Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
random-number-csprng-2
Advanced tools
A cryptographically secure generator for random numbers in a range.
This is a fork of module random-number-csprng without external dependencies and updated to be compatible with Node v12 and Babel v7.
WTFPL or CC0, whichever you prefer. A donation and/or attribution are appreciated, but not required.
Income of original module's author consists largely of donations for their projects. If this module is useful to you, consider making a donation to the author!
You can donate using Bitcoin, PayPal, Flattr, cash-in-mail, SEPA transfers, and pretty much anything else.
Pull requests welcome. Please make sure your modifications are in line with the overall code style, and ensure that you're editing the files in src/
, not those in lib/
.
Build tool of choice is gulp
; simply run gulp
while developing, and it will watch for changes.
Be aware that by making a pull request, you agree to release your modifications under the licenses stated above.
This module will return the result asynchronously - this is necessary to avoid blocking your entire application while generating a number.
An example:
var randomNumber = require("random-number-csprng-2");
Promise.resolve().then(function() {
return randomNumber(10, 30);
}).then(function(number) {
console.log("Your random number:", number);
}).catch(function(err) {
console.log("Something went wrong: " + err.code);
});
Returns a Promise that resolves to a random number within the specified range.
Note that the range is inclusive, and both numbers must be integer values. It is not possible to securely generate a random value for floating point numbers, so if you are working with fractional numbers (eg. 1.24
), you will have to decide on a fixed 'precision' and turn them into integer values (eg. 124
).
Optionally also accepts a nodeback as cb
, but seriously, you should be using Promises.
Any errors that occur during the random number generation process will be of this type. The error object will also have a code
property, set to the string "RandomGenerationError"
.
The error message will provide more information, but this kind of error will generally mean that the arguments you've specified are somehow invalid.
Don't use ranges any bigger than 2^32 - 1 or 4,294,97,295. Details in Issue #4 of the original module.
This fork isn't tested in browser yet. You can help with it.
FAQs
A cryptographically secure generator for random numbers in a range.
The npm package random-number-csprng-2 receives a total of 26 weekly downloads. As such, random-number-csprng-2 popularity was classified as not popular.
We found that random-number-csprng-2 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.