npm - nanoid - Versions diffs - 1.3.0 → 1.3.4 - Mend

nanoid 1.3.0 → 1.3.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,20 @@
 # Change Log
 This project adheres to [Semantic Versioning](http://semver.org/).
+## 1.3.4
+* Reduce `non-secure` size.
+* Add `async` callback type check.
+## 1.3.3
+* Fix `nanoid/async` performance regression.
+* Fix old Node.js `not seeded` issue in synchronous version too.
+## 1.3.2
+* Fix random generator `not seeded` issue of old Node.js.
+## 1.3.1
+* Reduce library size.
 ## 1.3
 * Add `nanoid/async/format` and `nanoid/async/generate`.
 * Improve synchronous API performance.

package/README.md CHANGED Viewed

@@ -5,14 +5,13 @@
 A tiny, secure, URL-friendly, unique string ID generator for JavaScript.
-**Safe.** It uses cryptographically strong random APIs
-and tests distribution of symbols.
-**Small.** 143 bytes (minified and gzipped). No dependencies.
+* **Small.** 142 bytes (minified and gzipped). No dependencies.
 It uses [Size Limit] to control size.
-**Compact.** It uses a larger alphabet than UUID (`A-Za-z0-9_~`).
-As result it could reduce ID size from 36 to 21 symbols.
+* **Safe.** It uses cryptographically strong random APIs
+and tests distribution of symbols.
+* **Fast.** It’s 16% faster than UUID.
+* **Compact.** It uses a larger alphabet than UUID (`A-Za-z0-9_~`).
+So ID size was reduced from 36 to 21 symbols.
 ```js
 var nanoid = require('nanoid')
@@ -39,14 +38,14 @@ The generator supports Node.js, React Native, and [all browsers].
 ### Unpredictability
 Instead of using the unsafe `Math.random()`, Nano ID uses the `crypto` module
-in Node.js and the Web Crypto API in browsers. This modules use unpredictable
+in Node.js and the Web Crypto API in browsers. These modules use unpredictable
 hardware random generator.
 ### Uniformity
 `random % alphabet` is a popular mistake to make when coding an ID generator.
-The spread will not be even; there will be a lower chance for some symbols
+The spread will not be even; there will be a lower chance for some symbols
 to appear compared to others—so it will reduce the number of tries
 when brute-forcing.
@@ -63,7 +62,7 @@ Nano ID uses a [better algorithm] and is tested for uniformity.
 Nano ID is quite comparable to UUID v4 (random-based).
 It has a similar number of random bits in the ID
-(126 in Nano ID and 122 in UUID), so it has a similar collision probability:
+(126 in Nano ID and 122 in UUID), so it has a similar collision probability:
 > For there to be a one in a billion chance of duplication,
 > 103 trillion version 4 IDs must be generated.
@@ -73,7 +72,7 @@ There are two main differences between Nano ID and UUID v4:
 1. Nano ID uses a bigger alphabet, so a similar number of random bits
    are packed in just 21 symbols instead of 36.
 2. Nano ID code is 3 times less than `uuid/v4` package:
-   143 bytes instead of 435.
+   142 bytes instead of 435.
 ## Benchmark
@@ -102,7 +101,7 @@ rndm                    2,544,612 ops/sec
 ### Normal
 The main module uses URL-friendly symbols (`A-Za-z0-9_~`) and returns an ID
-with 21 characters (to have a collision probability similar to UUID v4).
+with 21 characters (to have a collision probability similar to UUID v4).
 ```js
 const nanoid = require('nanoid')
@@ -113,13 +112,13 @@ Symbols `-,.()` are not encoded in the URL. If used at the end of a link
 they could be identified as a punctuation symbol.
 If you want to reduce ID length (and increase collisions probability),
-you can pass the length as an argument.
+you can pass the length as an argument.
