nanoid 3.1.28 → 3.1.29

package/async/index.browser.cjs

@@ -1,62 +1,28 @@
 let random = bytes =>
   Promise.resolve(crypto.getRandomValues(new Uint8Array(bytes)))
-
 let customAlphabet = (alphabet, size) => {
-  // First, a bitmask is necessary to generate the ID. The bitmask makes bytes
-  // values closer to the alphabet size. The bitmask calculates the closest
-  // `2^31 - 1` number, which exceeds the alphabet size.
-  // For example, the bitmask for the alphabet size 30 is 31 (00011111).
-  // `Math.clz32` is not used, because it is not available in browsers.
   let mask = (2 << (Math.log(alphabet.length - 1) / Math.LN2)) - 1
-  // Though, the bitmask solution is not perfect since the bytes exceeding
-  // the alphabet size are refused. Therefore, to reliably generate the ID,
-  // the random bytes redundancy has to be satisfied.
-
-  // Note: every hardware random generator call is performance expensive,
-  // because the system call for entropy collection takes a lot of time.
-  // So, to avoid additional system calls, extra bytes are requested in advance.
-
-  // Next, a step determines how many random bytes to generate.
-  // The number of random bytes gets decided upon the ID size, mask,
-  // alphabet size, and magic number 1.6 (using 1.6 peaks at performance
-  // according to benchmarks).
-
-  // `-~f => Math.ceil(f)` if f is a float
-  // `-~i => i + 1` if i is an integer
   let step = -~((1.6 * mask * size) / alphabet.length)
-
   return () => {
     let id = ''
     while (true) {
       let bytes = crypto.getRandomValues(new Uint8Array(step))
-      // A compact alternative for `for (var i = 0; i < step; i++)`.
       let i = step
       while (i--) {
-        // Adding `|| ''` refuses a random byte that exceeds the alphabet size.
         id += alphabet[bytes[i] & mask] || ''
         if (id.length === size) return Promise.resolve(id)
       }
     }
   }
 }
-
 let nanoid = (size = 21) => {
   let id = ''
   let bytes = crypto.getRandomValues(new Uint8Array(size))
-
-  // A compact alternative for `for (var i = 0; i < step; i++)`.
   while (size--) {
-    // It is incorrect to use bytes exceeding the alphabet size.
-    // The following mask reduces the random byte in the 0-255 value
-    // range to the 0-63 value range. Therefore, adding hacks, such
-    // as empty string fallback or magic numbers, is unneccessary because
-    // the bitmask trims bytes down to the alphabet size.
     let byte = bytes[size] & 63
     if (byte < 36) {
-      // `0-9a-z`
       id += byte.toString(36)
     } else if (byte < 62) {
-      // `A-Z`
       id += (byte - 26).toString(36).toUpperCase()
     } else if (byte < 63) {
       id += '_'
@@ -66,5 +32,4 @@ let nanoid = (size = 21) => {
   }
   return Promise.resolve(id)
 }
-
 module.exports = { nanoid, customAlphabet, random }

package/async/index.browser.js

@@ -1,62 +1,28 @@
 let random = bytes =>
   Promise.resolve(crypto.getRandomValues(new Uint8Array(bytes)))
-
 let customAlphabet = (alphabet, size) => {
-  // First, a bitmask is necessary to generate the ID. The bitmask makes bytes
-  // values closer to the alphabet size. The bitmask calculates the closest
-  // `2^31 - 1` number, which exceeds the alphabet size.
-  // For example, the bitmask for the alphabet size 30 is 31 (00011111).
-  // `Math.clz32` is not used, because it is not available in browsers.
   let mask = (2 << (Math.log(alphabet.length - 1) / Math.LN2)) - 1
-  // Though, the bitmask solution is not perfect since the bytes exceeding
-  // the alphabet size are refused. Therefore, to reliably generate the ID,
-  // the random bytes redundancy has to be satisfied.
-
-  // Note: every hardware random generator call is performance expensive,
-  // because the system call for entropy collection takes a lot of time.
-  // So, to avoid additional system calls, extra bytes are requested in advance.
-
-  // Next, a step determines how many random bytes to generate.
-  // The number of random bytes gets decided upon the ID size, mask,
-  // alphabet size, and magic number 1.6 (using 1.6 peaks at performance
-  // according to benchmarks).
-
-  // `-~f => Math.ceil(f)` if f is a float
-  // `-~i => i + 1` if i is an integer
   let step = -~((1.6 * mask * size) / alphabet.length)
-
   return () => {
     let id = ''
     while (true) {
       let bytes = crypto.getRandomValues(new Uint8Array(step))
-      // A compact alternative for `for (var i = 0; i < step; i++)`.
       let i = step
       while (i--) {
-        // Adding `|| ''` refuses a random byte that exceeds the alphabet size.
         id += alphabet[bytes[i] & mask] || ''
         if (id.length === size) return Promise.resolve(id)
       }
     }
   }
 }
-
 let nanoid = (size = 21) => {
   let id = ''
   let bytes = crypto.getRandomValues(new Uint8Array(size))
-
-  // A compact alternative for `for (var i = 0; i < step; i++)`.
   while (size--) {
-    // It is incorrect to use bytes exceeding the alphabet size.
-    // The following mask reduces the random byte in the 0-255 value
-    // range to the 0-63 value range. Therefore, adding hacks, such
-    // as empty string fallback or magic numbers, is unneccessary because
-    // the bitmask trims bytes down to the alphabet size.
     let byte = bytes[size] & 63
     if (byte < 36) {
-      // `0-9a-z`
       id += byte.toString(36)
     } else if (byte < 62) {
-      // `A-Z`
       id += (byte - 26).toString(36).toUpperCase()
     } else if (byte < 63) {
       id += '_'
@@ -66,5 +32,4 @@ let nanoid = (size = 21) => {
   }
   return Promise.resolve(id)
 }
-
 export { nanoid, customAlphabet, random }

