nanoid 1.0.7 → 1.2.1

package/CHANGELOG.md

@@ -1,6 +1,23 @@
 # Change Log
 This project adheres to [Semantic Versioning](http://semver.org/).
 
+## 1.2.1
+* Fix old Node.js support.
+
+## 1.2
+* Add `nanoid/async`.
+* Fix `nanoid/non-secure` JSDoc.
+* Add Chinese documentation (by Wenliang Dai).
+* Speed up and reduce size of `nanoid/non-secure` (by Ori Livni).
+
+## 1.1.1
+* Improve performance and reduce size of non-secure ID generator.
+
+## 1.1
+* Add non-secure ID generator.
+* Suggest to use non-secure ID generator for React Native developers.
+* Reduce size.
+
 ## 1.0.7
 * Fix documentation.
 

package/README.md

@@ -3,23 +3,23 @@
 <img src="https://ai.github.io/nanoid/logo.svg" align="right"
      alt="Nano ID logo by Anton Lovchikov" width="180" height="94">
 
-A tiny, secure, URL-friendly, unique string ID generator for JavaScript.
+A tiny, secure, URL-friendly, unique string ID generator for JavaScript.
 
 **Safe.** It uses cryptographically strong random APIs
-and tests distribution of symbols.
+and tests distribution of symbols.
 
-**Small.** 146 bytes (minified and gzipped). No dependencies.
-It uses [Size Limit] to control size.
+**Small.** 145 bytes (minified and gzipped). No dependencies.
+It uses [Size Limit] to control size.
 
-**Compact.** It uses a larger alphabet than UUID (`A-Za-z0-9_~`).
-As result it could reduce ID size from 36 to 21 symbols.
+**Compact.** It uses a larger alphabet than UUID (`A-Za-z0-9_~`).
+As result it could reduce ID size from 36 to 21 symbols.
 
 ```js
 var nanoid = require('nanoid')
 model.id = nanoid() //=> "V1StGXR8_Z5jdHi6B~myT"
 ```
 
-The generator supports Node.js and [all browsers] starting from IE 11.
+The generator supports Node.js, React Native, and [all browsers].
 
 [all browsers]: http://caniuse.com/#feat=getrandomvalues
 [Size Limit]:   https://github.com/ai/size-limit
@@ -50,7 +50,7 @@ The spread will not be even; there will be a lower chance for some symbols
 to appear compared to others—so it will reduce the number of tries
 when brute-forcing.
 
-Nano ID uses a [better algorithm] and is tested for uniformity:
+Nano ID uses a [better algorithm] and is tested for uniformity.
 
 <img src="img/distribution.png" alt="Nano ID uniformity"
      width="340" height="135">
@@ -73,17 +73,26 @@ There are two main differences between Nano ID and UUID v4:
 1. Nano ID uses a bigger alphabet, so a similar number of random bits
    are packed in just 21 symbols instead of 36.
 2. Nano ID code is 3 times less than `uuid/v4` package:
-   146 bytes instead of 435.
+   145 bytes instead of 435.
 
 
 ## Benchmark
 
 ```
-$ ./benchmark
-nanoid          332,991 ops/sec
-nanoid/generate 326,636 ops/sec
-uuid/v4         315,344 ops/sec
-shortid         33,717 ops/sec
+$ ./test/benchmark
+nanoid                354,201 ops/sec
+nanoid/generate       348,467 ops/sec
+uid.sync              325,347 ops/sec
+uuid/v4               322,328 ops/sec
+shortid                33,277 ops/sec
+
+Async:
+uid                    71,998 ops/sec
+nanoid/async           72,836 ops/sec
+
+Non-secure:
+rndm                2,495,324 ops/sec
+nanoid/non-secure   2,746,033 ops/sec
 ```
 
 
@@ -95,7 +104,7 @@ The main module uses URL-friendly symbols (`A-Za-z0-9_~`) and returns an ID
 with 21 characters (to have a collision probability similar to UUID v4).
 
 ```js
-var nanoid = require('nanoid')
+const nanoid = require('nanoid')
 model.id = nanoid() //=> "Uakgb_J5m9g~0JDMbcJqLJ"
 ```
 
@@ -103,7 +112,7 @@ Symbols `-,.()` are not encoded in the URL. If used at the end of a link
 they could be identified as a punctuation symbol.
 