 ```js
 nanoid(10) //=> "IRFa~VaY2b"
 ```
-Don’t forget to check safety of your ID length
+Don’t forget to check the safety of your ID length
 in our [ID collision probability] calculator.
 [ID collision probability]: https://zelark.github.io/nano-id-cc/
@@ -128,7 +127,7 @@ in our [ID collision probability] calculator.
 ### React Native
 To generate secure random IDs in React Native, you must use
-[a native random generator] like and asynchronous API:
+[a native random generator] and asynchronous API:
 ```js
 const generateSecureRandom = require('react-native-securerandom').generateSecureRandom
@@ -162,9 +161,10 @@ model.id = nanoid() //=> "Uakgb_J5m9g~0JDMbcJqLJ"
 ## Async
 To generate hardware random bytes, CPU will collect electromagnetic noise.
-During the collection, CPU doesn’t work. So if we will use asynchronous API
-for hardware random generator, your other code could be executed during
-the entropy collection.
+During the collection, CPU doesn’t work.
+If we will use asynchronous API for random generator,
+another code could be executed during the entropy collection.
 ```js
 const nanoid = require('nanoid/async')
@@ -174,11 +174,11 @@ async function createUser () {
 }
 ```
-Unfortunately, you will not have any benefits in browser, since Web Crypto API
+Unfortunately, you will not have any benefits in a browser, since Web Crypto API
 doesn’t have asynchronous API.
-### Custom Alphabet or Length
+## Custom Alphabet or Length
 If you want to change the ID's alphabet or length
 you can use the low-level `generate` module.
@@ -188,9 +188,9 @@ const generate = require('nanoid/generate')
 model.id = generate('1234567890abcdef', 10) //=> "4f90d13a42"
 ```
-Check safety of your custom alphabet and ID length
+Check the safety of your custom alphabet and ID length
 in our [ID collision probability] calculator.
-You can find popular alphabets in [`nanoid-dictionary`].
+You can find popular alphabets in [`nanoid-dictionary`].
 Alphabet must contain 256 symbols or less.
 Otherwise, the generator will not be secure.
@@ -208,10 +208,10 @@ async function createUser () {
 [`nanoid-dictionary`]:      https://github.com/CyberAP/nanoid-dictionary
-### Custom Random Bytes Generator
+## Custom Random Bytes Generator
 You can replace the default safe random generator using the `format` module.
-For instance, to use a seed-based generator.
+For instance, to use a seed-based generator.
 ```js
 const format = require('nanoid/format')
@@ -284,6 +284,6 @@ async function createUser () {
 * [Rust](https://github.com/nikolay-govorov/nanoid)
 * [Swift](https://github.com/antiflasher/NanoID)
-Also, [CLI tool] is available to generate IDs from command line.
+Also, [CLI tool] is available to generate IDs from a command line.
 [CLI tool]: https://github.com/twhitbeck/nanoid-cli

package/async/index.browser.js CHANGED Viewed

@@ -1,6 +1,10 @@
 var crypto = self.crypto || self.msCrypto
-var url = '_~getRandomVsCrypwhil0214563789bcfjkquvxzABDEFGHIJKLMNOPQSTUWXYZ'
+/*
+ * This alphabet uses a-z A-Z 0-9 _~ symbols.
+ * Symbols order was changed for better gzip compression.
+ */
+var url = 'ModuleSymbhasOwnPr0123456789ABCDEFGHIJKLNQRTUVWXYZ_cfgijkpqtvxz~'
 module.exports = function (size) {
   size = size || 21

package/async/index.js CHANGED Viewed

@@ -31,12 +31,12 @@ if (crypto.randomFill) {
  * @name async
  * @function
  */
-module.exports = function (size, callback) {
+module.exports = function (size, callback, attempt) {
   size = size || 21
   if (!callback) {
     if (typeof Promise !== 'function') {
-      throw new Error('Function callback is required')
+      throw new TypeError('Function callback is required')
     }
     return new Promise(function (resolve, reject) {
       module.exports(size, function (error, id) {
@@ -47,18 +47,25 @@ module.exports = function (size, callback) {
         }
       })
     })
+  } else if (typeof callback !== 'function') {
+    throw new TypeError('Callback is not a function')
   }
-  random(size, function (error, bytes) {
-    if (error) {
-      return callback(error)
+  random(size, function (err, bytes) {
+    if (err) {
+      if (typeof attempt === 'undefined') attempt = 3
+      attempt -= 1
+      if (attempt === 0) {
+        callback(err)
+      } else {
+        setTimeout(module.exports.bind(null, size, callback, attempt), 10)
+      }
+    } else {
+      var id = ''
+      while (0 < size--) {
+        id += url[bytes[size] & 63]
+      }
+      callback(null, id)
     }
-    var id = ''
-    while (0 < size--) {
-      id += url[bytes[size] & 63]
-    }
-    callback(null, id)
   })
 }

package/index.browser.js CHANGED Viewed

@@ -9,7 +9,11 @@ if (process.env.NODE_ENV !== 'production') {
 var crypto = self.crypto || self.msCrypto
-var url = '_~getRandomVsCrypwhil0214563789bcfjkquvxzABDEFGHIJKLMNOPQSTUWXYZ'
+/*
+ * This alphabet uses a-z A-Z 0-9 _~ symbols.
+ * Symbols order was changed for better gzip compression.
+ */
+var url = 'Uint8ArdomValuesObj012345679BCDEFGHIJKLMNPQRSTWXYZ_cfghkpqvwxyz~'
 module.exports = function (size) {
   size = size || 21

package/index.js CHANGED Viewed

@@ -18,12 +18,26 @@ var url = require('./url')
  * @name nanoid
  * @function
  */
-module.exports = function (size) {
+module.exports = function (size, attempt) {
   size = size || 21
+  var bytes
+  try {
+    bytes = random(size)
+  } catch (e) {
+    if (typeof attempt === 'undefined') attempt = 3
+    attempt -= 1
+    if (attempt === 0) {
+      throw e
+    } else {
+      return module.exports(size, attempt)
+    }
+  }
   var id = ''
-  var bytes = random(size)
   while (0 < size--) {
     id += url[bytes[size] & 63]
   }
   return id
 }

package/non-secure.js CHANGED Viewed

@@ -1,4 +1,4 @@
-var url = '_~varfunctio0125634789bdegjhklmpqswxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'
+var url = 'bjectxporhasOwnP0123456789ABCDEFGHIJKLMNQRSTUVWXYZ_dfgiklmquvyz~'
 /**
  * Generate URL-friendly unique ID. This method use non-secure predictable

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "nanoid",
-  "version": "1.3.0",
+  "version": "1.3.4",
   "description": "A tiny (143 bytes), secure URL-friendly unique string ID generator",
   "keywords": [
     "uuid",
@@ -16,5 +16,10 @@
     "./random.js": "./random.browser.js",
     "./async/index.js": "./async/index.browser.js",
     "./async/random.js": "./async/random.browser.js"
+  },
+  "husky": {
+    "hooks": {
+      "pre-commit": "lint-staged"
+    }
   }
 }

package/url.js CHANGED Viewed

@@ -2,7 +2,7 @@
  * URL safe symbols.
  *
  * This alphabet uses a-z A-Z 0-9 _~ symbols.
- * (Symbols order was changed for better gzip compression.)
+ * Symbols order was changed for better gzip compression.
  *
  * @name url
  * @type {string}
@@ -12,4 +12,4 @@
  * generate(url, 10) //=> "Uakgb_J5m9"
  */
 module.exports =
-  'functio_~0123456789abdeghjklmpqrsvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'
+  'SymboljecthasOwnPr0123456789ABCDEFGHIJKLMNQRTUVWXYZ_dfgikpquvxz~'