package/async/index.cjs

@@ -1,14 +1,7 @@
 let crypto = require('crypto')
-
 let { urlAlphabet } = require('../url-alphabet/index.cjs')
-
-// `crypto.randomFill()` is a little faster than `crypto.randomBytes()`,
-// because it is possible to use in combination with `Buffer.allocUnsafe()`.
 let random = bytes =>
   new Promise((resolve, reject) => {
-    // `Buffer.allocUnsafe()` is faster because it doesn’t flush the memory.
-    // Memory flushing is unnecessary since the buffer allocation itself resets
-    // the memory with the new bytes.
     crypto.randomFill(Buffer.allocUnsafe(bytes), (err, buf) => {
       if (err) {
         reject(err)
@@ -17,55 +10,26 @@ let random = bytes =>
       }
     })
   })
-
 let customAlphabet = (alphabet, size) => {
-  // First, a bitmask is necessary to generate the ID. The bitmask makes bytes
-  // values closer to the alphabet size. The bitmask calculates the closest
-  // `2^31 - 1` number, which exceeds the alphabet size.
-  // For example, the bitmask for the alphabet size 30 is 31 (00011111).
   let mask = (2 << (31 - Math.clz32((alphabet.length - 1) | 1))) - 1
-  // Though, the bitmask solution is not perfect since the bytes exceeding
-  // the alphabet size are refused. Therefore, to reliably generate the ID,
-  // the random bytes redundancy has to be satisfied.
-
-  // Note: every hardware random generator call is performance expensive,
-  // because the system call for entropy collection takes a lot of time.
-  // So, to avoid additional system calls, extra bytes are requested in advance.
-
-  // Next, a step determines how many random bytes to generate.
-  // The number of random bytes gets decided upon the ID size, mask,
-  // alphabet size, and magic number 1.6 (using 1.6 peaks at performance
-  // according to benchmarks).
   let step = Math.ceil((1.6 * mask * size) / alphabet.length)
-
   let tick = id =>
     random(step).then(bytes => {
-      // A compact alternative for `for (var i = 0; i < step; i++)`.
       let i = step
       while (i--) {
-        // Adding `|| ''` refuses a random byte that exceeds the alphabet size.
         id += alphabet[bytes[i] & mask] || ''
         if (id.length === size) return id
       }
       return tick(id)
     })
-
   return () => tick('')
 }
-
 let nanoid = (size = 21) =>
   random(size).then(bytes => {
     let id = ''
-    // A compact alternative for `for (var i = 0; i < step; i++)`.
     while (size--) {
-      // It is incorrect to use bytes exceeding the alphabet size.
-      // The following mask reduces the random byte in the 0-255 value
-      // range to the 0-63 value range. Therefore, adding hacks, such
-      // as empty string fallback or magic numbers, is unneccessary because
-      // the bitmask trims bytes down to the alphabet size.
       id += urlAlphabet[bytes[size] & 63]
     }
     return id
   })
-
 module.exports = { nanoid, customAlphabet, random }

