Maybe call the gem pwnedpasswords to reflect that it's a client for api.pwnedpasswords.com?
More generally speaking, it would be nice to be consistent with whether we say the password has been "pwned" (as used in the upstream API, "used" (password_used), "breached", or "compromised". Which nomenclature is better, and why?
Maybe call the gem
pwnedpasswordsto reflect that it's a client forapi.pwnedpasswords.com?More generally speaking, it would be nice to be consistent with whether we say the password has been "pwned" (as used in the upstream API, "used" (
password_used), "breached", or "compromised". Which nomenclature is better, and why?