Security News
ESLint is Now Language-Agnostic: Linting JSON, Markdown, and Beyond
ESLint has added JSON and Markdown linting support with new officially-supported plugins, expanding its versatility beyond JavaScript.
The uuid npm package is used to generate universally unique identifiers (UUIDs), which are 128-bit numbers used to uniquely identify information in computer systems. The package supports multiple versions of UUIDs, each with different methods of generation based on requirements such as randomness, time-based generation, and name-based generation using namespaces.
Generate UUID v1
Generates a version 1 UUID based on timestamp and MAC address of the host machine, ensuring temporal uniqueness.
const { v1: uuidv1 } = require('uuid');
console.log(uuidv1());
Generate UUID v4
Generates a version 4 UUID using random or pseudo-random numbers, providing a higher degree of randomness.
const { v4: uuidv4 } = require('uuid');
console.log(uuidv4());
Generate UUID v3
Generates a version 3 UUID using MD5 hashing of a namespace identifier and a name.
const { v3: uuidv3 } = require('uuid');
const MY_NAMESPACE = '1b671a64-40d5-491e-99b0-da01ff1f3341';
console.log(uuidv3('Hello, World!', MY_NAMESPACE));
Generate UUID v5
Generates a version 5 UUID using SHA-1 hashing of a namespace identifier and a name, providing better uniqueness and lower collision probability than v3.
const { v5: uuidv5 } = require('uuid');
const MY_NAMESPACE = '1b671a64-40d5-491e-99b0-da01ff1f3341';
console.log(uuidv5('Hello, World!', MY_NAMESPACE));
ShortId generates short, non-sequential, URL-friendly unique ids. Unlike uuid, which generates 128-bit long UUIDs, ShortId creates shorter ids, which can be easier to use in URLs or when space is limited. However, ShortId is not recommended for security-critical applications due to the shorter identifier length and lower entropy.
NanoId is a tiny, secure, URL-friendly, unique string ID generator for JavaScript. It is similar to uuid v4 in that it provides a way to generate random IDs, but it offers a customizable alphabet and length, allowing for a wider range of possible IDs. NanoId claims to be faster and more compact than UUID, making it a good alternative for many applications.
CUID (Collision-resistant Unique Identifier) is another alternative for generating unique identifiers. It is designed to be more collision-resistant than uuid and is optimized for horizontal scaling and sequential lookup performance. CUIDs are longer than UUIDs and contain a timestamp, which can be useful for sorting records in a database.
For the creation of RFC4122 UUIDs
uuid
command line utilityUpgrading from uuid@3.x
? Your code is probably okay, but check out Upgrading From uuid@3.x
for details.
To create a random UUID...
1. Install
npm install uuid
2. Create a UUID (ES6 module syntax)
import { v4 as uuidv4 } from 'uuid';
uuidv4(); // ⇨ '9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d'
... or using CommonJS syntax:
const { v4: uuidv4 } = require('uuid');
uuidv4(); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'
For timestamp UUIDs, namespace UUIDs, and other options read on ...
uuid.NIL | The nil UUID string (all zeros) | New in uuid@8.3 |
uuid.parse() | Convert UUID string to array of bytes | New in uuid@8.3 |
uuid.stringify() | Convert array of bytes to UUID string | New in uuid@8.3 |
uuid.v1() | Create a version 1 (timestamp) UUID | |
uuid.v3() | Create a version 3 (namespace w/ MD5) UUID | |
uuid.v4() | Create a version 4 (random) UUID | |
uuid.v5() | Create a version 5 (namespace w/ SHA-1) UUID | |
uuid.validate() | Test a string to see if it is a valid UUID | New in uuid@8.3 |
uuid.version() | Detect RFC version of a UUID | New in uuid@8.3 |
The nil UUID string (all zeros).
