Sebb

The proposed RE does not work because it does not allow for truncating the salt after 16 characters, as per the following test failures: Sha256CryptTest.testSha256CryptStrings:63 » IllegalArgument Invalid salt value:...

> Both of the above salt values are wrong. Not so, see below. > We need the salt to be 16 bytes or less Agreed. The JavaDoc for Crypt includes...

If the extra validation rejects a mismatched prefix, that may cause an application to fail. Also the PR does not address the original reason for the Jira, i.e. the salt...

Is it really necessary to have a separate class for each country? Also DE has a test class but no main class

Is the new NL VAT validation scheme officially documented anywhere? It seems to me that even with access to official documentation, it is going to be a mammoth job keeping...

It's still going to be a lot of work for the limited pool of Commons developers. Also, although the code can do basic syntax and structure validation, it does not...

I agree that testing the checksums and structure of VAT numbers will allow the removal of incorrect numbers, however it won't prove that they were ever valid, only that they...

I think it is vital to include links to the official documentation of the validation requirements in each national class. The Wikipedia pages are useful, but they are not normative,...

There are some classes with logging, but not all. What determines whether logging is used? Is it really needed?

Logging can be completely disabled, so should not be essential to the functioning of a class. In this case, the log messages are directly associated with an exception (apart from...