Closed nathankleyn closed 6 years ago
I'm still concerned by the defaulting to a random salt in both the original issue spec and the PR. It's generally expected that something referred to as a hash would be deterministic. While the shape of the data would remain the same this wouldn't stop a casual observer being confused by the output changing each run.
There's two separate use cases being smushed together here:
Separating the two would also allow us to force a salt when hashing. Keeping the instructions/behaviour simpler.
Sometimes you want to make sure the
hash
action is irreversible and not vulnerable to rainbow table attacks. To support this, it would be useful if one was able to optionally turn on random salts being added to the hash (and perhaps this should be the default, for safety).For example, given the following config and CSV, you'd expect to get the following output:
Config:
Input:
Output:
Where the first column is effectively random, the second column is a deterministic hash, and the third is deterministic but with the salt added as a suffix. That is: