bcrypt is a Python library for hashing passwords using the bcrypt algorithm. It’s useful when you need secure password hashing in Python applications.
Project status
- Actively maintained: Evidence shows ongoing work in native backend and Python compatibility (Rust and PyO3 updates, expanded Python 3.13/3.14 and free-threaded build coverage), with a recent upstream push on 2026-05-11 and a recent tagged update (5.0.0 on 2025-09-25).
- Apparent update cadence: Updates appear fairly regular, with roughly 3 months between 4.2.1 (2024-11-19) and 4.3.0 (2025-02-28), then about 7 months from 4.3.0 (2025-02-28) to 5.0.0 (2025-09-25).
AI summary generated 2 weeks ago
Recent updates
5.0.0
8 months agoRelease notes only announce version 5.0.0 and do not provide a written changelog. The code diff shows a maintenance-heavy release, with a pyo3 and Rust toolchain refresh, expanded Python 3.14 and free-threaded build coverage, and a user-visible change to bcrypt password handling.
Features4.3.0
2/28/2025The 4.3.0 release is mostly a maintenance and packaging refresh, and the published notes are effectively minimal. The code diff shows updated Rust and PyO3 dependencies, broader wheel and CI coverage, free-threaded Python 3.13 support, and stricter salt validation in the bcrypt extension.
Features4.2.1
11/19/2024Release 4.2.1 is mostly a maintenance and infrastructure update for the native bcrypt extension. The Rust and PyO3 dependency stack was refreshed, CI and publishing workflows were modernized, and build coverage shifted toward Python 3.13. The published release notes contain no substantive changelog entries, so the code diff is the real source of truth.
4.2.0
7/22/2024Release 4.2.0 is mostly a maintenance and packaging update, with the native extension migrated to PyO3 0.22.2 and the CI and release workflows refreshed. The published notes are effectively empty, so the meaningful changes come from the code diff, especially a tightened `kdf` argument type and updated build and publishing automation.
4.1.3
5/4/2024Release notes for 4.1.3 contain only version metadata, but the diff shows a major internal rewrite. The package now ships a Rust and PyO3 native backend, refreshed Cargo dependencies, typed Python stubs, and new CI and wheel-building automation.
v1.1.1
3/14/2015This release appears to be a small maintenance update with no substantive release notes beyond the version bump. The code changes update project metadata and CI configuration, and add a new runtime validation that rejects passwords containing NUL bytes.
v1.1.0
12/6/2014v1.1.0 is mostly an internal refresh of bcrypt's native backend and packaging. The vendored crypt_blowfish implementation was upgraded from 1.2 to 1.3, which adds $2b$ prefix compatibility, and the Python wrapper was refactored to lazily load a precompiled CFFI module instead of compiling on import. CI and test tooling were also expanded to cover newer interpreters and linting.
Featuresv1.0.2
5/19/2013Release v1.0.2 appears to be a minimal maintenance release. The release notes provide no substantive details beyond the version bump, while the code diff shows an internal change to the bcrypt C backend for 32-bit x86 builds.
v1.0.1
5/11/2013v1.0.1 is a patch release with no written changelog beyond the version bump. The code shows internal packaging and build changes around bcrypt's CFFI backend, including deterministic module naming and a new build-time dependency on cffi.
v1.0.0
5/11/2013No release notes content was provided for v1.0.0, so the specific code or API changes cannot be determined from the information available. As a result, potential breaking changes, bug fixes, security updates, and migration steps cannot be reliably extracted.