nanoid 1.3.2 → 2.0.1

package/CHANGELOG.md

@@ -1,6 +1,22 @@
 # Change Log
 This project adheres to [Semantic Versioning](http://semver.org/).
 
+## 2.0.1
+* Reduce npm package size.
+* Mark package as not having side effects (by @xiaody).
+
+## 2.0
+* Use `-` instead of `~` in default alphabet to by file name safe.
+* Add `nanoid/non-secure/generate`.
+
+## 1.3.4
+* Reduce `non-secure` size.
+* Add `async` callback type check.
+
+## 1.3.3
+* Fix `nanoid/async` performance regression.
+* Fix old Node.js `not seeded` issue in synchronous version too.
+
 ## 1.3.2
 * Fix random generator `not seeded` issue of old Node.js.
 

package/README.md

@@ -5,17 +5,17 @@
 
 A tiny, secure, URL-friendly, unique string ID generator for JavaScript.
 
-* **Small.** 142 bytes (minified and gzipped). No dependencies.
+* **Small.** 141 bytes (minified and gzipped). No dependencies.
 It uses [Size Limit] to control size.
 * **Safe.** It uses cryptographically strong random APIs
 and tests distribution of symbols.
 * **Fast.** It’s 16% faster than UUID.
-* **Compact.** It uses a larger alphabet than UUID (`A-Za-z0-9_~`).
+* **Compact.** It uses a larger alphabet than UUID (`A-Za-z0-9_-`).
 So ID size was reduced from 36 to 21 symbols.
 
 ```js
 var nanoid = require('nanoid')
-model.id = nanoid() //=> "V1StGXR8_Z5jdHi6B~myT"
+model.id = nanoid() //=> "V1StGXR8_Z5jdHi6B-myT"
 ```
 
 The generator supports Node.js, React Native, and [all browsers].
@@ -72,27 +72,27 @@ There are two main differences between Nano ID and UUID v4:
 1. Nano ID uses a bigger alphabet, so a similar number of random bits
    are packed in just 21 symbols instead of 36.
 2. Nano ID code is 3 times less than `uuid/v4` package:
-   142 bytes instead of 435.
+   141 bytes instead of 435.
 
 
 ## Benchmark
 
 ```rust
 $ ./test/benchmark
-nanoid                    413,579 ops/sec
-nanoid/generate           401,349 ops/sec
-uid.sync                  354,882 ops/sec
-uuid/v4                   353,836 ops/sec
-shortid                    39,152 ops/sec
+nanoid                    337,879 ops/sec
+nanoid/generate           335,929 ops/sec
+uid.sync                  275,315 ops/sec
+uuid/v4                   273,602 ops/sec
+shortid                    32,798 ops/sec
 
 Async:
-nanoid/async               85,168 ops/sec
-nanoid/async/generate      81,037 ops/sec
-uid                        78,426 ops/sec
+nanoid/async               73,782 ops/sec
+nanoid/async/generate      80,775 ops/sec
+uid                        67,419 ops/sec
 
 Non-secure:
-nanoid/non-secure       2,718,186 ops/sec
-rndm                    2,544,612 ops/sec
+nanoid/non-secure       2,745,340 ops/sec
+rndm                    2,611,595 ops/sec
 ```
 
 
@@ -100,12 +100,12 @@ rndm                    2,544,612 ops/sec
 
 ### Normal
 
-The main module uses URL-friendly symbols (`A-Za-z0-9_~`) and returns an ID
+The main module uses URL-friendly symbols (`A-Za-z0-9_-`) and returns an ID
 with 21 characters (to have a collision probability similar to UUID v4).
 
 ```js
 const nanoid = require('nanoid')
-model.id = nanoid() //=> "Uakgb_J5m9g~0JDMbcJqLJ"
+model.id = nanoid() //=> "Uakgb_J5m9g-0JDMbcJqLJ"
 ```
 
 Symbols `-,.()` are not encoded in the URL. If used at the end of a link
@@ -115,7 +115,7 @@ If you want to reduce ID length (and increase collisions probability),
 you can pass the length as an argument.
 
 ```js
-nanoid(10) //=> "IRFa~VaY2b"
+nanoid(10) //=> "IRFa-VaY2b"
 ```
 
 Don’t forget to check the safety of your ID length
@@ -123,6 +123,29 @@ in our [ID collision probability] calculator.
 
