v1.0.0-rc.1 (release candidate)
Pre-release-
IMPORTANT! In previous versions,
nacl.secretbox.open
,nacl.box.open
, andnacl.box.after
returnedfalse
when opening failed (for example, when using incorrect key, nonce, or when input was maliciously or accidentally modified after encryption). This version instead returnsnull
.The usual way to check for this condition:
if (!result) { ... }
is correct and will continue to work.
However, direct comparison with
false
:if (result == false) { ... }
it will no longer work and will not detect failure. Please check your code for this condition.
(
nacl.sign.open
always returnednull
, so it is not affected.) -
Arguments type check now uses
instanceof Uint8Array
instead ofObject.prototype.toString
. -
Removed deprecation checks for
nacl.util
(moved to a
separate package in v0.14.0). -
Removed deprecation checks for the old signature API (changed in v0.10.0).
-
Improved benchmarking.