 If you want to reduce ID length (and increase collisions probability),
-you can pass the length as an argument:
+you can pass the length as an argument.
 
 ```js
 nanoid(10) //=> "IRFa~VaY2b"
@@ -112,7 +121,41 @@ nanoid(10) //=> "IRFa~VaY2b"
 Don’t forget to check safety of your ID length
 in our [ID collision probability] calculator.
 
-[ID collision probability]: https://alex7kom.github.io/nano-nanoid-cc/
+[ID collision probability]: https://zelark.github.io/nano-id-cc/
+
+
+### React Native and Web Workers
+
+React Native and Web Worker don’t have access to secure random generator.
+
+Security is important in ID, when ID should be unpredictable. For instance,
+in “access by URL” link generation.
+
+If you don’t need unpredictable IDs, but you need React Native
+or Web Workers support, you can use non‑secure ID generator.
+
+```js
+const nanoid = require('nanoid/non-secure')
+model.id = nanoid() //=> "Uakgb_J5m9g~0JDMbcJqLJ"
+```
+
+
+## Async
+
+To generate hardware random bytes, CPU will collect electromagnetic noise.
+During the collection, CPU doesn’t work. So if we will use asynchronous API
+for hardware random generator, your other code could be executed during
+the entropy collection.
+
+```js
+const nanoid = require('nanoid/async')
+nanoid.then(id => {
+  model.id = id
+})
+```
+
+Unfortunately, you will not have any benefits in browser, since Web Crypto API
+doesn’t have asynchronous API.
 
 
 ### Custom Alphabet or Length
@@ -121,18 +164,17 @@ If you want to change the ID's alphabet or length
 you can use the low-level `generate` module.
 
 ```js
-var generate = require('nanoid/generate')
+const generate = require('nanoid/generate')
 model.id = generate('1234567890abcdef', 10) //=> "4f90d13a42"
 ```
 
 Check safety of your custom alphabet and ID length
 in our [ID collision probability] calculator.
+You can find popular alphabets in [`nanoid-dictionary`].
 
 Alphabet must contain 256 symbols or less.
 Otherwise, the generator will not be secure.
 
-You can find popular alphabets in [`nanoid-dictionary`].
-
 [ID collision probability]: https://alex7kom.github.io/nano-nanoid-cc/
 [`nanoid-dictionary`]:      https://github.com/CyberAP/nanoid-dictionary
 
@@ -143,11 +185,13 @@ You can replace the default safe random generator using the `format` module.
 For instance, to use a seed-based generator.
 
 ```js
-var format = require('nanoid/format')
+const format = require('nanoid/format')
 
 function random (size) {
-  var result = []
-  for (var i = 0; i < size; i++) result.push(randomByte())
+  const result = []
+  for (let i = 0; i < size; i++) {
+    result.push(randomByte())
+  }
   return result
 }
 
@@ -158,10 +202,10 @@ format(random, "abcdef", 10) //=> "fbaefaadeb"
 with random numbers.
 
 If you want to use the same URL-friendly symbols with `format`,
-you can get the default alphabet from the `url` module:
+you can get the default alphabet from the `url` file.
 
 ```js
-var url = require('nanoid/url')
+const url = require('nanoid/url')
 format(random, url, 10) //=> "93ce_Ltuub"
 ```
 
@@ -171,10 +215,12 @@ format(random, url, 10) //=> "93ce_Ltuub"
 * [ID size calculator] to choice smaller ID size depends on your case.
 * [`nanoid-dictionary`] with popular alphabets to use with `nanoid/generate`.
 * [`nanoid-cli`] to generate ID from CLI.
+* [`nanoid-good`] to be sure that your ID doesn't contain any obscene words.
 
