Remove insecure rng #354
Merged
Remove insecure rng #354
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ctavan
force-pushed
the
remove-insecure-rng
branch
from
8f71d27
to
b6af549
Compare
|
BTW as expected this now fails in IE 10 where no crypto.getRandomValues() is available:
|
ctavan
force-pushed
the
remove-insecure-rng
branch
from
b6af549
to
e983a0d
Compare
ctavan
force-pushed
the
remove-insecure-rng
branch
2 times, most recently
from
e87e36b
to
1ff90ce
Compare
|
@broofa do you think that, given the now-wide-spread support for CSRNGs in all platforms, we still need the wiki page over at https://github.com/uuidjs/uuid/wiki#no-secure-rng-error ? |
ctavan
force-pushed
the
remove-insecure-rng
branch
4 times, most recently
from
7fe0e70
to
b41721f
Compare
|
Go ahead and kill that wiki page. |
|
@broofa did you close this PR on purpose? |
ctavan
force-pushed
the
remove-insecure-rng
branch
from
b41721f
to
32e4e86
Compare
|
I did not. Sorry about that! |
broofa
approved these changes
Jan 27, 2020
README_js.md
Outdated
| ### Version 1 (Timestamp + Node) | ||
|
|
||
| ⚠️⚠️⚠️ **Please make sure to check whether you really need the timestamp properties of Version 1 |
There was a problem hiding this comment.
Would be good to have a link of some sort that provides information to help with readers' v1 vs v4 decision making.
There was a problem hiding this comment.
I've added a link to the standard lib proposal. I think that covers the reasoning.
Also add a reminder that v1 UUIDs may very often not be the ideal choice. This relates to the research from https://github.com/tc39/proposal-uuid/blob/master/analysis/README.md
BREAKING CHANGE: Remove builtin support for insecure random number generators in the browser. Users who want that will have to supply their own random number generator function. Fixes #173.
ctavan
force-pushed
the
remove-insecure-rng
branch
from
32e4e86
to
3a5842b
Compare
This was referenced Jan 27, 2020
This was referenced Feb 24, 2020
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Closes #294 and fixes #173