sigilid 1.0.5 → 1.1.0

package/README.md

@@ -4,16 +4,50 @@
 
 [![CI](https://github.com/moritzmyrz/sigilid/actions/workflows/ci.yml/badge.svg)](https://github.com/moritzmyrz/sigilid/actions/workflows/ci.yml)
 [![npm version](https://img.shields.io/npm/v/sigilid)](https://www.npmjs.com/package/sigilid)
+[![bundle size](https://img.shields.io/bundlephobia/minzip/sigilid)](https://bundlephobia.com/package/sigilid)
+[![install size](https://packagephobia.com/badge?p=sigilid)](https://packagephobia.com/result?p=sigilid)
 [![license](https://img.shields.io/npm/l/sigilid)](./LICENSE)
 
-Zero runtime dependencies. ESM-first with CJS compatibility. Strong TypeScript support.
+`sigilid` gives you a secure, URL-safe ID generator as a zero-dependency ESM-first package. The root import is intentionally minimal — extra utilities like prefixed IDs, typed IDs, and validation live in subpath exports so your bundler only pulls in what you actually use.
 
 ```ts
 import { generateId } from "sigilid";
-generateId(); // "K7gkJ_q3vR2nL8xH5eM0w"
+
+const id = generateId(); // "K7gkJ_q3vR2nL8xH5eM0w"
 ```
 
-For full documentation, see the [repository README](https://github.com/moritzmyrz/sigilid#readme).
+---
+
+## Features
+
+- **Cryptographically secure** — uses `crypto.getRandomValues`, not `Math.random`
+- **URL-safe by default** — 64-character alphabet: `A-Z a-z 0-9 _ -`
+- **Tree-shakeable** — subpath exports mean your bundle only includes what you import
+- **Zero runtime dependencies** — no third-party code in production output
+- **ESM-first with CJS compatibility** — works in modern Node, edge runtimes, and all major bundlers
+- **Strong TypeScript support** — strict types, branded ID types, precise inference
+- **Predictable behavior** — explicit errors on invalid input, no silent failures
+- **One package, six entrypoints** — `install sigilid`, then import only what you need
+
+---
+
+## Bundle size
+
+All sizes are brotli-compressed. Each subpath is a standalone module — importing
+one never pulls in the others.
+
+| Import               | Size   |
+| -------------------- | ------ |
+| `sigilid`            | ~348 B |
+| `sigilid/non-secure` | ~222 B |
+| `sigilid/prefix`     | ~496 B |
+| `sigilid/typed`      | ~486 B |
+| `sigilid/validate`   | ~366 B |
+| `sigilid/alphabet`   | ~381 B |
+
+Zero runtime dependencies. [Verified by size-limit on every PR.](link to workflow)
+
+---
 
 ## Install
 
@@ -21,17 +55,319 @@ For full documentation, see the [repository README](https://github.com/moritzmyr
 npm install sigilid
 ```
 
-## Subpath exports
+```bash
+pnpm add sigilid
+```
+
+```bash
+yarn add sigilid
+```
+
+Node 20+ required. Works in all modern runtimes that expose the Web Crypto API (`globalThis.crypto`).
+
+---
+
+## Quick start
+
+```ts
+import { generateId } from "sigilid";
+
+// Default: 21 URL-safe characters using crypto.getRandomValues
+generateId(); // "K7gkJ_q3vR2nL8xH5eM0w"
+generateId(12); // "aX4_p9Qr2mNs"
+```
+
+---
+
+## Why sigilid?
+
+Most apps eventually need more than a plain random string. They need prefixed IDs to distinguish entity types in logs, branded TypeScript types to prevent mixing `userId` and `postId`, and validation helpers at API boundaries.
+
+`sigilid` is a focused toolkit for exactly that. The root package is as lean as it gets. Everything optional is a subpath import.
+
+---
+
+## When to use the root import vs subpath exports
+
+| If you need...                    | Import from...       |
+| --------------------------------- | -------------------- |
+| A secure random URL-safe ID       | `sigilid`            |
+| A non-crypto ID (tests, fixtures) | `sigilid/non-secure` |
+| Prefixed IDs like `usr_abc123`    | `sigilid/prefix`     |
+| Branded TypeScript ID types       | `sigilid/typed`      |
+| Validation at API boundaries      | `sigilid/validate`   |
+| IDs from a custom character set   | `sigilid/alphabet`   |
+
+The root import has no dependency on any of the subpath modules. Importing only `sigilid` will not pull in prefix, validation, or alphabet code.
