Libraries: Update zxcvbn from version 1.0 to 4.4.1

This includes masses of bug fixes, as well as tweaks to how passwords are scored. QUnit tests have been updated to reflect tha scoring changes. Full changelog: https://github.com/dropbox/zxcvbn/compare/v1.0...v4.4.1 Fixes #31647. git-svn-id: https://develop.svn.wordpress.org/trunk@39596 602fd350-edb4-49c9-b593-d223f7449a82
2016-12-13 11:22:28 +00:00 · 2016-12-13 11:22:28 +00:00 · 25330a0220
commit 25330a0220
parent 9bf4440213
2 changed files with 51 additions and 66 deletions
--- a/src/wp-includes/js/zxcvbn.min.js
+++ b/src/wp-includes/js/zxcvbn.min.js
--- a/tests/qunit/wp-admin/js/password-strength-meter.js
+++ b/tests/qunit/wp-admin/js/password-strength-meter.js
@ -39,39 +39,40 @@ jQuery( function() {
 		var passwords, i;
 		passwords = [
 			{ pw: 'zxcvbn', score: 0 },
-			{ pw: 'qwER43@!', score: 1 },
+			{ pw: 'qwER43@!', score: 2 },
 			{ pw: 'Tr0ub4dour&3', score: 2 },
 			{ pw: 'correcthorsebatterystaple', score: 4 },
 			{ pw: 'coRrecth0rseba++ery9.23.2007staple$', score: 4 },
-			{ pw: 'D0g..................', score: 0 },
-			{ pw: 'abcdefghijk987654321', score: 0 },
-			{ pw: 'neverforget13/3/1997', score: 2 },
+			{ pw: 'D0g..................', score: 1 },
+			{ pw: 'abcdefghijk987654321', score: 1 },
+			{ pw: 'neverforget13/3/1997', score: 3 },
 			{ pw: '1qaz2wsx3edc', score: 0 },
 			{ pw: 'temppass22', score: 1 },
-			{ pw: 'briansmith', score: 0 },
-			{ pw: 'briansmith4mayor', score: 0 },
+			{ pw: 'briansmith', score: 1 },
+			{ pw: 'briansmith4mayor', score: 4 },
 			{ pw: 'password1', score: 0 },
 			{ pw: 'viking', score: 0 },
 			{ pw: 'thx1138', score: 0 },
-			{ pw: 'ScoRpi0ns', score: 0 },
-			{ pw: 'do you know', score: 0 },
-			{ pw: 'ryanhunter2000', score: 0 },
-			{ pw: 'rianhunter2000', score: 1 },
-			{ pw: 'asdfghju7654rewq', score: 2 },
-			{ pw: 'AOEUIDHG&*()LS_', score: 2 },
+			{ pw: 'ScoRpi0ns', score: 1 },
+			{ pw: 'do you know', score: 3 },
+			{ pw: 'ryanhunter2000', score: 3 },
+			{ pw: 'rianhunter2000', score: 3 },
+			{ pw: 'asdfghju7654rewq', score: 3 },
+			{ pw: 'AOEUIDHG&*()LS_', score: 3 },
 			{ pw: '12345678', score: 0 },
-			{ pw: 'defghi6789', score: 0 },
+			{ pw: 'defghi6789', score: 1 },
 			{ pw: 'rosebud', score: 0 },
 			{ pw: 'Rosebud', score: 0 },
 			{ pw: 'ROSEBUD', score: 0 },
 			{ pw: 'rosebuD', score: 0 },
-			{ pw: 'ros3bud99', score: 0 },
-			{ pw: 'r0s3bud99', score: 0 },
-			{ pw: 'R0$38uD99', score: 1 },
-			{ pw: 'verlineVANDERMARK', score: 1 },
-			{ pw: 'eheuczkqyq', score: 4 },
+			{ pw: 'ros3bud99', score: 1 },
+			{ pw: 'r0s3bud99', score: 1 },
+			{ pw: 'R0$38uD99', score: 2 },
+			{ pw: 'verlineVANDERMARK', score: 4 },
+			{ pw: 'eheuczkqyq', score: 3 },
 			{ pw: 'rWibMFACxAUGZmxhVncy', score: 4 },
-			{ pw: 'Ba9ZyWABu99[BK#6MBgbH88Tofv)vs$w', score: 4 }
+			{ pw: 'Ba9ZyWABu99[BK#6MBgbH88Tofv)vs$w', score: 4 },
+			{ pw: 'foo foo foo foo', score: 2 }
 		];

 		for ( i = 0; i < passwords.length; i++ ) {
@ -81,9 +82,9 @@ jQuery( function() {

 	test( 'blacklisted words in password should be penalized', function() {
 		var allowedPasswordScore, penalizedPasswordScore,
-			allowedPassword   = 'a[janedoe]4',
-			penalizedPassword = 'a[johndoe]4',
-			blacklist         = [ 'extra', 'johndoe', 'superfluous' ];
+			allowedPassword   = 'a[janedoefoe]4',
+			penalizedPassword = 'a[johndoefoe]4',
+			blacklist         = [ 'extra', 'johndoefoe', 'superfluous' ];

 		allowedPasswordScore = passwordStrength( allowedPassword, blacklist, allowedPassword );
 		penalizedPasswordScore = passwordStrength( penalizedPassword, blacklist, penalizedPassword );