 [`nanoid-dictionary`]: https://github.com/CyberAP/nanoid-dictionary
-[ID size calculator]:  https://alex7kom.github.io/nano-nanoid-cc/
+[ID size calculator]:  https://zelark.github.io/nano-id-cc/
 [`nanoid-cli`]:        https://github.com/twhitbeck/nanoid-cli
+[`nanoid-good`]:       https://github.com/y-gagar1n/nanoid-good
 
 
 ## Other Programming Languages

package/async.browser.js

@@ -0,0 +1,13 @@
+var crypto = self.crypto || self.msCrypto
+
+var url = '_~getRandomVcryp0123456789bfhijklqsuvwxzABCDEFGHIJKLMNOPQSTUWXYZ'
+
+module.exports = function (size) {
+  size = size || 21
+  var id = ''
+  var bytes = crypto.getRandomValues(new Uint8Array(size))
+  while (0 < size--) {
+    id += url[bytes[size] & 63]
+  }
+  return Promise.resolve(id)
+}

package/async.js

@@ -0,0 +1,54 @@
+var crypto = require('crypto')
+
+var url = require('./url')
+
+/**
+ * Generate secure URL-friendly unique ID. Non-blocking version.
+ *
+ * By default, ID will have 21 symbols to have a collision probability similar
+ * to UUID v4.
+ *
+ * @param {number} [size=21] The number of symbols in ID.
+ * @param {function} callback for environments without `Promise`.
+ *
+ * @return {Promise} Promise with random string.
+ *
+ * @example
+ * const nanoidAsync = require('nanoid/async')
+ * nanoidAsync.then(id => {
+ *   model.id = id
+ * })
+ *
+ * @name async
+ * @function
+ */
+module.exports = function (size, callback) {
+  size = size || 21
+  if (callback) {
+    crypto.randomBytes(size, function (err, bytes) {
+      if (err) {
+        callback(err)
+      } else {
+        var id = ''
+        while (0 < size--) {
+          id += url[bytes[size] & 63]
+        }
+        callback(null, id)
+      }
+    })
+  } else {
+    return new Promise(function (resolve, reject) {
+      crypto.randomBytes(size, function (err, bytes) {
+        if (err) {
+          reject(err)
+        } else {
+          var id = ''
+          while (0 < size--) {
+            id += url[bytes[size] & 63]
+          }
+          resolve(id)
+        }
+      })
+    })
+  }
+}

package/format.js

@@ -11,11 +11,13 @@
  * @return {string} Random string.
  *
  * @example
- * var format = require('nanoid/format')
+ * const format = require('nanoid/format')
  *
  * function random (size) {
- *   var result = []
- *   for (var i = 0; i < size; i++) result.push(randomByte())
+ *   const result = []
+ *   for (let i = 0; i < size; i++) {
+ *     result.push(randomByte())
+ *   }
  *   return result
  * }
  *

package/generate.js

@@ -13,7 +13,7 @@ var format = require('./format')
  * @return {string} Unique ID.
  *
  * @example
- * var generate = require('nanoid/generate')
+ * const generate = require('nanoid/generate')
  * model.id = generate('0123456789абвгдеё', 5) //=> "8ё56а"
  *
  * @name generate

package/index.browser.js

@@ -1,3 +1,12 @@
+if (process.env.NODE_ENV !== 'production') {
+  if (typeof self === 'undefined' || (!self.crypto && !self.msCrypto)) {
+    throw new Error(
+      'Your browser does not have secure random generator. ' +
+      'If you don’t need unpredictable IDs, you can use nanoid/non-secure.'
+    )
+  }
+}
+
 var crypto = self.crypto || self.msCrypto
 
 var url = '_~getRandomVcryp0123456789bfhijklqsuvwxzABCDEFGHIJKLMNOPQSTUWXYZ'