+
+---
+
+## API reference
+
+### `sigilid` — secure root
+
+```ts
+import { generateId, DEFAULT_ALPHABET } from "sigilid";
+
+generateId(); // 21-character secure ID
+generateId(12); // 12-character secure ID
+
+console.log(DEFAULT_ALPHABET);
+// "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_-"
+```
+
+`generateId` throws a `RangeError` if `length` is outside the range 1–255 or is not an integer.
+
+---
+
+### `sigilid/non-secure` — Math.random-based
+
+```ts
+import { generateNonSecureId } from "sigilid/non-secure";
+
+generateNonSecureId(); // 21-character ID using Math.random
+generateNonSecureId(8); // 8-character ID
+```
+
+**Not suitable for tokens, secrets, or session identifiers.** Use this only when you explicitly do not need cryptographic quality — for example, in test fixtures or non-sensitive local keys.
+
+---
+
+### `sigilid/prefix` — prefixed IDs
+
+```ts
+import { generatePrefixedId, createPrefixedGenerator } from "sigilid/prefix";
+
+// One-off prefixed ID
+generatePrefixedId("usr"); // "usr_K7gkJ_q3vR2nL8xH5eM0w"
+generatePrefixedId("doc", 10); // "doc_aX4p9Qr2mN"
+
+// Factory for repeated use
+const userId = createPrefixedGenerator("usr");
+userId(); // "usr_K7gkJ_q3vR2nL8xH5eM0w"
+userId(); // "usr_Xp9mN2qL5vR8nK3eJ7cHw"
+```
+
+Prefix rules:
+
+- Must start with a letter
+- Must contain only letters and digits
+- Separator is always `_`
+
+Throws `TypeError` for invalid prefixes. Throws `RangeError` for invalid lengths.
+
+---
+
+### `sigilid/typed` — branded TypeScript ID types
+
+```ts
+import { createTypedGenerator, castId } from "sigilid/typed";
+import type { IdOf, Brand } from "sigilid/typed";
+
+// Define typed generators for your entities
+const userId = createTypedGenerator<"User">("usr");
+const postId = createTypedGenerator<"Post">("post");
+
+const uid = userId(); // IdOf<"User"> = "usr_K7gkJ_q3vR2nL8xH5eM0w"
+const pid = postId(); // IdOf<"Post">
+
+// TypeScript prevents mixing them up
+function getUser(id: IdOf<"User">) {
+  /* ... */
+}
+getUser(uid); // ✓
+getUser(pid); // ✗ type error
+
+// Cast an untyped string at a trust boundary
+const fromDb = castId<"User">(row.user_id);
+
+// Unprefixed typed ID
+const tokenGen = createTypedGenerator<"Token">();
+const token = tokenGen(); // IdOf<"Token">, no prefix
+```
+
+`Brand<T, B>` and `IdOf<T>` are pure type-level utilities — no runtime cost.
+
+---
+
+### `sigilid/validate` — validation helpers
+
+```ts
+import { isValidId, assertValidId, parseId } from "sigilid/validate";
+import type { ValidationOptions } from "sigilid/validate";
+
+// Boolean check
+isValidId("K7gkJ_q3vR2nL8xH5eM0w"); // true
+isValidId("bad id!"); // false
+isValidId("usr_K7gkJ_q3vR2nL8xH5eM0w", { prefix: "usr" }); // true
+isValidId("abc123", { length: 6, alphabet: "abc123def456" }); // true
+
+// Throws TypeError if invalid — good for API boundaries
+assertValidId(req.params.id);
+assertValidId(req.params.id, { prefix: "usr" });
+
+// Returns the value if valid, throws if not — useful in pipelines
+const id = parseId(rawInput);
+const id = parseId(rawInput, { prefix: "usr", length: 21 });
+```
+
+`ValidationOptions`:
+
+| Option     | Type     | Description                                                           |
+| ---------- | -------- | --------------------------------------------------------------------- |
+| `length`   | `number` | Expected length of the ID (or ID portion after prefix)                |
+| `prefix`   | `string` | Expected prefix; separator `_` is assumed                             |
+| `alphabet` | `string` | Characters the ID must be drawn from (defaults to `DEFAULT_ALPHABET`) |
+
+---
+
+### `sigilid/alphabet` — custom alphabets
+
+```ts
+import { createAlphabet, validateAlphabet } from "sigilid/alphabet";
+
+// Validate first (optional — createAlphabet validates internally)
+validateAlphabet("0123456789abcdef");
+
+// Create a bound generator
+const hex = createAlphabet("0123456789abcdef");
+hex.generate(); // 21-character hex string
+hex.generate(32); // 32-character hex string
+
+// Binary IDs (contrived, but works)
+const binary = createAlphabet("01");
+binary.generate(16); // "1010011001110101"
+```
+
+`createAlphabet` throws immediately if:
+
+- the alphabet has fewer than 2 characters
+- the alphabet has more than 256 characters
+- the alphabet contains duplicate characters
+
+`generate(length?)` uses rejection sampling to avoid modulo bias.