package/async/index.js

@@ -1,14 +1,7 @@
 import crypto from 'crypto'
-
 import { urlAlphabet } from '../url-alphabet/index.js'
-
-// `crypto.randomFill()` is a little faster than `crypto.randomBytes()`,
-// because it is possible to use in combination with `Buffer.allocUnsafe()`.
 let random = bytes =>
   new Promise((resolve, reject) => {
-    // `Buffer.allocUnsafe()` is faster because it doesn’t flush the memory.
-    // Memory flushing is unnecessary since the buffer allocation itself resets
-    // the memory with the new bytes.
     crypto.randomFill(Buffer.allocUnsafe(bytes), (err, buf) => {
       if (err) {
         reject(err)
@@ -17,55 +10,26 @@ let random = bytes =>
       }
     })
   })
-
 let customAlphabet = (alphabet, size) => {
-  // First, a bitmask is necessary to generate the ID. The bitmask makes bytes
-  // values closer to the alphabet size. The bitmask calculates the closest
-  // `2^31 - 1` number, which exceeds the alphabet size.
-  // For example, the bitmask for the alphabet size 30 is 31 (00011111).
   let mask = (2 << (31 - Math.clz32((alphabet.length - 1) | 1))) - 1
-  // Though, the bitmask solution is not perfect since the bytes exceeding
-  // the alphabet size are refused. Therefore, to reliably generate the ID,
-  // the random bytes redundancy has to be satisfied.
-
-  // Note: every hardware random generator call is performance expensive,
-  // because the system call for entropy collection takes a lot of time.
-  // So, to avoid additional system calls, extra bytes are requested in advance.
-
-  // Next, a step determines how many random bytes to generate.
-  // The number of random bytes gets decided upon the ID size, mask,
-  // alphabet size, and magic number 1.6 (using 1.6 peaks at performance
-  // according to benchmarks).
   let step = Math.ceil((1.6 * mask * size) / alphabet.length)
-
   let tick = id =>
     random(step).then(bytes => {
-      // A compact alternative for `for (var i = 0; i < step; i++)`.
       let i = step
       while (i--) {
-        // Adding `|| ''` refuses a random byte that exceeds the alphabet size.
         id += alphabet[bytes[i] & mask] || ''
         if (id.length === size) return id
       }
       return tick(id)
     })
-
   return () => tick('')
 }
-
 let nanoid = (size = 21) =>
   random(size).then(bytes => {
     let id = ''
-    // A compact alternative for `for (var i = 0; i < step; i++)`.
     while (size--) {
-      // It is incorrect to use bytes exceeding the alphabet size.
-      // The following mask reduces the random byte in the 0-255 value
-      // range to the 0-63 value range. Therefore, adding hacks, such
-      // as empty string fallback or magic numbers, is unneccessary because
-      // the bitmask trims bytes down to the alphabet size.
       id += urlAlphabet[bytes[size] & 63]
     }
     return id
   })
-
 export { nanoid, customAlphabet, random }

package/async/index.native.js

@@ -1,57 +1,26 @@
 import { getRandomBytesAsync } from 'expo-random'
-
 import { urlAlphabet } from '../url-alphabet/index.js'
-
 let random = getRandomBytesAsync
-
 let customAlphabet = (alphabet, size) => {
-  // First, a bitmask is necessary to generate the ID. The bitmask makes bytes
-  // values closer to the alphabet size. The bitmask calculates the closest
-  // `2^31 - 1` number, which exceeds the alphabet size.
-  // For example, the bitmask for the alphabet size 30 is 31 (00011111).
   let mask = (2 << (31 - Math.clz32((alphabet.length - 1) | 1))) - 1
-  // Though, the bitmask solution is not perfect since the bytes exceeding
-  // the alphabet size are refused. Therefore, to reliably generate the ID,
-  // the random bytes redundancy has to be satisfied.
-
-  // Note: every hardware random generator call is performance expensive,
-  // because the system call for entropy collection takes a lot of time.
-  // So, to avoid additional system calls, extra bytes are requested in advance.
-
-  // Next, a step determines how many random bytes to generate.
-  // The number of random bytes gets decided upon the ID size, mask,
-  // alphabet size, and magic number 1.6 (using 1.6 peaks at performance
-  // according to benchmarks).
   let step = Math.ceil((1.6 * mask * size) / alphabet.length)
-
   let tick = id =>
     random(step).then(bytes => {
-      // A compact alternative for `for (var i = 0; i < step; i++)`.
       let i = step
       while (i--) {
-        // Adding `|| ''` refuses a random byte that exceeds the alphabet size.
         id += alphabet[bytes[i] & mask] || ''
         if (id.length === size) return id
       }
       return tick(id)
     })
-
   return () => tick('')
 }
-
 let nanoid = (size = 21) =>
   random(size).then(bytes => {
     let id = ''
-    // A compact alternative for `for (var i = 0; i < step; i++)`.
     while (size--) {
-      // It is incorrect to use bytes exceeding the alphabet size.
-      // The following mask reduces the random byte in the 0-255 value
-      // range to the 0-63 value range. Therefore, adding hacks, such
-      // as empty string fallback or magic numbers, is unneccessary because
-      // the bitmask trims bytes down to the alphabet size.
       id += urlAlphabet[bytes[size] & 63]
     }
     return id
   })
-
 export { nanoid, customAlphabet, random }