 [ID collision probability]: https://zelark.github.io/nano-id-cc/
 
+### React
+**Do not** use a nanoid for `key` prop. In React `key` should be consistence
+between renders. This is bad code:
+
+```jsx
+<Item key={nanoid()} /> /* DON’T DO IT */
+```
+
+This is good code. Note, that we added `"input"` string in front of `id`,
+because Nano ID could be started from number. HTML ID can’t be started
+from the number.
+
+```jsx
+  id = 'input' + nanoid()
+
+  render () {
+    return <>
+      <label htmlFor={this.id}>Label text</label>
+      <input id={this.id} type="text"/>
+    </>;
+  }
+}
+```
 
 ### React Native
 
@@ -154,7 +177,7 @@ you can use non‑secure ID generator.
 
 ```js
 const nanoid = require('nanoid/non-secure')
-model.id = nanoid() //=> "Uakgb_J5m9g~0JDMbcJqLJ"
+model.id = nanoid() //=> "Uakgb_J5m9g-0JDMbcJqLJ"
 ```
 
 
@@ -195,7 +218,7 @@ You can find popular alphabets in [`nanoid-dictionary`].
 Alphabet must contain 256 symbols or less.
 Otherwise, the generator will not be secure.
 
-Asynchronous API is also available:
+Asynchronous and non-secure API is also available:
 
 ```js
 const generate = require('nanoid/async/generate')
@@ -204,6 +227,12 @@ async function createUser () {
 }
 ```
 
+```js
+const generate = require('nanoid/non-secure/generate')
+
+user.id = generate('1234567890abcdef', 10)
+```
+
 [ID collision probability]: https://alex7kom.github.io/nano-nanoid-cc/
 [`nanoid-dictionary`]:      https://github.com/CyberAP/nanoid-dictionary
 
@@ -279,7 +308,7 @@ async function createUser () {
 * [Java](https://github.com/aventrix/jnanoid)
 * [Nim](https://github.com/icyphox/nanoid.nim)
 * [PHP](https://github.com/hidehalo/nanoid-php)
-* [Python](https://github.com/puyuan/py-nanoid)
+* [Python](https://github.com/puyuan/py-nanoid) with [dictionaries](https://github.com/aidarkhanov/py-nanoid-dictionary)
 * [Ruby](https://github.com/radeno/nanoid.rb)
 * [Rust](https://github.com/nikolay-govorov/nanoid)
 * [Swift](https://github.com/antiflasher/NanoID)

package/async/index.browser.js

@@ -1,10 +1,10 @@
 var crypto = self.crypto || self.msCrypto
 
 /*
- * This alphabet uses a-z A-Z 0-9 _~ symbols.
+ * This alphabet uses a-z A-Z 0-9 _- symbols.
  * Symbols order was changed for better gzip compression.
  */
-var url = 'ModuleSymbhasOwnPr0123456789ABCDEFGHIJKLNQRTUVWXYZ_cfgijkpqtvxz~'
+var url = 'Uint8ArModuleSymbhasOw-012345679BCDEFGHIJKLNPQRTVWXYZ_cfgjkpqvxz'
 
 module.exports = function (size) {
   size = size || 21

package/async/index.js

@@ -1,34 +1,6 @@
-var crypto = require('crypto')
-
+var random = require('./random')
 var url = require('../url')
 
-var random
-if (crypto.randomFill) {
-  random = function (bytes, callback) {
-    return crypto.randomFill(Buffer.allocUnsafe(bytes), callback)
-  }
-} else {
-  random = crypto.randomBytes
-}
-
-/* eslint-disable-next-line */
-var ATTEMPTS = crypto.randomBytes === crypto.pseudoRandomBytes ? 1 : 3
-
-function safeRandom (size, attempt, callback) {
-  random(size, function (err, bytes) {
-    if (err) {
-      attempt -= 1
-      if (attempt === 0) {
-        callback(err)
-      } else {
-        setTimeout(safeRandom.bind(null, size, attempt, callback), 10)
-      }
-    } else {
-      callback(null, bytes)
-    }
-  })
-}
-
 /**
  * Generate secure URL-friendly unique ID. Non-blocking version.
  *
@@ -36,7 +8,6 @@ function safeRandom (size, attempt, callback) {
  * to UUID v4.
  *
  * @param {number} [size=21] The number of symbols in ID.
- * @param {function} [callback] for environments without `Promise`.
  *
  * @return {Promise} Promise with random string.
  *
@@ -49,34 +20,13 @@ function safeRandom (size, attempt, callback) {
  * @name async
  * @function
  */
-module.exports = function (size, callback) {
+module.exports = function (size) {
   size = size || 21
-
-  if (!callback) {
-    if (typeof Promise !== 'function') {
-      throw new Error('Function callback is required')
-    }
-    return new Promise(function (resolve, reject) {
-      module.exports(size, function (error, id) {
-        if (error) {
-          reject(error)
-        } else {
-          resolve(id)
-        }
-      })
-    })
-  }
-
-  safeRandom(size, ATTEMPTS, function (error, bytes) {
-    if (error) {
-      return callback(error)
-    }
-
+  return random(size).then(function (bytes) {
     var id = ''
     while (0 < size--) {
       id += url[bytes[size] & 63]
     }
-
-    callback(null, id)
+    return id
   })
 }

package/index.browser.js

@@ -10,10 +10,10 @@ if (process.env.NODE_ENV !== 'production') {
 var crypto = self.crypto || self.msCrypto
 