+
+---
+
+## Built for real TypeScript apps
+
+### Branded types in practice
+
+If you have multiple entity ID types in your codebase, the TypeScript compiler
+can silently allow you to pass a `userId` where a `postId` is expected — both
+are just `string`. Branded types close that gap.
+
+```ts
+import { createTypedGenerator } from "sigilid/typed";
+import type { IdOf } from "sigilid/typed";
+
+const newUserId = createTypedGenerator<"User">("usr");
+const newPostId = createTypedGenerator<"Post">("post");
+
+type UserId = IdOf<"User">;
+type PostId = IdOf<"Post">;
+
+// Your service functions now accept precise types
+async function deletePost(postId: PostId) {
+  /* ... */
+}
+async function getUser(userId: UserId) {
+  /* ... */
+}
+
+const uid = newUserId();
+const pid = newPostId();
+
+deletePost(pid); // ✓
+deletePost(uid); // ✗ Argument of type 'IdOf<"User">' is not assignable to 'IdOf<"Post">'
+```
+
+### Validation at the edge
+
+```ts
+import { parseId } from "sigilid/validate";
+
+// In an Express/Hono/Fastify handler
+app.get("/users/:id", (req, res) => {
+  const id = parseId(req.params.id, { prefix: "usr" });
+  // id is a plain string, validated — throws before reaching your service
+});
+```
+
+### Tree-shaking
+
+Because each subpath is a separate bundle with no cross-imports, bundlers like
+Vite, esbuild, and webpack can eliminate unused entrypoints entirely. An app
+that imports only `generateId` will not include any prefix, validation, or
+alphabet code.
+
+---
+
+## Why not just use Nano ID?
+
+Nano ID is excellent. If all you need is the smallest possible secure random
+string generator, it may still be the right call — it has a longer track record
+and an even smaller core.
+
+`sigilid` is worth considering if:
+
+- You want prefixed IDs and typed IDs in the same package
+- You want validation helpers that know about your ID format
+- You want stricter TypeScript ergonomics out of the box
+- You want a single library that handles the full ID lifecycle
+
+If you are already using Nano ID and are happy with it, there is no compelling
+reason to switch just for the root `generateId` function — the behavior is
+similar. The subpath ecosystem is where `sigilid` earns its place.
+
+---
+
+## Runtime and environment notes
+
+`sigilid` uses `globalThis.crypto.getRandomValues`, which is available in:
+
+- Node.js 20+ (stable, no flags required)
+- All modern browsers
+- Edge runtimes: Cloudflare Workers, Vercel Edge, Deno, Bun
+
+If you are targeting an environment without Web Crypto, use `sigilid/non-secure`
+with the understanding that `Math.random` is not cryptographically safe.
+
+---
+
+## Package exports
+
+| Import               | Entry file           | Description                        |
+| -------------------- | -------------------- | ---------------------------------- |
+| `sigilid`            | `dist/index.js`      | Secure root generator              |
+| `sigilid/non-secure` | `dist/non-secure.js` | Math.random-based generator        |
+| `sigilid/prefix`     | `dist/prefix.js`     | Prefixed ID helpers                |
+| `sigilid/typed`      | `dist/typed.js`      | Branded types and typed generators |
+| `sigilid/validate`   | `dist/validate.js`   | Validation helpers                 |
+| `sigilid/alphabet`   | `dist/alphabet.js`   | Custom alphabet factory            |
+
+All exports are available as ESM (`.js`) and CommonJS (`.cjs`) with TypeScript declarations (`.d.ts`).
+
+---
+
+## Contributing
+
+Contributions are welcome. See [CONTRIBUTING.md](./CONTRIBUTING.md) for setup
+instructions, coding standards, and PR expectations.
+
+See [ARCHITECTURE.md](./ARCHITECTURE.md) for an explanation of the design
+decisions and constraints contributors should keep in mind.