package/index.browser.cjs

@@ -1,10 +1,5 @@
-// This file replaces `index.js` in bundlers like webpack or Rollup,
-// according to `browser` config in `package.json`.
-
 let { urlAlphabet } = require('./url-alphabet/index.cjs')
-
 if (process.env.NODE_ENV !== 'production') {
-  // All bundlers will remove this block in the production bundle.
   if (
     typeof navigator !== 'undefined' &&
     navigator.product === 'ReactNative' &&
@@ -30,67 +25,31 @@ if (process.env.NODE_ENV !== 'production') {
     )
   }
 }
-
 let random = bytes => crypto.getRandomValues(new Uint8Array(bytes))
-
 let customRandom = (alphabet, size, getRandom) => {
-  // First, a bitmask is necessary to generate the ID. The bitmask makes bytes
-  // values closer to the alphabet size. The bitmask calculates the closest
-  // `2^31 - 1` number, which exceeds the alphabet size.
-  // For example, the bitmask for the alphabet size 30 is 31 (00011111).
-  // `Math.clz32` is not used, because it is not available in browsers.
   let mask = (2 << (Math.log(alphabet.length - 1) / Math.LN2)) - 1
-  // Though, the bitmask solution is not perfect since the bytes exceeding
-  // the alphabet size are refused. Therefore, to reliably generate the ID,
-  // the random bytes redundancy has to be satisfied.
-
-  // Note: every hardware random generator call is performance expensive,
-  // because the system call for entropy collection takes a lot of time.
-  // So, to avoid additional system calls, extra bytes are requested in advance.
-
-  // Next, a step determines how many random bytes to generate.
-  // The number of random bytes gets decided upon the ID size, mask,
-  // alphabet size, and magic number 1.6 (using 1.6 peaks at performance
-  // according to benchmarks).
-
-  // `-~f => Math.ceil(f)` if f is a float
-  // `-~i => i + 1` if i is an integer
   let step = -~((1.6 * mask * size) / alphabet.length)
-
   return () => {
     let id = ''
     while (true) {
       let bytes = getRandom(step)
-      // A compact alternative for `for (var i = 0; i < step; i++)`.
       let j = step
       while (j--) {
-        // Adding `|| ''` refuses a random byte that exceeds the alphabet size.
         id += alphabet[bytes[j] & mask] || ''
         if (id.length === size) return id
       }
     }
   }
 }
-
 let customAlphabet = (alphabet, size) => customRandom(alphabet, size, random)
-
 let nanoid = (size = 21) => {
   let id = ''
   let bytes = crypto.getRandomValues(new Uint8Array(size))
-
-  // A compact alternative for `for (var i = 0; i < step; i++)`.
   while (size--) {
-    // It is incorrect to use bytes exceeding the alphabet size.
-    // The following mask reduces the random byte in the 0-255 value
-    // range to the 0-63 value range. Therefore, adding hacks, such
-    // as empty string fallback or magic numbers, is unneccessary because
-    // the bitmask trims bytes down to the alphabet size.
     let byte = bytes[size] & 63
     if (byte < 36) {
-      // `0-9a-z`
       id += byte.toString(36)
     } else if (byte < 62) {
-      // `A-Z`
       id += (byte - 26).toString(36).toUpperCase()
     } else if (byte < 63) {
       id += '_'
@@ -100,5 +59,4 @@ let nanoid = (size = 21) => {
   }
   return id
 }
-
 module.exports = { nanoid, customAlphabet, customRandom, urlAlphabet, random }

