git - When to use "chore" as type of commit message?

ID : 20035

viewed : 30

Tags : gitversion-controlkarma-runnercommit-messageconventional-commitsgit

Top 5 Answer for git - When to use "chore" as type of commit message?

vote vote

91

You can see a short definition in "Git Commit Msg":

chore: updating grunt tasks etc; no production code change

It is used in:

Modifying the .gitignore would be part of the "chores".

"grunt task" means nothing that an external user would see:

  • implementation (of an existing feature, which doesn't involve a fix),
  • configuration (like the .gitignore or .gitattributes),
  • private internal methods...

Although Owen S mentions in the comments:

Looking at the Karma page you link to, I suspect that grunt task may refer specifically to Javascript's build tool grunt.
In which case, they probably didn't have in mind changes involving implementation or private internal methods, but rather tool changes, configuration changes, and changes to things that do not actually go into production at all.
(Our shop currently uses it for those, and also for simple refactoring.)

vote vote

89

vote vote

71

You can comput hashes using MessageDigest, but this is wrong in terms of security. Hashes are not to be used for storing passwords, as they are easily breakable.

You should use another algorithm like bcrypt, PBKDF2 and scrypt to store you passwords. See here.

vote vote

64

You could use Spring Security Crypto (has only 2 optional compile dependencies), which supports PBKDF2, BCrypt, SCrypt and Argon2 password encryption.

Argon2PasswordEncoder argon2PasswordEncoder = new Argon2PasswordEncoder(); String aCryptedPassword = argon2PasswordEncoder.encode("password"); boolean passwordIsValid = argon2PasswordEncoder.matches("password", aCryptedPassword); 
SCryptPasswordEncoder sCryptPasswordEncoder = new SCryptPasswordEncoder(); String sCryptedPassword = sCryptPasswordEncoder.encode("password"); boolean passwordIsValid = sCryptPasswordEncoder.matches("password", sCryptedPassword); 
BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder(); String bCryptedPassword = bCryptPasswordEncoder.encode("password"); boolean passwordIsValid = bCryptPasswordEncoder.matches("password", bCryptedPassword); 
Pbkdf2PasswordEncoder pbkdf2PasswordEncoder = new Pbkdf2PasswordEncoder(); String pbkdf2CryptedPassword = pbkdf2PasswordEncoder.encode("password"); boolean passwordIsValid = pbkdf2PasswordEncoder.matches("password", pbkdf2CryptedPassword); 
vote vote

59

You can use the Shiro library's (formerly JSecurity) implementation of what is described by OWASP.

It also looks like the JASYPT library has a similar utility.

Top 3 video Explaining git - When to use "chore" as type of commit message?

Related QUESTION?