Example:
import { NIL as NIL_UUID } from 'uuid';
NIL_UUID; // ⇨ '00000000-0000-0000-0000-000000000000'
Convert UUID string to array of bytes
str | A valid UUID String |
returns | Uint8Array[16] |
throws | TypeError if str is not a valid UUID |
Note: Ordering of values in the byte arrays used by parse()
and stringify()
follows the left ↠ right order of hex-pairs in UUID strings. As shown in the example below.
Example:
import { parse as uuidParse } from 'uuid';
// Parse a UUID
const bytes = uuidParse('6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b');
// Convert to hex strings to show byte order (for documentation purposes)
[...bytes].map((v) => v.toString(16).padStart(2, '0')); // ⇨
// [
// '6e', 'c0', 'bd', '7f',
// '11', 'c0', '43', 'da',
// '97', '5e', '2a', '8a',
// 'd9', 'eb', 'ae', '0b'
// ]
Convert array of bytes to UUID string
arr | Array -like collection of 16 values (starting from offset ) between 0-255. |
[offset = 0] | Number Starting index in the Array |
returns | String |
throws | TypeError if a valid UUID string cannot be generated |
Note: Ordering of values in the byte arrays used by parse()
and stringify()
follows the left ↠ right order of hex-pairs in UUID strings. As shown in the example below.
Example:
import { stringify as uuidStringify } from 'uuid';
const uuidBytes = [
0x6e,
0xc0,
0xbd,
0x7f,
0x11,
0xc0,
0x43,
0xda,
0x97,
0x5e,
0x2a,
0x8a,
0xd9,
0xeb,
0xae,
0x0b,
];
uuidStringify(uuidBytes); // ⇨ '6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b'
Create an RFC version 1 (timestamp) UUID
[options ] | Object with one or more of the following properties: |
[options.node ] | RFC "node" field as an Array[6] of byte values (per 4.1.6) |
[options.clockseq ] | RFC "clock sequence" as a Number between 0 - 0x3fff |
[options.msecs ] | RFC "timestamp" field (Number of milliseconds, unix epoch) |
[options.nsecs ] | RFC "timestamp" field (Number of nanseconds to add to msecs , should be 0-10,000) |
[options.random ] | Array of 16 random bytes (0-255) |
[options.rng ] | Alternative to options.random , a Function that returns an Array of 16 random bytes (0-255) |
[buffer ] | Array | Buffer If specified, uuid will be written here in byte-form, starting at offset |
[offset = 0] | Number Index to start writing UUID bytes in buffer |
returns | UUID String if no buffer is specified, otherwise returns buffer |
throws | Error if more than 10M UUIDs/sec are requested |
Note: The default node id (the last 12 digits in the UUID) is generated once, randomly, on process startup, and then remains unchanged for the duration of the process.
Note: options.random
and options.rng
are only meaningful on the very first call to v1()
, where they may be passed to initialize the internal node
and clockseq
fields.
Example:
import { v1 as uuidv1 } from 'uuid';
uuidv1(); // ⇨ '2c5ea4c0-4067-11e9-8bad-9b1deb4d3b7d'
Example using options
:
import { v1 as uuidv1 } from 'uuid';
const v1options = {
node: [0x01, 0x23, 0x45, 0x67, 0x89, 0xab],
clockseq: 0x1234,
msecs: new Date('2011-11-01').getTime(),
nsecs: 5678,
};
uuidv1(v1options); // ⇨ '710b962e-041c-11e1-9234-0123456789ab'
Create an RFC version 3 (namespace w/ MD5) UUID
API is identical to v5()
, but uses "v3" instead.
⚠️ Note: Per the RFC, "If backward compatibility is not an issue, SHA-1 [Version 5] is preferred."
