Security News
How Threat Actors are Abusing GitHub’s File Upload Feature to Host Malware
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
By Sarah Gooding - Apr 23, 2024
- Version published
- Weekly downloads
- 104M
- increased by2.02%
- Maintainers
- 3
- Install size
- 22.0 kB
- Created
- Weekly downloads
Package description
What is uuid?
The uuid npm package is used to generate universally unique identifiers (UUIDs), which are 128-bit numbers used to uniquely identify information in computer systems. The package supports multiple versions of UUIDs, each with different methods of generation based on requirements such as randomness, time-based generation, and name-based generation using namespaces.
What are uuid's main functionalities?
Generate UUID v1
Generates a version 1 UUID based on timestamp and MAC address of the host machine, ensuring temporal uniqueness.
const { v1: uuidv1 } = require('uuid');
console.log(uuidv1());Generate UUID v4
Generates a version 4 UUID using random or pseudo-random numbers, providing a higher degree of randomness.
const { v4: uuidv4 } = require('uuid');
console.log(uuidv4());Generate UUID v3
Generates a version 3 UUID using MD5 hashing of a namespace identifier and a name.
const { v3: uuidv3 } = require('uuid');
const MY_NAMESPACE = '1b671a64-40d5-491e-99b0-da01ff1f3341';
console.log(uuidv3('Hello, World!', MY_NAMESPACE));Generate UUID v5
Generates a version 5 UUID using SHA-1 hashing of a namespace identifier and a name, providing better uniqueness and lower collision probability than v3.
const { v5: uuidv5 } = require('uuid');
const MY_NAMESPACE = '1b671a64-40d5-491e-99b0-da01ff1f3341';
console.log(uuidv5('Hello, World!', MY_NAMESPACE));Other packages similar to uuid
shortid
ShortId generates short, non-sequential, URL-friendly unique ids. Unlike uuid, which generates 128-bit long UUIDs, ShortId creates shorter ids, which can be easier to use in URLs or when space is limited. However, ShortId is not recommended for security-critical applications due to the shorter identifier length and lower entropy.
nanoid
NanoId is a tiny, secure, URL-friendly, unique string ID generator for JavaScript. It is similar to uuid v4 in that it provides a way to generate random IDs, but it offers a customizable alphabet and length, allowing for a wider range of possible IDs. NanoId claims to be faster and more compact than UUID, making it a good alternative for many applications.
cuid
CUID (Collision-resistant Unique Identifier) is another alternative for generating unique identifiers. It is designed to be more collision-resistant than uuid and is optimized for horizontal scaling and sequential lookup performance. CUIDs are longer than UUIDs and contain a timestamp, which can be useful for sorting records in a database.
Changelog
3.1.0 (2017-06-17)
Bug Fixes
- (fix) Add .npmignore file to exclude test/ and other non-essential files from packing. (#183)
- Fix typo (#178)
- Simple typo fix (#165)
Features
- v5 support in CLI (#197)
- V5 support (#188)
Readme
uuid 
Simple, fast generation of RFC4122 UUIDS.
Features:
- Support for version 1, 4 and 5 UUIDs
- Cross-platform
- Uses cryptographically-strong random number APIs (when available)
- Zero-dependency, small footprint (... but not this small)
Quickstart - CommonJS (Recommended)
npm install uuid
Then generate your uuid version of choice ...
Version 1 (timestamp):
const uuidv1 = require('uuid/v1');
uuidv1(); // -> '6c84fb90-12c4-11e1-840d-7b25c5ee775a'
Version 4 (random):
const uuidv4 = require('uuid/v4');
uuidv4(); // -> '110ec58a-a0f2-4ac4-8393-c866d813b8d1'
Version 5 (namespace):
const uuidv5 = require('uuid/v5');
// ... using predefined DNS namespace (for domain names)
uuidv5('hello.example.com', uuidv5.DNS)); // -> 'fdda765f-fc57-5604-a269-52a7df8164ec'
// ... using predefined URL namespace (for, well, URLs)
uuidv5('http://example.com/hello', uuidv5.URL); // -> '3bbcee75-cecc-5b56-8031-b6641c1ed1f1'
// ... using a custom namespace
const MY_NAMESPACE = '<UUID string you previously generated elsewhere>';
uuidv5('Hello, World!', MY_NAMESPACE); // -> '90123e1c-7512-523e-bb28-76fab9f2f73d'
Quickstart - Browser-ready Versions
Browser-ready versions of this module are available via wzrd.in.
For version 1 uuids:
<script src="http://wzrd.in/standalone/uuid%2Fv1@latest"></script>
<script>
uuidv1(); // -> v1 UUID
</script>
For version 4 uuids:
<script src="http://wzrd.in/standalone/uuid%2Fv4@latest"></script>
<script>
uuidv4(); // -> v4 UUID
</script>
For version 5 uuids:
<script src="http://wzrd.in/standalone/uuid%2Fv5@latest"></script>
<script>
uuidv5('http://example.com/hello', uuidv5.URL); // -> v5 UUID
</script>
API
Version 1
const uuidv1 = require('uuid/v1');
// Allowed arguments
uuidv1();
uuidv1(options);
uuidv1(options, buffer, offset);
Generate and return a RFC4122 v1 (timestamp-based) UUID.