package/index.browser.js

@@ -1,10 +1,5 @@
-// This file replaces `index.js` in bundlers like webpack or Rollup,
-// according to `browser` config in `package.json`.
-
 import { urlAlphabet } from './url-alphabet/index.js'
-
 if (process.env.NODE_ENV !== 'production') {
-  // All bundlers will remove this block in the production bundle.
   if (
     typeof navigator !== 'undefined' &&
     navigator.product === 'ReactNative' &&
@@ -30,67 +25,31 @@ if (process.env.NODE_ENV !== 'production') {
     )
   }
 }
-
 let random = bytes => crypto.getRandomValues(new Uint8Array(bytes))
-
 let customRandom = (alphabet, size, getRandom) => {
-  // First, a bitmask is necessary to generate the ID. The bitmask makes bytes
-  // values closer to the alphabet size. The bitmask calculates the closest
-  // `2^31 - 1` number, which exceeds the alphabet size.
-  // For example, the bitmask for the alphabet size 30 is 31 (00011111).
-  // `Math.clz32` is not used, because it is not available in browsers.
   let mask = (2 << (Math.log(alphabet.length - 1) / Math.LN2)) - 1
-  // Though, the bitmask solution is not perfect since the bytes exceeding
-  // the alphabet size are refused. Therefore, to reliably generate the ID,
-  // the random bytes redundancy has to be satisfied.
-
-  // Note: every hardware random generator call is performance expensive,
-  // because the system call for entropy collection takes a lot of time.
-  // So, to avoid additional system calls, extra bytes are requested in advance.
-
-  // Next, a step determines how many random bytes to generate.
-  // The number of random bytes gets decided upon the ID size, mask,
-  // alphabet size, and magic number 1.6 (using 1.6 peaks at performance
-  // according to benchmarks).
-
-  // `-~f => Math.ceil(f)` if f is a float
-  // `-~i => i + 1` if i is an integer
   let step = -~((1.6 * mask * size) / alphabet.length)
-
   return () => {
     let id = ''
     while (true) {
       let bytes = getRandom(step)
-      // A compact alternative for `for (var i = 0; i < step; i++)`.
       let j = step
       while (j--) {
-        // Adding `|| ''` refuses a random byte that exceeds the alphabet size.
         id += alphabet[bytes[j] & mask] || ''
         if (id.length === size) return id
       }
     }
   }
 }
-
 let customAlphabet = (alphabet, size) => customRandom(alphabet, size, random)
-
 let nanoid = (size = 21) => {
   let id = ''
   let bytes = crypto.getRandomValues(new Uint8Array(size))
-
-  // A compact alternative for `for (var i = 0; i < step; i++)`.
   while (size--) {
-    // It is incorrect to use bytes exceeding the alphabet size.
-    // The following mask reduces the random byte in the 0-255 value
-    // range to the 0-63 value range. Therefore, adding hacks, such
-    // as empty string fallback or magic numbers, is unneccessary because
-    // the bitmask trims bytes down to the alphabet size.
     let byte = bytes[size] & 63
     if (byte < 36) {
-      // `0-9a-z`
       id += byte.toString(36)
     } else if (byte < 62) {
-      // `A-Z`
       id += (byte - 26).toString(36).toUpperCase()
     } else if (byte < 63) {
       id += '_'
@@ -100,5 +59,4 @@ let nanoid = (size = 21) => {
   }
   return id
 }
-
 export { nanoid, customAlphabet, customRandom, urlAlphabet, random }

package/index.cjs

@@ -1,20 +1,7 @@
 let crypto = require('crypto')
-
 let { urlAlphabet } = require('./url-alphabet/index.cjs')
-
-// It is best to make fewer, larger requests to the crypto module to
-// avoid system call overhead. So, random numbers are generated in a
-// pool. The pool is a Buffer that is larger than the initial random
-// request size by this multiplier. The pool is enlarged if subsequent
-// requests exceed the maximum buffer size.
-const POOL_SIZE_MULTIPLIER = 32
+const POOL_SIZE_MULTIPLIER = 128
 let pool, poolOffset
-
-let random = bytes => {
-  fillPool(bytes)
-  return pool.subarray(poolOffset - bytes, poolOffset)
-}
-
 let fillPool = bytes => {
   if (!pool || pool.length < bytes) {
     pool = Buffer.allocUnsafe(bytes * POOL_SIZE_MULTIPLIER)
@@ -26,56 +13,32 @@ let fillPool = bytes => {
   }
   poolOffset += bytes
 }
-
+let random = bytes => {
+  fillPool(bytes)
+  return pool.subarray(poolOffset - bytes, poolOffset)
+}
 let customRandom = (alphabet, size, getRandom) => {
-  // First, a bitmask is necessary to generate the ID. The bitmask makes bytes
-  // values closer to the alphabet size. The bitmask calculates the closest
-  // `2^31 - 1` number, which exceeds the alphabet size.
-  // For example, the bitmask for the alphabet size 30 is 31 (00011111).
   let mask = (2 << (31 - Math.clz32((alphabet.length - 1) | 1))) - 1
-  // Though, the bitmask solution is not perfect since the bytes exceeding
-  // the alphabet size are refused. Therefore, to reliably generate the ID,
-  // the random bytes redundancy has to be satisfied.
-
-  // Note: every hardware random generator call is performance expensive,
-  // because the system call for entropy collection takes a lot of time.
-  // So, to avoid additional system calls, extra bytes are requested in advance.
-
-  // Next, a step determines how many random bytes to generate.
-  // The number of random bytes gets decided upon the ID size, mask,
-  // alphabet size, and magic number 1.6 (using 1.6 peaks at performance
-  // according to benchmarks).
   let step = Math.ceil((1.6 * mask * size) / alphabet.length)
-
   return () => {
     let id = ''
     while (true) {
       let bytes = getRandom(step)
-      // A compact alternative for `for (let i = 0; i < step; i++)`.
       let i = step
       while (i--) {
-        // Adding `|| ''` refuses a random byte that exceeds the alphabet size.
         id += alphabet[bytes[i] & mask] || ''
         if (id.length === size) return id
       }
     }
   }
 }
-
 let customAlphabet = (alphabet, size) => customRandom(alphabet, size, random)
-
 let nanoid = (size = 21) => {
   fillPool(size)
   let id = ''
   for (let i = poolOffset - size; i < poolOffset; i++) {
-    // It is incorrect to use bytes exceeding the alphabet size.
-    // The following mask reduces the random byte in the 0-255 value
-    // range to the 0-63 value range. Therefore, adding hacks, such
-    // as empty string fallback or magic numbers, is unneccessary because
-    // the bitmask trims bytes down to the alphabet size.
     id += urlAlphabet[pool[i] & 63]
   }
   return id
 }
-
 module.exports = { nanoid, customAlphabet, customRandom, urlAlphabet, random }

