From 79ceaa9822ae75aaac111130625edfaf39696f33 Mon Sep 17 00:00:00 2001 From: Hynek Schlawack Date: Tue, 16 Apr 2024 08:45:47 +0200 Subject: [PATCH] Move bw policy where it belongs --- .github/SECURITY.md | 3 +++ CHANGELOG.md | 13 +------------ 2 files changed, 4 insertions(+), 12 deletions(-) diff --git a/.github/SECURITY.md b/.github/SECURITY.md index 078b512..4cb4f7b 100644 --- a/.github/SECURITY.md +++ b/.github/SECURITY.md @@ -8,6 +8,9 @@ Therefore, we only support the latest version. That said, you shouldn't be afraid to upgrade if you're only using our documented public APIs and pay attention to `DeprecationWarning`s. Whenever there is a need to break compatibility, it is announced in the changelog and raises a `DeprecationWarning` for a year (if possible) before it's finally really broken. +> [!WARNING] +> What explicitly *may* change over time are the default hashing parameters and the behavior of the [CLI interface](https://argon2-cffi.readthedocs.io/en/stable/cli.html). + ## Security contact information diff --git a/CHANGELOG.md b/CHANGELOG.md index 46c0765..b0f2bc7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,18 +8,7 @@ The **first number** of the version is the year. The **second number** is incremented with each release, starting at 1 for each year. The **third number** is when we need to start branches for older releases (only for emergencies). ---- - -*argon2-cffi* has a very strong backwards-compatibility policy. -Generally speaking, you shouldn't ever be afraid of updating. - -Whenever breaking changes are needed, they are: - -1. …announced here in the changelog. -2. …the old behavior raises a `DeprecationWarning` for a year (if possible). -3. …are done with another announcement in the changelog. - -What explicitly *may* change over time are the default hashing parameters and the behavior of the [CLI interface](https://argon2-cffi.readthedocs.io/en/stable/cli.html). +You can find our backwards-compatibility policy [here](https://github.com/hynek/argon2-cffi/blob/main/.github/SECURITY.md).