Create an RFC version 4 (random) UUID
[options ] | Object with one or more of the following properties: |
[options.random ] | Array of 16 random bytes (0-255) |
[options.rng ] | Alternative to options.random , a Function that returns an Array of 16 random bytes (0-255) |
[buffer ] | Array | Buffer If specified, uuid will be written here in byte-form, starting at offset |
[offset = 0] | Number Index to start writing UUID bytes in buffer |
returns | UUID String if no buffer is specified, otherwise returns buffer |
Example:
import { v4 as uuidv4 } from 'uuid';
uuidv4(); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'
Example using predefined random
values:
import { v4 as uuidv4 } from 'uuid';
const v4options = {
random: [
0x10,
0x91,
0x56,
0xbe,
0xc4,
0xfb,
0xc1,
0xea,
0x71,
0xb4,
0xef,
0xe1,
0x67,
0x1c,
0x58,
0x36,
],
};
uuidv4(v4options); // ⇨ '109156be-c4fb-41ea-b1b4-efe1671c5836'
Create an RFC version 5 (namespace w/ SHA-1) UUID
name | String | Array |
namespace | String | Array[16] Namespace UUID |
[buffer ] | Array | Buffer If specified, uuid will be written here in byte-form, starting at offset |
[offset = 0] | Number Index to start writing UUID bytes in buffer |
returns | UUID String if no buffer is specified, otherwise returns buffer |
Note: The RFC DNS
and URL
namespaces are available as v5.DNS
and v5.URL
.
Example with custom namespace:
import { v5 as uuidv5 } from 'uuid';
// Define a custom namespace. Readers, create your own using something like
// https://www.uuidgenerator.net/
const MY_NAMESPACE = '1b671a64-40d5-491e-99b0-da01ff1f3341';
uuidv5('Hello, World!', MY_NAMESPACE); // ⇨ '630eb68f-e0fa-5ecc-887a-7c7a62614681'
Example with RFC URL
namespace:
import { v5 as uuidv5 } from 'uuid';
uuidv5('https://www.w3.org/', uuidv5.URL); // ⇨ 'c106a26a-21bb-5538-8bf2-57095d1976c1'
Test a string to see if it is a valid UUID
str | String to validate |
returns | true if string is a valid UUID, false otherwise |
Example:
import { validate as uuidValidate } from 'uuid';
uuidValidate('not a UUID'); // ⇨ false
uuidValidate('6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b'); // ⇨ true
Using validate
and version
together it is possible to do per-version validation, e.g. validate for only v4 UUIds.
import { version as uuidVersion } from 'uuid';
import { validate as uuidValidate } from 'uuid';
function uuidValidateV4(uuid) {
return uuidValidate(uuid) && uuidVersion(uuid) === 4;
}
const v1Uuid = 'd9428888-122b-11e1-b85c-61cd3cbb3210';
const v4Uuid = '109156be-c4fb-41ea-b1b4-efe1671c5836';
uuidValidateV4(v4Uuid); // ⇨ true
uuidValidateV4(v1Uuid); // ⇨ false
Detect RFC version of a UUID
str | A valid UUID String |
returns | Number The RFC version of the UUID |
throws | TypeError if str is not a valid UUID |
Example:
import { version as uuidVersion } from 'uuid';
uuidVersion('45637ec4-c85f-11ea-87d0-0242ac130003'); // ⇨ 1
uuidVersion('6ec0bd7f-11c0-43da-975e-2a8ad9ebae0b'); // ⇨ 4
UUIDs can be generated from the command line using uuid
.
$ uuid
ddeb27fb-d9a0-4624-be4d-4615062daed4
The default is to generate version 4 UUIDS, however the other versions are supported. Type uuid --help
for details:
$ uuid --help
Usage:
uuid
uuid v1
uuid v3 <name> <namespace uuid>
uuid v4
uuid v5 <name> <namespace uuid>
uuid --help
Note: <namespace uuid> may be "URL" or "DNS" to use the corresponding UUIDs
defined by RFC4122
This library comes with ECMAScript Modules (ESM) support for Node.js versions that support it (example) as well as bundlers like rollup.js (example) and webpack (example) (targeting both, Node.js and browser environments).