package/index.dev.js

@@ -1,10 +1,5 @@
-// This file replaces `index.js` in bundlers like webpack or Rollup,
-// according to `browser` config in `package.json`.
-
 import { urlAlphabet } from './url-alphabet/index.js'
-
 if (true) {
-  // All bundlers will remove this block in the production bundle.
   if (
     typeof navigator !== 'undefined' &&
     navigator.product === 'ReactNative' &&
@@ -30,67 +25,31 @@ if (true) {
     )
   }
 }
-
 let random = bytes => crypto.getRandomValues(new Uint8Array(bytes))
-
 let customRandom = (alphabet, size, getRandom) => {
-  // First, a bitmask is necessary to generate the ID. The bitmask makes bytes
-  // values closer to the alphabet size. The bitmask calculates the closest
-  // `2^31 - 1` number, which exceeds the alphabet size.
-  // For example, the bitmask for the alphabet size 30 is 31 (00011111).
-  // `Math.clz32` is not used, because it is not available in browsers.
   let mask = (2 << (Math.log(alphabet.length - 1) / Math.LN2)) - 1
-  // Though, the bitmask solution is not perfect since the bytes exceeding
-  // the alphabet size are refused. Therefore, to reliably generate the ID,
-  // the random bytes redundancy has to be satisfied.
-
-  // Note: every hardware random generator call is performance expensive,
-  // because the system call for entropy collection takes a lot of time.
-  // So, to avoid additional system calls, extra bytes are requested in advance.
-
-  // Next, a step determines how many random bytes to generate.
-  // The number of random bytes gets decided upon the ID size, mask,
-  // alphabet size, and magic number 1.6 (using 1.6 peaks at performance
-  // according to benchmarks).
-
-  // `-~f => Math.ceil(f)` if f is a float
-  // `-~i => i + 1` if i is an integer
   let step = -~((1.6 * mask * size) / alphabet.length)
-
   return () => {
     let id = ''
     while (true) {
       let bytes = getRandom(step)
-      // A compact alternative for `for (var i = 0; i < step; i++)`.
       let j = step
       while (j--) {
-        // Adding `|| ''` refuses a random byte that exceeds the alphabet size.
         id += alphabet[bytes[j] & mask] || ''
         if (id.length === size) return id
       }
     }
   }
 }
-
 let customAlphabet = (alphabet, size) => customRandom(alphabet, size, random)
-
 let nanoid = (size = 21) => {
   let id = ''
   let bytes = crypto.getRandomValues(new Uint8Array(size))
-
-  // A compact alternative for `for (var i = 0; i < step; i++)`.
   while (size--) {
-    // It is incorrect to use bytes exceeding the alphabet size.
-    // The following mask reduces the random byte in the 0-255 value
-    // range to the 0-63 value range. Therefore, adding hacks, such
-    // as empty string fallback or magic numbers, is unneccessary because
-    // the bitmask trims bytes down to the alphabet size.
     let byte = bytes[size] & 63
     if (byte < 36) {
-      // `0-9a-z`
       id += byte.toString(36)
     } else if (byte < 62) {
-      // `A-Z`
       id += (byte - 26).toString(36).toUpperCase()
     } else if (byte < 63) {
       id += '_'
@@ -100,5 +59,4 @@ let nanoid = (size = 21) => {
   }
   return id
 }
-
 export { nanoid, customAlphabet, customRandom, urlAlphabet, random }