+
+---
+
+## Release and versioning
+
+`sigilid` uses [Semantic Versioning](https://semver.org/). Breaking API changes
+will bump the major version. Releases are managed with
+[Changesets](https://github.com/changesets/changesets).
 
-| Import               | Description                 |
-| -------------------- | --------------------------- |
-| `sigilid`            | Secure random ID generator  |
-| `sigilid/non-secure` | Math.random-based generator |
-| `sigilid/prefix`     | Prefixed IDs (`usr_abc123`) |
-| `sigilid/typed`      | Branded TypeScript ID types |
-| `sigilid/validate`   | Validation helpers          |
-| `sigilid/alphabet`   | Custom alphabet factory     |
+---
 
 ## License
 
-MIT
+MIT — see [LICENSE](./LICENSE).

package/dist/alphabet.js

@@ -1,84 +1 @@
-// src/internal/alphabet.ts
-var MIN_ALPHABET_SIZE = 2;
-var MAX_ALPHABET_SIZE = 256;
-function validateAlphabetString(alphabet) {
-  if (typeof alphabet !== "string") {
-    throw new TypeError("Alphabet must be a string");
-  }
-  if (alphabet.length < MIN_ALPHABET_SIZE) {
-    throw new RangeError(
-      `Alphabet must have at least ${MIN_ALPHABET_SIZE} characters, got ${alphabet.length}`
-    );
-  }
-  if (alphabet.length > MAX_ALPHABET_SIZE) {
-    throw new RangeError(
-      `Alphabet must have at most ${MAX_ALPHABET_SIZE} characters, got ${alphabet.length}`
-    );
-  }
-  const seen = /* @__PURE__ */ new Set();
-  for (const char of alphabet) {
-    if (seen.has(char)) {
-      throw new TypeError(`Alphabet contains duplicate character: "${char}"`);
-    }
-    seen.add(char);
-  }
-}
-function generateFromAlphabet(alphabet, length, getBytes) {
-  const alphabetSize = alphabet.length;
-  let mask = 1;
-  while (mask < alphabetSize) mask = mask << 1 | 1;
-  const bufferMultiplier = Math.ceil(1.6 * mask * length / alphabetSize);
-  let result = "";
-  while (result.length < length) {
-    const bytes = getBytes(bufferMultiplier);
-    for (let i = 0; i < bytes.length && result.length < length; i++) {
-      const byte = bytes[i] & mask;
-      if (byte < alphabetSize) {
-        result += alphabet[byte];
-      }
-    }
-  }
-  return result;
-}
-
-// src/internal/assert.ts
-var MIN_LENGTH = 1;
-var MAX_LENGTH = 255;
-function assertLength(length) {
-  if (!Number.isInteger(length) || length < MIN_LENGTH || length > MAX_LENGTH) {
-    throw new RangeError(
-      `ID length must be an integer between ${MIN_LENGTH} and ${MAX_LENGTH}, got ${length}`
-    );
-  }
-}
-
-// src/internal/random.ts
-function randomBytes(count) {
-  if (typeof globalThis.crypto?.getRandomValues !== "function") {
-    throw new Error(
-      "Web Crypto API (globalThis.crypto.getRandomValues) is not available in this runtime. Use sigilid/non-secure if cryptographic quality is not required."