package/index.js

@@ -12,7 +12,7 @@ var url = require('./url')
  * @return {string} Random string.
  *
  * @example
- * var nanoid = require('nanoid')
+ * const nanoid = require('nanoid')
  * model.id = nanoid() //=> "Uakgb_J5m9g~0JDMbcJqL"
  *
  * @name nanoid

package/non-secure.js

@@ -0,0 +1,28 @@
+var url = '_~getRandomVcryp0123456789bfhijklqsuvwxzABCDEFGHIJKLMNOPQSTUWXYZ'
+
+/**
+ * Generate URL-friendly unique ID. This method use non-secure predictable
+ * random generator.
+ *
+ * By default, ID will have 21 symbols to have a collision probability similar
+ * to UUID v4.
+ *
+ * @param {number} [size=21] The number of symbols in ID.
+ *
+ * @return {string} Random string.
+ *
+ * @example
+ * const nanoid = require('nanoid/non-secure')
+ * model.id = nanoid() //=> "Uakgb_J5m9g~0JDMbcJqL"
+ *
+ * @name nonSecure
+ * @function
+ */
+module.exports = function (size) {
+  size = size || 21
+  var id = ''
+  while (0 < size--) {
+    id += url[Math.random() * 63 | 0]
+  }
+  return id
+}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "nanoid",
-  "version": "1.0.7",
-  "description": "A tiny (146 bytes), secure URL-friendly unique string ID generator",
+  "version": "1.2.1",
+  "description": "A tiny (145 bytes), secure URL-friendly unique string ID generator",
   "keywords": [
     "uuid",
     "random",
@@ -13,49 +13,7 @@
   "repository": "ai/nanoid",
   "browser": {
     "./random.js": "./random.browser.js",
-    "./index.js": "./index.browser.js"
-  },
-  "devDependencies": {
-    "benchmark": "^2.1.4",
-    "chalk": "^2.4.1",
-    "docdash": "^0.4.0",
-    "eslint": "^5.0.1",
-    "eslint-ci": "^0.1.1",
-    "eslint-config-logux": "^23.0.2",
-    "eslint-config-standard": "^11.0.0",
-    "eslint-plugin-es5": "^1.3.1",
-    "eslint-plugin-import": "^2.13.0",
-    "eslint-plugin-jest": "^21.17.0",
-    "eslint-plugin-node": "^6.0.1",
-    "eslint-plugin-promise": "^3.8.0",
-    "eslint-plugin-security": "^1.4.0",
-    "eslint-plugin-standard": "^3.1.0",
-    "html-webpack-plugin": "^3.2.0",
-    "jest": "^23.3.0",
-    "jsdoc": "^3.5.5",
-    "lint-staged": "^7.2.0",
-    "microtime": "^2.1.8",
-    "pre-commit": "^1.2.2",
-    "rimraf": "^2.6.2",
-    "shortid": "^2.2.9",
-    "size-limit": "^0.18.3",
-    "svgo": "^1.0.5",
-    "uuid": "^3.3.2",
-    "webpack": "^4.15.1",
-    "webpack-cli": "^3.0.8",
-    "webpack-dev-server": "^3.1.4",
-    "yaspeller-ci": "^1.0.0"
-  },
-  "scripts": {
-    "lint-staged": "lint-staged",
-    "spellcheck": "yarn docs && yaspeller-ci *.md docs/*.html",
-    "clean": "rimraf docs/ coverage/",
-    "docs": "jsdoc --configure .jsdocrc *.js",
-    "lint": "eslint-ci *.js test/*.js",
-    "test": "jest --coverage && yarn lint && size-limit && yarn spellcheck",
-    "start": "webpack-dev-server --config test/demo/webpack.config"
-  },
-  "pre-commit": [
-    "lint-staged"
-  ]
+    "./index.js": "./index.browser.js",
+    "./async.js": "./async.browser.js"
+  }
 }

package/url.js

@@ -5,7 +5,7 @@
  * @type {string}
  *
  * @example
- * var url = require('nanoid/url')
+ * const url = require('nanoid/url')
  * generate(url, 10) //=> "Uakgb_J5m9"
  */
 module.exports =