
// TODO

// Verify
// TODO

[louislam]

Since there is no scrypt algo for Bun, this is an example but without scrypt.js: https://github.com/hkithub-official/no-plaintext-passwords/tree/main/Bun