-    );
-  }
-  const bytes = new Uint8Array(count);
-  globalThis.crypto.getRandomValues(bytes);
-  return bytes;
-}
-
-// src/alphabet.ts
-var DEFAULT_LENGTH = 21;
-function validateAlphabet(alphabet) {
-  validateAlphabetString(alphabet);
-}
-function createAlphabet(alphabet) {
-  validateAlphabetString(alphabet);
-  return {
-    generate(length = DEFAULT_LENGTH) {
-      assertLength(length);
-      return generateFromAlphabet(alphabet, length, randomBytes);
-    }
-  };
-}
-
-export { createAlphabet, validateAlphabet };
-//# sourceMappingURL=alphabet.js.map
-//# sourceMappingURL=alphabet.js.map
+function i(t){if(typeof t!="string")throw new TypeError("alphabet must be a string");if(t.length<2)throw new RangeError("alphabet must have at least 2 characters");if(t.length>256)throw new RangeError("alphabet must have at most 256 characters");if(new Set(t).size!==t.length)throw new TypeError("alphabet has duplicate characters")}function g(t,r,m){let o=t.length,e=1;for(;e<o;)e=e<<1|1;let c=Math.ceil(1.6*e*r/o),n="";for(;n.length<r;){let s=m(c);for(let a=0;a<s.length&&n.length<r;a++){let u=s[a]&e;u<o&&(n+=t[u]);}}return n}function h(t){if(!Number.isInteger(t)||t<1||t>255)throw new RangeError(`length must be 1\u2013255, got ${t}`)}function l(t){let r=new Uint8Array(t);return globalThis.crypto.getRandomValues(r),r}var p=21;function v(t){i(t);}function E(t){return i(t),{generate(r=p){return h(r),g(t,r,l)}}}export{E as createAlphabet,v as validateAlphabet};

package/dist/index.js

@@ -1,55 +1 @@
-// src/internal/alphabet.ts
-function generateFromAlphabet(alphabet, length, getBytes) {
-  const alphabetSize = alphabet.length;
-  let mask = 1;
-  while (mask < alphabetSize) mask = mask << 1 | 1;
-  const bufferMultiplier = Math.ceil(1.6 * mask * length / alphabetSize);
-  let result = "";
-  while (result.length < length) {
-    const bytes = getBytes(bufferMultiplier);
-    for (let i = 0; i < bytes.length && result.length < length; i++) {
-      const byte = bytes[i] & mask;
-      if (byte < alphabetSize) {
-        result += alphabet[byte];
-      }
-    }
-  }
-  return result;
-}
-
-// src/internal/assert.ts
-var MIN_LENGTH = 1;
-var MAX_LENGTH = 255;
-function assertLength(length) {
-  if (!Number.isInteger(length) || length < MIN_LENGTH || length > MAX_LENGTH) {
-    throw new RangeError(
-      `ID length must be an integer between ${MIN_LENGTH} and ${MAX_LENGTH}, got ${length}`
-    );
-  }
-}
-
-// src/internal/constants.ts
-var DEFAULT_ALPHABET = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_-";
-
-// src/internal/random.ts
-function randomBytes(count) {
-  if (typeof globalThis.crypto?.getRandomValues !== "function") {
-    throw new Error(
-      "Web Crypto API (globalThis.crypto.getRandomValues) is not available in this runtime. Use sigilid/non-secure if cryptographic quality is not required."
-    );
-  }
-  const bytes = new Uint8Array(count);
-  globalThis.crypto.getRandomValues(bytes);
-  return bytes;
-}
-
-// src/index.ts
-var DEFAULT_LENGTH = 21;
-function generateId(length = DEFAULT_LENGTH) {
-  assertLength(length);
-  return generateFromAlphabet(DEFAULT_ALPHABET, length, randomBytes);
-}
-
-export { DEFAULT_ALPHABET, generateId };
-//# sourceMappingURL=index.js.map
-//# sourceMappingURL=index.js.map
+function m(t,r,p){let o=t.length,e=1;for(;e<o;)e=e<<1|1;let g=Math.ceil(1.6*e*r/o),n="";for(;n.length<r;){let i=p(g);for(let a=0;a<i.length&&n.length<r;a++){let s=i[a]&e;s<o&&(n+=t[s]);}}return n}function u(t){if(!Number.isInteger(t)||t<1||t>255)throw new RangeError(`length must be 1\u2013255, got ${t}`)}var h="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_-";function c(t){let r=new Uint8Array(t);return globalThis.crypto.getRandomValues(r),r}var f=21;function x(t=f){return u(t),m(h,t,c)}export{h as DEFAULT_ALPHABET,x as generateId};

package/dist/non-secure.js

@@ -1,29 +1 @@
-// src/internal/assert.ts
-var MIN_LENGTH = 1;
-var MAX_LENGTH = 255;
-function assertLength(length) {
-  if (!Number.isInteger(length) || length < MIN_LENGTH || length > MAX_LENGTH) {
-    throw new RangeError(
-      `ID length must be an integer between ${MIN_LENGTH} and ${MAX_LENGTH}, got ${length}`
-    );
-  }
-}
-
-// src/internal/constants.ts
