Closed ghost closed 1 year ago
@RouisIbra - Really appreciate this contribution.
I've read that cuid2 is not yet supported as a default in Prisma itself - though it seems like this will happen with time.
Are you successfully using this fix with Prisma? I'm trying to understand the tradeoffs (if there are any) of defaulting to an id generator that prisma itself does not default to... Do you see any potential disadvantages, there?
Thanks again.
@kleydon
Are you successfully using this fix with Prisma?
Yes, I tested it for my authentication API without any issue.
I'm trying to understand the tradeoffs (if there are any) of defaulting to an id generator that prisma itself does not default to... Do you see any potential disadvantages, there?
cuid()
generates 25 characters while cuid2's createId()
generates 24 character so this won't be a problem for anyone who set maximum string length to ~25~ 32 (or whatever the length) to both id
and sid
for the Session
model in the schema. The advantage is that there is far lesser collision in generated cuids.
@RouisIbra Just merged; thanks for improving this library!
:tada: This PR is included in version 3.1.11 :tada:
The release is available on:
Your semantic-release bot :package::rocket:
@RouisIbra Just merged; thanks for improving this library!
You are welcome!
Following the security recommendation of cuid package developers:
https://github.com/paralleldrive/cuid#status-deprecated-due-to-security-use-cuid2-instead
and NPM deprecated warning:
npm WARN deprecated cuid@2.1.8: Cuid and other k-sortable and non-cryptographic ids (Ulid, ObjectId, KSUID, all UUIDs) are all insecure. Use @paralleldrive/cuid2 instead.
cuid
must be replaced with@paralleldrive/cuid2
due to collision risk incuid
.