upgrade uuid to version 7 or higher

peers / peerjs-server

Server for PeerJS

https://peerjs.com

MIT License

4.34k stars 1.08k forks source link

upgrade uuid to version 7 or higher #256

Closed jbowen4 closed 1 year ago

jbowen4 commented 3 years ago

I installed the peer package in my Node.js project with npm install peer

I received this warning: npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.

I'm guessing that this means we need to update the package but not sure

felladrin commented 1 year ago

Yeah, it's still an issue.

npm WARN deprecated uuid@3.4.0: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.

> npm ls uuid      
package
└─┬ peer@0.6.1
  └── uuid@3.4.0

jonasgloning commented 1 year ago

Thanks for the reminder. It's already fixed on the master branch; we don't need the uuid package anymore (https://github.com/peers/peerjs-server/commit/5d882dd0c6af9bed8602e0507fdf5c1d284be075). There are some small administrative issues I want to take care of before I want to release a new version.

ETA ~2 weeks. You can install the beta version from the rc channel on npm if you want it now.

In the meantime: We don't rely on these UUIDs having good randomness, but I see that the warning is annoying.