- Deprecate unsalted hashes: if such a hash is configured, move it to the legacy hashes setting to still support the existing hashes in the database but hash all passwords from now on with our default, SHA256.
- Extract logic used in SQLite and MySQL for logging and closing SQL objects
- Decided to leave buildAuthFromResultSet methods individually as this might be more implementation-specific
- Rename DataSource#close to DataSource#closeConnection to fix conflict with static import
- Introduce Usage.DEPRECATED to mark the hash algorithms accordingly
- Log warning when such a deprecated hash algorithm is used
- Update hash algorithms doc page
- Do not instantiate classes with instantiation fallback if they have a PostConstruct method - thanks @sgdc3 for the hint
- Change Injector test to check exception messages also
- Implement similar restrictions as prescribed by the PostConstruct documentation:
- Class may have at most one method annotated with PostConstruct
- PostConstruct method must return void
- Javadoc: replace mentions of injector construction where any injection method was meant
- Separate FieldInjection from default fallback for no-Inject public no-args constructor classes
- Make CommandInitializer a normal, instantiable service
- Add various injections instead of fetching through command service
