vanackere
commented
5 years ago You're right... but this is not really a copy-paste error: the reference dropbox/zxcvbn coffeescript code uses the same array for both layout. I also noticed this during development of this library - therefore the two separate - but identical - entries, but we want to keep the exact same scoring as upstream, including potential bugs like this unfortunately...
https://github.com/dropbox/zxcvbn/blob/master/src/matching.coffee#L239
You might want to open a bug against the dropbox project, once fixed there I will gladly update the shiftedChars with the proper value.
Also the library currently misses proper AZERTY support (like upstream) and this should ideally be fixed in the dropbox project first. We might consider implementing changes not compatible with upstream, protected by a global option in the library.
It looks like there is a copy/paste error where devorak has the same
shiftedCharsas QWERTY.