Open luc122c opened 2 years ago
I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight.
Thanks. It looks like Node support for Crypto.getRandomValues() is fairly recent (Node 15) so if we update to it, we'll probably want to make sure we wrap it in a try/catch and fall back to Math.random() as needed.
[REQUIRED] Describe your environment
[REQUIRED] Describe the problem
The UUID function that Firebase uses has been 'borrowed' from Stack Overflow and uses
Math.random()
to generate random numbers. It's well documented thatMath.random()
is not a good source of randomness anymore; in fact the answer that is linked to has been updated to useCrypto.getRandomValues()
instead.Perhaps this function could be updated/replace to use a more up to date method of calculating UUIDs.
Relevant Code:
Source Code
Further information: