Jacques1
Results
2
issues of
Jacques1
Why is `null` or a boolean a valid salt? Sure, it will be caught later by the length check, but that's only because those values happen to have a string...
If the custom salt contains a character which isn't a valid bcrypt Base64 digit, the library will silently encode the salt. This is a huge problem. If the salt is...