-var DEFAULT_ALPHABET = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_-";
-
-// src/non-secure.ts
-var DEFAULT_LENGTH = 21;
-function generateNonSecureId(length = DEFAULT_LENGTH) {
-  assertLength(length);
-  let result = "";
-  const size = DEFAULT_ALPHABET.length;
-  for (let i = 0; i < length; i++) {
-    result += DEFAULT_ALPHABET[Math.floor(Math.random() * size)];
-  }
-  return result;
-}
-
-export { generateNonSecureId };
-//# sourceMappingURL=non-secure.js.map
-//# sourceMappingURL=non-secure.js.map
+function o(t){if(!Number.isInteger(t)||t<1||t>255)throw new RangeError(`length must be 1\u2013255, got ${t}`)}var r="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_-";var i=21;function c(t=i){o(t);let e="",s=r.length;for(let n=0;n<t;n++)e+=r[Math.floor(Math.random()*s)];return e}export{c as generateNonSecureId};

package/dist/prefix.js

@@ -1,74 +1 @@
-// src/internal/alphabet.ts
-function generateFromAlphabet(alphabet, length, getBytes) {
-  const alphabetSize = alphabet.length;
-  let mask = 1;
-  while (mask < alphabetSize) mask = mask << 1 | 1;
-  const bufferMultiplier = Math.ceil(1.6 * mask * length / alphabetSize);
-  let result = "";
-  while (result.length < length) {
-    const bytes = getBytes(bufferMultiplier);
-    for (let i = 0; i < bytes.length && result.length < length; i++) {
-      const byte = bytes[i] & mask;
-      if (byte < alphabetSize) {
-        result += alphabet[byte];
-      }
-    }
-  }
-  return result;
-}
-
-// src/internal/assert.ts
-var MIN_LENGTH = 1;
-var MAX_LENGTH = 255;
-function assertLength(length) {
-  if (!Number.isInteger(length) || length < MIN_LENGTH || length > MAX_LENGTH) {
-    throw new RangeError(
-      `ID length must be an integer between ${MIN_LENGTH} and ${MAX_LENGTH}, got ${length}`
-    );
-  }
-}
-function assertPrefix(prefix) {
-  if (typeof prefix !== "string" || prefix.length === 0) {
-    throw new TypeError("Prefix must be a non-empty string");
-  }
-  if (!/^[a-zA-Z][a-zA-Z0-9]*$/.test(prefix)) {
-    throw new TypeError("Prefix must start with a letter and contain only letters and digits");
-  }
-}
-
-// src/internal/constants.ts
-var DEFAULT_ALPHABET = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_-";
-
-// src/internal/random.ts
-function randomBytes(count) {
-  if (typeof globalThis.crypto?.getRandomValues !== "function") {
-    throw new Error(
-      "Web Crypto API (globalThis.crypto.getRandomValues) is not available in this runtime. Use sigilid/non-secure if cryptographic quality is not required."
-    );
-  }
-  const bytes = new Uint8Array(count);
-  globalThis.crypto.getRandomValues(bytes);
-  return bytes;
-}
-
-// src/prefix.ts
-var DEFAULT_LENGTH = 21;
-var SEPARATOR = "_";
-function generatePrefixedId(prefix, length = DEFAULT_LENGTH) {
-  assertPrefix(prefix);
-  assertLength(length);
-  const id = generateFromAlphabet(DEFAULT_ALPHABET, length, randomBytes);
-  return `${prefix}${SEPARATOR}${id}`;
-}
-function createPrefixedGenerator(prefix, length = DEFAULT_LENGTH) {
-  assertPrefix(prefix);
-  assertLength(length);
-  return () => {
-    const id = generateFromAlphabet(DEFAULT_ALPHABET, length, randomBytes);
-    return `${prefix}${SEPARATOR}${id}`;
-  };
-}
-
-export { createPrefixedGenerator, generatePrefixedId };
-//# sourceMappingURL=prefix.js.map
-//# sourceMappingURL=prefix.js.map
+function a(t,r,e){let i=t.length,n=1;for(;n<i;)n=n<<1|1;let b=Math.ceil(1.6*n*r/i),o="";for(;o.length<r;){let h=e(b);for(let s=0;s<h.length&&o.length<r;s++){let f=h[s]&n;f<i&&(o+=t[f]);}}return o}function u(t){if(!Number.isInteger(t)||t<1||t>255)throw new RangeError(`length must be 1\u2013255, got ${t}`)}function c(t){if(typeof t!="string"||t.length===0)throw new TypeError("prefix must be a non-empty string");if(!/^[a-zA-Z][a-zA-Z0-9]*$/.test(t))throw new TypeError("prefix must start with a letter and contain only alphanumeric characters")}var m="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_-";function g(t){let r=new Uint8Array(t);return globalThis.crypto.getRandomValues(r),r}var p=21,l="_";function P(t,r=p){c(t),u(r);let e=a(m,r,g);return `${t}${l}${e}`}function $(t,r=p){return c(t),u(r),()=>{let e=a(m,r,g);return `${t}${l}${e}`}}export{$ as createPrefixedGenerator,P as generatePrefixedId};