#25926 closed defect (bug) (fixed)
Source code is not included for the zxcvbn library
Reported by: | Denis-de-Bernardy | Owned by: | nacin |
---|---|---|---|
Milestone: | 3.8 | Priority: | normal |
Severity: | blocker | Version: | 3.7.1 |
Component: | External Libraries | Keywords: | |
Focuses: | Cc: |
Description
While scanning the code base wondering if a js-based sha1 implementation was already included, I ran into the zxcvbn library — minified, unreadable, and undocumented.
Admittedly, searching trac quickly led me to r25156 and a link to the original files. But for a moment, I genuinely wondered if it was something malicious that crept into my wp-includes folder.
We should add some kind of comment in there to say what it is and where it comes from. Or maybe a zxcvbn.txt file with a note so we don't need to keep the lines around when it gets updated. *Something* — if only to comply with the GPL.
Change History (11)
#2
@
10 years ago
- Summary changed from No source code is not included for the zxcvbn library to Source code is not included for the zxcvbn library
#5
@
10 years ago
It's MIT as per https://github.com/lowe/zxcvbn/blob/master/LICENSE.txt
#6
in reply to:
↑ 4
@
10 years ago
Replying to georgestephanis:
I'd rather see a small comment at the top of the file, like for http://develop.svn.wordpress.org/trunk/src/wp-includes/js/jquery/jquery.js
Note the /*! at the beginning of the comment. It tells yui to not strip that particular comment. Not sure Dropbox adheres to the convention. (Someone could always ask them to, mind you.)
But whichever way is decided, this must be fixed before the next release, to comply with the GPL.
#7
@
10 years ago
We could just add a zxcvbn_license.txt in the same folder with the contents from: https://github.com/lowe/zxcvbn/blob/master/LICENSE.txt
#10
@
10 years ago
I will do more than [26629] soon; we're going to start to include things in develop.svn versus code.svn.wordpress.org/wordpress-sources
I'd rather see a small comment at the top of the file, like for http://develop.svn.wordpress.org/trunk/src/wp-includes/js/jquery/jquery.js