serialize: salt option is required but the spec says it is optional

[mattmahn]

The specification says that the salt option is optional:

optionally, a $ sign followed by the (encoded) salt value;

However, this package requires it to be defined to output the hash.

Here's an example:

#!/usr/bin/env node
const crypto = require('node:crypto')
const phc = require('@phc/format')

const hbuf = crypto.createHash('sha256').update('asdf').digest()

console.log(phc.serialize({
    id: 'sha256',
    // salt: Buffer.alloc(0),
    hash: hbuf,
}))

I expect this to print $sha256$8OTC92xYkW7CWPJGhRvqCR0U1CR6L8PhhpRGGxgW4Ts, but it only prints $sha256.
I need to specify a salt to get the hash to print. (Also note that un-commenting the salt line will serialize with a zero-length salt, i.e., $sha256$$ prefix.)

[simonepri]

My memory might be a little rusty on this, as I wrote it 4y+ ago, but I think it was a concoius decision to limit the API as I didn't forsee the use case you are describing.

I found P-H-C/phc-string-format#3, so I guess I did think about whether to make it optional or not, and I preferred to play it safe I guess.

Feel free to contribute and change this, I'll be happy to review it.

[ephphatha]

This is intended from what I can see of the phc-sf spec

...the hash output may be present only if the salt is present

For an unsalted function a minimum length of 0 bytes is valid for the salt, which gives the $<id>$$<hash> string observed.