search

google / uuid

Go package for UUIDs based on RFC 4122 and DCE 1.1: Authentication and Security Services.
BSD 3-Clause "New" or "Revised" License
5.16k stars 362 forks source link

Moved NewV7FromReader to uuid_test since it shouldn't be used outside of testing #158

Open timmattison opened 4 months ago

timmattison commented 4 months ago

This function was in the version7.go file but it looks like it should only be available during testing. Leaving the function in the public API leaves open the possibility of people using it incorrectly and getting bad UUID v7 values.

google-cla[bot] commented 4 months ago

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

bormanp commented 4 months ago

The "FromReader" functions were indeed added for testing purposes, but not for testing this package. This function makes it possible to have deterministic UUID's returned when validating a piece of software that uses this uuid package. I think NewV7 would be the most common way to get a V7 uuid. Using NewV7FromReader would only be used by software that needs this ability. That software would probably do something like:

import "crypto/rand"

var rander = rand.Read
...
    u := NewV7FromReader(rander)

and then in their validation tests they would change what rander points to.