-
options- (Object) Optional uuid state to apply. Properties may include:node- (Array) Node id as Array of 6 bytes (per 4.1.6). Default: Randomly generated ID. See note 1.clockseq- (Number between 0 - 0x3fff) RFC clock sequence. Default: An internally maintained clockseq is used.msecs- (Number | Date) Time in milliseconds since unix Epoch. Default: The current time is used.nsecs- (Number between 0-9999) additional time, in 100-nanosecond units. Ignored ifmsecsis unspecified. Default: internal uuid counter is used, as per 4.2.1.2.
-
buffer- (Array | Buffer) Array or buffer where UUID bytes are to be written. -
offset- (Number) Starting index inbufferat which to begin writing.
Returns buffer, if specified, otherwise the string form of the UUID
Note: The id is generated guaranteed to stay constant for the lifetime of the current JS runtime. (Future versions of this module may use persistent storage mechanisms to extend this guarantee.)
Example: Generate string UUID with fully-specified options
uuidv1({
node: [0x01, 0x23, 0x45, 0x67, 0x89, 0xab],
clockseq: 0x1234,
msecs: new Date('2011-11-01').getTime(),
nsecs: 5678
}); // -> "710b962e-041c-11e1-9234-0123456789ab"
Example: In-place generation of two binary IDs
// Generate two ids in an array
const arr = new Array(32); // -> []
uuidv1(null, arr, 0); // -> [02 a2 ce 90 14 32 11 e1 85 58 0b 48 8e 4f c1 15]
uuidv1(null, arr, 16); // -> [02 a2 ce 90 14 32 11 e1 85 58 0b 48 8e 4f c1 15 02 a3 1c b0 14 32 11 e1 85 58 0b 48 8e 4f c1 15]
Version 4
const uuidv4 = require('uuid/v4')
// Allowed arguments
uuidv4();
uuidv4(options);
uuidv4(options, buffer, offset);
Generate and return a RFC4122 v4 UUID.
options- (Object) Optional uuid state to apply. Properties may include:random- (Number[16]) Array of 16 numbers (0-255) to use in place of randomly generated valuesrng- (Function) Random # generator function that returns an Array[16] of byte values (0-255)
buffer- (Array | Buffer) Array or buffer where UUID bytes are to be written.offset- (Number) Starting index inbufferat which to begin writing.
Returns buffer, if specified, otherwise the string form of the UUID
Example: Generate string UUID with fully-specified options
uuid.v4({
random: [
0x10, 0x91, 0x56, 0xbe, 0xc4, 0xfb, 0xc1, 0xea,
0x71, 0xb4, 0xef, 0xe1, 0x67, 0x1c, 0x58, 0x36
]
});
// -> "109156be-c4fb-41ea-b1b4-efe1671c5836"
Example: Generate two IDs in a single buffer
const buffer = new Array(32); // (or 'new Buffer' in node.js)
uuid.v4(null, buffer, 0);
uuid.v4(null, buffer, 16);
Version 5
const uuidv5 = require('uuid/v4');
// Allowed arguments
uuidv5(name, namespace);
uuidv5(name, namespace, buffer);
uuidv5(name, namespace, buffer, offset);
Generate and return a RFC4122 v4 UUID.
name- (String | Array[]) "name" to create UUID withnamespace- (String | Array[]) "namespace" UUID either as a String or Array[16] of byte valuesbuffer- (Array | Buffer) Array or buffer where UUID bytes are to be written.offset- (Number) Starting index inbufferat which to begin writing. Default = 0
Returns buffer, if specified, otherwise the string form of the UUID
Example:
// Generate a unique namespace (typically you would do this once, outside of
// your project, then bake this value into your code)
const uuidv4 = require('uuid/v4');
const MY_NAMESPACE = uuidv4(); //
// Generate a couple namespace uuids
const uuidv5 = require('uuid/v5');
uuidv5('hello', MY_NAMESPACE);
uuidv5('world', MY_NAMESPACE);
Testing
npm test
Deprecated / Browser-ready API
The API below is available for legacy purposes and is not expected to be available post-3.X
const uuid = require('uuid');
uuid.v1(...); // alias of uuid/v1
uuid.v4(...); // alias of uuid/v4
uuid(...); // alias of uuid/v4
// uuid.v5() is not supported in this API
Legacy node-uuid package
The code for the legacy node-uuid package is available in the node-uuid branch.
FAQs
RFC4122 (v1, v4, and v5) UUIDs
The npm package uuid receives a total of 83,845,385 weekly downloads. As such, uuid popularity was classified as popular.
We found that uuid demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Last updated on 16 Jun 2017
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
By Sarah Gooding - Apr 19, 2024
Research
Security News
npm Package for ReExt React Components Library Exfiltrates Git Credentials
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
By Sarah Gooding, Socket Research Team - Apr 18, 2024