import { v4 as uuidv4 } from 'uuid';
uuidv4(); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'
To run the examples you must first create a dist build of this library in the module root:
npm run build
To load this module directly into modern browsers that support loading ECMAScript Modules you can make use of jspm:
<script type="module">
import { v4 as uuidv4 } from 'https://jspm.dev/uuid';
console.log(uuidv4()); // ⇨ '1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed'
</script>
To load this module directly into older browsers you can use the UMD (Universal Module Definition) builds from any of the following CDNs:
Using UNPKG:
<script src="https://unpkg.com/uuid@latest/dist/umd/uuidv4.min.js"></script>
Using jsDelivr:
<script src="https://cdn.jsdelivr.net/npm/uuid@latest/dist/umd/uuidv4.min.js"></script>
Using cdnjs:
<script src="https://cdnjs.cloudflare.com/ajax/libs/uuid/8.1.0/uuidv4.min.js"></script>
These CDNs all provide the same uuidv4()
method:
<script>
uuidv4(); // ⇨ '55af1e37-0734-46d8-b070-a1e42e4fc392'
</script>
Methods for the other algorithms (uuidv1()
, uuidv3()
and uuidv5()
) are available from the files uuidv1.min.js
, uuidv3.min.js
and uuidv5.min.js
respectively.
This error occurs in environments where the standard crypto.getRandomValues()
API is not supported. This issue can be resolved by adding an appropriate polyfill:
react-native-get-random-values
uuid
. Since uuid
might also appear as a transitive dependency of some other imports it's safest to just import react-native-get-random-values
as the very first thing in your entry point:import 'react-native-get-random-values';
import { v4 as uuidv4 } from 'uuid';
Note: If you are using Expo, you must be using at least react-native-get-random-values@1.5.0
and expo@39.0.0
.
In Edge <= 18, Web Crypto is not supported in Web Workers or Service Workers and we are not aware of a polyfill (let us know if you find one, please).
uuid@7.x
uuid@7.x
did not come with native ECMAScript Module (ESM) support for Node.js. Importing it in Node.js ESM consequently imported the CommonJS source with a default export. This library now comes with true Node.js ESM support and only provides named exports.
Instead of doing:
import uuid from 'uuid';
uuid.v4();
you will now have to use the named exports:
import { v4 as uuidv4 } from 'uuid';
uuidv4();
Deep requires like require('uuid/v4')
which have been deprecated in uuid@7.x
are no longer supported.
uuid@3.x
"Wait... what happened to uuid@4.x
- uuid@6.x
?!?"
In order to avoid confusion with RFC version 4 and version 5 UUIDs, and a possible version 6, releases 4 thru 6 of this module have been skipped.
uuid@3.x
encouraged the use of deep requires to minimize the bundle size of browser builds:
const uuidv4 = require('uuid/v4'); // <== NOW DEPRECATED!
uuidv4();
As of uuid@7.x
this library now provides ECMAScript modules builds, which allow packagers like Webpack and Rollup to do "tree-shaking" to remove dead code. Instead, use the import
syntax:
import { v4 as uuidv4 } from 'uuid';
uuidv4();
... or for CommonJS:
const { v4: uuidv4 } = require('uuid');
uuidv4();
uuid@3.x
was exporting the Version 4 UUID method as a default export:
const uuid = require('uuid'); // <== REMOVED!
This usage pattern was already discouraged in uuid@3.x
and has been removed in uuid@7.x
.
Markdown generated from README_js.md by
FAQs
RFC9562 UUIDs
The npm package uuid receives a total of 112,831,809 weekly downloads. As such, uuid popularity was classified as popular.
We found that uuid demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
ESLint has added JSON and Markdown linting support with new officially-supported plugins, expanding its versatility beyond JavaScript.
Security News
Members Hub is conducting large-scale campaigns to artificially boost Discord server metrics, undermining community trust and platform integrity.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.