package/index.js

@@ -1,20 +1,7 @@
 import crypto from 'crypto'
-
 import { urlAlphabet } from './url-alphabet/index.js'
-
-// It is best to make fewer, larger requests to the crypto module to
-// avoid system call overhead. So, random numbers are generated in a
-// pool. The pool is a Buffer that is larger than the initial random
-// request size by this multiplier. The pool is enlarged if subsequent
-// requests exceed the maximum buffer size.
-const POOL_SIZE_MULTIPLIER = 32
+const POOL_SIZE_MULTIPLIER = 128
 let pool, poolOffset
-
-let random = bytes => {
-  fillPool(bytes)
-  return pool.subarray(poolOffset - bytes, poolOffset)
-}
-
 let fillPool = bytes => {
   if (!pool || pool.length < bytes) {
     pool = Buffer.allocUnsafe(bytes * POOL_SIZE_MULTIPLIER)
@@ -26,56 +13,32 @@ let fillPool = bytes => {
   }
   poolOffset += bytes
 }
-
+let random = bytes => {
+  fillPool(bytes)
+  return pool.subarray(poolOffset - bytes, poolOffset)
+}
 let customRandom = (alphabet, size, getRandom) => {
-  // First, a bitmask is necessary to generate the ID. The bitmask makes bytes
-  // values closer to the alphabet size. The bitmask calculates the closest
-  // `2^31 - 1` number, which exceeds the alphabet size.
-  // For example, the bitmask for the alphabet size 30 is 31 (00011111).
   let mask = (2 << (31 - Math.clz32((alphabet.length - 1) | 1))) - 1
-  // Though, the bitmask solution is not perfect since the bytes exceeding
-  // the alphabet size are refused. Therefore, to reliably generate the ID,
-  // the random bytes redundancy has to be satisfied.
-
-  // Note: every hardware random generator call is performance expensive,
-  // because the system call for entropy collection takes a lot of time.
-  // So, to avoid additional system calls, extra bytes are requested in advance.
-
-  // Next, a step determines how many random bytes to generate.
-  // The number of random bytes gets decided upon the ID size, mask,
-  // alphabet size, and magic number 1.6 (using 1.6 peaks at performance
-  // according to benchmarks).
   let step = Math.ceil((1.6 * mask * size) / alphabet.length)
-
   return () => {
     let id = ''
     while (true) {
       let bytes = getRandom(step)
-      // A compact alternative for `for (let i = 0; i < step; i++)`.
       let i = step
       while (i--) {
-        // Adding `|| ''` refuses a random byte that exceeds the alphabet size.
         id += alphabet[bytes[i] & mask] || ''
         if (id.length === size) return id
       }
     }
   }
 }
-
 let customAlphabet = (alphabet, size) => customRandom(alphabet, size, random)
-
 let nanoid = (size = 21) => {
   fillPool(size)
   let id = ''
   for (let i = poolOffset - size; i < poolOffset; i++) {
-    // It is incorrect to use bytes exceeding the alphabet size.
-    // The following mask reduces the random byte in the 0-255 value
-    // range to the 0-63 value range. Therefore, adding hacks, such
-    // as empty string fallback or magic numbers, is unneccessary because
-    // the bitmask trims bytes down to the alphabet size.
     id += urlAlphabet[pool[i] & 63]
   }
   return id
 }
-
 export { nanoid, customAlphabet, customRandom, urlAlphabet, random }

package/index.prod.js

@@ -1,10 +1,5 @@
-// This file replaces `index.js` in bundlers like webpack or Rollup,
-// according to `browser` config in `package.json`.
-
 import { urlAlphabet } from './url-alphabet/index.js'
-
 if (false) {
-  // All bundlers will remove this block in the production bundle.
   if (
     typeof navigator !== 'undefined' &&
     navigator.product === 'ReactNative' &&
@@ -30,67 +25,31 @@ if (false) {
     )
   }
 }
-
 let random = bytes => crypto.getRandomValues(new Uint8Array(bytes))
-
 let customRandom = (alphabet, size, getRandom) => {
-  // First, a bitmask is necessary to generate the ID. The bitmask makes bytes
-  // values closer to the alphabet size. The bitmask calculates the closest
-  // `2^31 - 1` number, which exceeds the alphabet size.
-  // For example, the bitmask for the alphabet size 30 is 31 (00011111).
-  // `Math.clz32` is not used, because it is not available in browsers.
   let mask = (2 << (Math.log(alphabet.length - 1) / Math.LN2)) - 1
-  // Though, the bitmask solution is not perfect since the bytes exceeding
-  // the alphabet size are refused. Therefore, to reliably generate the ID,
-  // the random bytes redundancy has to be satisfied.
-
-  // Note: every hardware random generator call is performance expensive,
-  // because the system call for entropy collection takes a lot of time.
-  // So, to avoid additional system calls, extra bytes are requested in advance.
-
-  // Next, a step determines how many random bytes to generate.
-  // The number of random bytes gets decided upon the ID size, mask,
-  // alphabet size, and magic number 1.6 (using 1.6 peaks at performance
-  // according to benchmarks).
-
-  // `-~f => Math.ceil(f)` if f is a float
-  // `-~i => i + 1` if i is an integer
   let step = -~((1.6 * mask * size) / alphabet.length)
-
   return () => {
     let id = ''
     while (true) {
       let bytes = getRandom(step)
-      // A compact alternative for `for (var i = 0; i < step; i++)`.
       let j = step
       while (j--) {
-        // Adding `|| ''` refuses a random byte that exceeds the alphabet size.
         id += alphabet[bytes[j] & mask] || ''
         if (id.length === size) return id
       }
     }
   }
 }
-
 let customAlphabet = (alphabet, size) => customRandom(alphabet, size, random)
-
 let nanoid = (size = 21) => {
   let id = ''
   let bytes = crypto.getRandomValues(new Uint8Array(size))
-
-  // A compact alternative for `for (var i = 0; i < step; i++)`.
   while (size--) {
-    // It is incorrect to use bytes exceeding the alphabet size.
-    // The following mask reduces the random byte in the 0-255 value
-    // range to the 0-63 value range. Therefore, adding hacks, such
-    // as empty string fallback or magic numbers, is unneccessary because
-    // the bitmask trims bytes down to the alphabet size.
     let byte = bytes[size] & 63
     if (byte < 36) {
-      // `0-9a-z`
       id += byte.toString(36)
     } else if (byte < 62) {
-      // `A-Z`
       id += (byte - 26).toString(36).toUpperCase()
     } else if (byte < 63) {
       id += '_'
@@ -100,5 +59,4 @@ let nanoid = (size = 21) => {
   }
   return id
 }
-
 export { nanoid, customAlphabet, customRandom, urlAlphabet, random }

