It hasn't been updated in a year and there are outstanding security vulnerabilities in its dependencies. I believe there are PRs out there to fix that. Is anyone able to get those pulled in and a successful release going, or should we move away from bcrypt entirely?
It hasn't been updated in a year and there are outstanding security vulnerabilities in its dependencies. I believe there are PRs out there to fix that. Is anyone able to get those pulled in and a successful release going, or should we move away from bcrypt entirely?