lazy-load getRandomValues to mitigate problems with react-native-get-random-values polyfill #537
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
TrySound
approved these changes
Nov 21, 2020
broofa
approved these changes
Nov 21, 2020
|
@drewthaler I've published |
|
As reported in #536 (comment) this seems to work. Released as Thanks again for the contribution 🙇 |
This was referenced Mar 12, 2021
Vylpes
pushed a commit
to Vylpes/Droplet
that referenced
this pull request
Sep 14, 2023
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [uuid](https://github.com/uuidjs/uuid) | dependencies | major | [`^8.3.2` -> `^9.0.0`](https://renovatebot.com/diffs/npm/uuid/8.3.2/9.0.0) | | [@types/uuid](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/uuid) ([source](https://github.com/DefinitelyTyped/DefinitelyTyped)) | dependencies | major | [`^8.3.0` -> `^9.0.0`](https://renovatebot.com/diffs/npm/@types%2fuuid/8.3.0/9.0.1) | --- ### Release Notes <details> <summary>uuidjs/uuid</summary> ### [`v9.0.0`](https://github.com/uuidjs/uuid/blob/HEAD/CHANGELOG.md#​900-httpsgithubcomuuidjsuuidcomparev832v900-2022-09-05) [Compare Source](uuidjs/uuid@v8.3.2...v9.0.0) ##### ⚠ BREAKING CHANGES - Drop Node.js 10.x support. This library always aims at supporting one EOLed LTS release which by this time now is 12.x which has reached EOL 30 Apr 2022. - Remove the minified UMD build from the package. Minified code is hard to audit and since this is a widely used library it seems more appropriate nowadays to optimize for auditability than to ship a legacy module format that, at best, serves educational purposes nowadays. For production browser use cases, users should be using a bundler. For educational purposes, today's online sandboxes like replit.com offer convenient ways to load npm modules, so the use case for UMD through repos like UNPKG or jsDelivr has largely vanished. - Drop IE 11 and Safari 10 support. Drop support for browsers that don't correctly implement const/let and default arguments, and no longer transpile the browser build to ES2015. This also removes the fallback on msCrypto instead of the crypto API. Browser tests are run in the first supported version of each supported browser and in the latest (as of this commit) version available on Browserstack. ##### Features - optimize uuid.v1 by 1.3x uuid.v4 by 4.3x (430%) ([#​597](uuidjs/uuid#597)) ([3a033f6](uuidjs/uuid@3a033f6)) - remove UMD build ([#​645](uuidjs/uuid#645)) ([e948a0f](uuidjs/uuid@e948a0f)), closes [#​620](uuidjs/uuid#620) - use native crypto.randomUUID when available ([#​600](uuidjs/uuid#600)) ([c9e076c](uuidjs/uuid@c9e076c)) ##### Bug Fixes - add Jest/jsdom compatibility ([#​642](uuidjs/uuid#642)) ([16f9c46](uuidjs/uuid@16f9c46)) - change default export to named function ([#​545](uuidjs/uuid#545)) ([c57bc5a](uuidjs/uuid@c57bc5a)) - handle error when parameter is not set in v3 and v5 ([#​622](uuidjs/uuid#622)) ([fcd7388](uuidjs/uuid@fcd7388)) - run npm audit fix ([#​644](uuidjs/uuid#644)) ([04686f5](uuidjs/uuid@04686f5)) - upgrading from uuid3 broken link ([#​568](uuidjs/uuid#568)) ([1c849da](uuidjs/uuid@1c849da)) ##### build - drop Node.js 8.x from babel transpile target ([#​603](uuidjs/uuid#603)) ([aa11485](uuidjs/uuid@aa11485)) - drop support for legacy browsers (IE11, Safari 10) ([#​604](uuidjs/uuid#604)) ([0f433e5](uuidjs/uuid@0f433e5)) - drop node 10.x to upgrade dev dependencies ([#​653](uuidjs/uuid#653)) ([28a5712](uuidjs/uuid@28a5712)), closes [#​643](uuidjs/uuid#643) ##### [8.3.2](uuidjs/uuid@v8.3.1...v8.3.2) (2020-12-08) ##### Bug Fixes - lazy load getRandomValues ([#​537](uuidjs/uuid#537)) ([16c8f6d](uuidjs/uuid@16c8f6d)), closes [#​536](uuidjs/uuid#536) ##### [8.3.1](uuidjs/uuid@v8.3.0...v8.3.1) (2020-10-04) ##### Bug Fixes - support expo>=39.0.0 ([#​515](uuidjs/uuid#515)) ([c65a0f3](uuidjs/uuid@c65a0f3)), closes [#​375](uuidjs/uuid#375) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNC43NC4yIiwidXBkYXRlZEluVmVyIjoiMzQuNzQuMiJ9--> Co-authored-by: Renovate Bot <renovate@vylpes.com> Reviewed-on: https://gitea.vylpes.xyz/RabbitLabs/Droplet/pulls/111 Reviewed-by: Vylpes <ethan@vylpes.com> Co-authored-by: RenovateBot <renovate@vylpes.com> Co-committed-by: RenovateBot <renovate@vylpes.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Here's a PR for the lazy loading fix discussed in #536. This defers the loading and caching of crypto.getRandomValues to first invocation, rather than module load time, helping out React Native clients.
Without this change, RN projects must manage an implicit dependency on react-native-get-random-values, and try to ensure that it gets loaded before uuid does.
With this change, the RN polyfill simply needs to be installed sometime before the first uuid is created.
No significant benchmark differences. (In fact the v4 tests ran slightly faster on my machine with this change, but I'm sure that was accidental.)