package/non-secure/index.cjs

@@ -1,30 +1,21 @@
-// This alphabet uses `A-Za-z0-9_-` symbols. The genetic algorithm helped
-// optimize the gzip compression for this alphabet.
 let urlAlphabet =
   'ModuleSymbhasOwnPr-0123456789ABCDEFGHNRVfgctiUvz_KqYTJkLxpZXIjQW'
-
 let customAlphabet = (alphabet, size) => {
   return () => {
     let id = ''
-    // A compact alternative for `for (var i = 0; i < step; i++)`.
     let i = size
     while (i--) {
-      // `| 0` is more compact and faster than `Math.floor()`.
       id += alphabet[(Math.random() * alphabet.length) | 0]
     }
     return id
   }
 }
-
 let nanoid = (size = 21) => {
   let id = ''
-  // A compact alternative for `for (var i = 0; i < step; i++)`.
   let i = size
   while (i--) {
-    // `| 0` is more compact and faster than `Math.floor()`.
     id += urlAlphabet[(Math.random() * 64) | 0]
   }
   return id
 }
-
 module.exports = { nanoid, customAlphabet }

package/non-secure/index.js

@@ -1,30 +1,21 @@
-// This alphabet uses `A-Za-z0-9_-` symbols. The genetic algorithm helped
-// optimize the gzip compression for this alphabet.
 let urlAlphabet =
   'ModuleSymbhasOwnPr-0123456789ABCDEFGHNRVfgctiUvz_KqYTJkLxpZXIjQW'
-
 let customAlphabet = (alphabet, size) => {
   return () => {
     let id = ''
-    // A compact alternative for `for (var i = 0; i < step; i++)`.
     let i = size
     while (i--) {
-      // `| 0` is more compact and faster than `Math.floor()`.
       id += alphabet[(Math.random() * alphabet.length) | 0]
     }
     return id
   }
 }
-
 let nanoid = (size = 21) => {
   let id = ''
-  // A compact alternative for `for (var i = 0; i < step; i++)`.
   let i = size
   while (i--) {
-    // `| 0` is more compact and faster than `Math.floor()`.
     id += urlAlphabet[(Math.random() * 64) | 0]
   }
   return id
 }
-
 export { nanoid, customAlphabet }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nanoid",
-  "version": "3.1.28",
+  "version": "3.1.29",
   "description": "A tiny (108 bytes), secure URL-friendly unique string ID generator",
   "keywords": [
     "uuid",

package/url-alphabet/index.cjs

@@ -1,6 +1,3 @@
-// This alphabet uses `A-Za-z0-9_-` symbols. The genetic algorithm helped
-// optimize the gzip compression for this alphabet.
 let urlAlphabet =
   'ModuleSymbhasOwnPr-0123456789ABCDEFGHNRVfgctiUvz_KqYTJkLxpZXIjQW'
-
 module.exports = { urlAlphabet }

package/url-alphabet/index.js

@@ -1,6 +1,3 @@
-// This alphabet uses `A-Za-z0-9_-` symbols. The genetic algorithm helped
-// optimize the gzip compression for this alphabet.
 let urlAlphabet =
   'ModuleSymbhasOwnPr-0123456789ABCDEFGHNRVfgctiUvz_KqYTJkLxpZXIjQW'
-
 export { urlAlphabet }