 /*
- * This alphabet uses a-z A-Z 0-9 _~ symbols.
+ * This alphabet uses a-z A-Z 0-9 _- symbols.
  * Symbols order was changed for better gzip compression.
  */
-var url = 'Uint8ArdomValuesObj012345679BCDEFGHIJKLMNPQRSTWXYZ_cfghkpqvwxyz~'
+var url = 'Uint8ArdomValuesObj012345679BCDEFGHIJKLMNPQRSTWXYZ_cfghkpqvwxyz-'
 
 module.exports = function (size) {
   size = size || 21

package/index.js

@@ -13,15 +13,15 @@ var url = require('./url')
  *
  * @example
  * const nanoid = require('nanoid')
- * model.id = nanoid() //=> "Uakgb_J5m9g~0JDMbcJqL"
+ * model.id = nanoid() //=> "Uakgb_J5m9g-0JDMbcJqL"
  *
  * @name nanoid
  * @function
  */
 module.exports = function (size) {
   size = size || 21
-  var id = ''
   var bytes = random(size)
+  var id = ''
   while (0 < size--) {
     id += url[bytes[size] & 63]
   }

package/non-secure/generate.js

@@ -0,0 +1,27 @@
+/**
+ * Generate URL-friendly unique ID. This method use non-secure predictable
+ * random generator.
+ *
+ * By default, ID will have 21 symbols to have a collision probability similar
+ * to UUID v4.
+ *
+ * @param {string} alphabet Symbols to be used in ID.
+ * @param {number} [size=21] The number of symbols in ID.
+ *
+ * @return {string} Random string.
+ *
+ * @example
+ * const nanoid = require('nanoid/non-secure')
+ * model.id = nanoid() //=> "Uakgb_J5m9g-0JDMbcJqL"
+ *
+ * @name nonSecure
+ * @function
+ */
+module.exports = function (alphabet, size) {
+  size = size || 21
+  var id = ''
+  while (0 < size--) {
+    id += alphabet[Math.random() * alphabet.length | 0]
+  }
+  return id
+}

package/{non-secure.js → non-secure/index.js}

@@ -1,4 +1,4 @@
-var url = '_~varfunctio0125634789bdegjhklmpqswxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'
+var url = 'bjectSymhasOwnProp-0123456789ABCDEFGHIJKLMNQRTUVWXYZ_dfgiklquvxz'
 
 /**
  * Generate URL-friendly unique ID. This method use non-secure predictable
@@ -13,7 +13,7 @@ var url = '_~varfunctio0125634789bdegjhklmpqswxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'
  *
  * @example
  * const nanoid = require('nanoid/non-secure')
- * model.id = nanoid() //=> "Uakgb_J5m9g~0JDMbcJqL"
+ * model.id = nanoid() //=> "Uakgb_J5m9g-0JDMbcJqL"
  *
  * @name nonSecure
  * @function

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "nanoid",
-  "version": "1.3.2",
-  "description": "A tiny (143 bytes), secure URL-friendly unique string ID generator",
+  "version": "2.0.1",
+  "description": "A tiny (141 bytes), secure URL-friendly unique string ID generator",
   "keywords": [
     "uuid",
     "random",
@@ -16,5 +16,11 @@
     "./random.js": "./random.browser.js",
     "./async/index.js": "./async/index.browser.js",
     "./async/random.js": "./async/random.browser.js"
+  },
+  "sideEffects": false,
+  "husky": {
+    "hooks": {
+      "pre-commit": "lint-staged"
+    }
   }
 }

package/url.js

@@ -1,7 +1,7 @@
 /**
  * URL safe symbols.
  *
- * This alphabet uses a-z A-Z 0-9 _~ symbols.
+ * This alphabet uses a-z A-Z 0-9 _- symbols.
  * Symbols order was changed for better gzip compression.
  *
  * @name url
@@ -12,4 +12,4 @@
  * generate(url, 10) //=> "Uakgb_J5m9"
  */
 module.exports =
-  'SymboljecthasOwnPr0123456789ABCDEFGHIJKLMNQRTUVWXYZ_dfgikpquvxz~'
+  'ModuleSymbhasOwnPr-0123456789ABCDEFGHIJKLNQRTUVWXYZ_cfgijkpqtvxz'