Security News
Research
Supply Chain Attack on Rspack npm Packages Injects Cryptojacking Malware
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
@thi.ng/idgen
Advanced tools
Generator of opaque numeric identifiers with optional support for ID versioning and efficient re-use
This project is part of the @thi.ng/umbrella monorepo.
Generator of opaque numeric identifiers with optional support for ID versioning and efficient re-use.
Previously generated IDs that have been discarded are stored in a memory-efficient implicit list of free IDs and will be re-used. The overall range of IDs can be specified/limited at construction time and is based on a given bit width. The largest range currently supported is 32 bits, less if versioning is enabled (configurable).
If versioning is used, the produced IDs are composite values, i.e. the lowest bits contain the actual ID (e.g for indexing purposes) and other bits contain the version information.
Both parts can be extracted via the generator's .id()
and .version()
methods. Each time a valid versioned ID is being discarded via
.free(id)
, its version is being increased and, depending on use case
and usage frequency, will eventually overflow back to 0. Once an ID's
version has been updated, the old version is considered invalid. IDs can
be checked for validity via .has(id)
(in constant time).
STABLE - used in production
Search or submit any issues for this package
yarn add @thi.ng/idgen
// ES module
<script type="module" src="https://unpkg.com/@thi.ng/idgen?module" crossorigin></script>
// UMD
<script src="https://unpkg.com/@thi.ng/idgen/lib/index.umd.js" crossorigin></script>
Package sizes (gzipped, pre-treeshake): ESM: 857 bytes / CJS: 906 bytes / UMD: 1019 bytes
import { idgen } from "@thi.ng/idgen";
const ids = idgen(16, 0);
ids.next();
// 0
ids.next();
// 1
ids.next(2);
// 2
// discard ID 0
ids.free(0);
// true
ids.has(0);
// false
// reuse
ids.next()
// 0
ids.has(0);
// true
ids.next()
// 3
// the 8bit version range is being deduced automatically (32-24 = 8),
// but can also be overwritten
const ids = idgen(24);
const a = ids.next();
// 0
ids.free(a);
// true
const b = ids.next();
// 16777216
// b is the re-used new version of a
ids.id(b);
// 0
ids.version(b)
// 1
ids.has(b);
// true
// a is invalid at this point
// (even though a's .id() part is the same as b's)
ids.has(a);
// false
const ids = ig.idgen(8);
ids.next();
// 0
ids.next();
// 1
ids.next();
// 2
ids.next();
// 3
ids.free(2);
// true
// only currently used IDs are returned
// NO ordering guarantee!
[...ids]
// [ 3, 1, 0 ]
ids.next();
// 258
[...ids]
// [3, 258, 1, 0]
Karsten Schmidt
If this project contributes to an academic publication, please cite it as:
@misc{thing-idgen,
title = "@thi.ng/idgen",
author = "Karsten Schmidt",
note = "https://thi.ng/idgen",
year = 2019
}
© 2019 - 2021 Karsten Schmidt // Apache Software License 2.0
FAQs
Generator of opaque numeric identifiers with optional support for ID versioning and efficient re-use
The npm package @thi.ng/idgen receives a total of 124 weekly downloads. As such, @thi.ng/idgen popularity was classified as not popular.
We found that @thi.ng/idgen demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.
Security News
Sonar’s acquisition of Tidelift highlights a growing industry shift toward sustainable open source funding, addressing maintainer burnout and critical software dependencies.