diff --git a/.changeset/fluffy-rules-pretend.md b/.changeset/fluffy-rules-pretend.md new file mode 100644 index 00000000000..f0507222b35 --- /dev/null +++ b/.changeset/fluffy-rules-pretend.md @@ -0,0 +1,6 @@ +--- +'@firebase/app-check': patch +'@firebase/util': patch +--- + +Generate UUIDs with `crypto.randomUUID()` instead of custom uuidv4 function that uses `Math.random()`. diff --git a/common/api-review/util.api.md b/common/api-review/util.api.md index 91d2f04cb40..8c62ff229ac 100644 --- a/common/api-review/util.api.md +++ b/common/api-review/util.api.md @@ -476,9 +476,6 @@ export interface Subscribe { // @public (undocumented) export type Unsubscribe = () => void; -// @public -export const uuidv4: () => string; - // Warning: (ae-missing-release-tag) "validateArgCount" is exported by the package, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public diff --git a/packages/app-check/src/storage.ts b/packages/app-check/src/storage.ts index 3f7257e1945..36f34f00e16 100644 --- a/packages/app-check/src/storage.ts +++ b/packages/app-check/src/storage.ts @@ -16,7 +16,7 @@ */ import { FirebaseApp } from '@firebase/app'; -import { isIndexedDBAvailable, uuidv4 } from '@firebase/util'; +import { isIndexedDBAvailable } from '@firebase/util'; import { readDebugTokenFromIndexedDB, readTokenFromIndexedDB, @@ -77,7 +77,8 @@ export async function readOrCreateDebugTokenFromStorage(): Promise { if (!existingDebugToken) { // create a new debug token - const newToken = uuidv4(); + // This function is only available in secure contexts. See https://developer.mozilla.org/en-US/docs/Web/Security/Secure_Contexts + const newToken = crypto.randomUUID(); // We don't need to block on writing to indexeddb // In case persistence failed, a new debug token will be generated every time the page is refreshed. // It renders the debug token useless because you have to manually register(whitelist) the new token in the firebase console again and again. diff --git a/packages/data-connect/test/queries.test.ts b/packages/data-connect/test/queries.test.ts index dd7e4e6c9e3..8b630242a4e 100644 --- a/packages/data-connect/test/queries.test.ts +++ b/packages/data-connect/test/queries.test.ts @@ -15,7 +15,6 @@ * limitations under the License. */ -import { uuidv4 } from '@firebase/util'; import { expect, use } from 'chai'; import chaiAsPromised from 'chai-as-promised'; @@ -51,11 +50,11 @@ interface TaskListResponse { const SEEDED_DATA = [ { - id: uuidv4(), + id: crypto.randomUUID(), content: 'task 1' }, { - id: uuidv4(), + id: crypto.randomUUID(), content: 'task 2' } ]; diff --git a/packages/database/test/helpers/util.ts b/packages/database/test/helpers/util.ts index 91c627c9a14..73eb04a8c5e 100644 --- a/packages/database/test/helpers/util.ts +++ b/packages/database/test/helpers/util.ts @@ -16,7 +16,6 @@ */ import { FirebaseApp, initializeApp } from '@firebase/app'; -import { uuidv4 } from '@firebase/util'; import { expect } from 'chai'; import { @@ -105,7 +104,7 @@ export function waitFor(waitTimeInMS: number) { // Creates a unique reference using uuid export function getUniqueRef(db: Database) { - const path = uuidv4(); + const path = crypto.randomUUID(); return ref(db, path); } diff --git a/packages/util/index.node.ts b/packages/util/index.node.ts index 9c3b54b1c86..d839460713c 100644 --- a/packages/util/index.node.ts +++ b/packages/util/index.node.ts @@ -38,7 +38,6 @@ export * from './src/sha1'; export * from './src/subscribe'; export * from './src/validation'; export * from './src/utf8'; -export * from './src/uuid'; export * from './src/exponential_backoff'; export * from './src/formatters'; export * from './src/compat'; diff --git a/packages/util/index.ts b/packages/util/index.ts index 38b944cd9b5..51c27c31099 100644 --- a/packages/util/index.ts +++ b/packages/util/index.ts @@ -33,7 +33,6 @@ export * from './src/sha1'; export * from './src/subscribe'; export * from './src/validation'; export * from './src/utf8'; -export * from './src/uuid'; export * from './src/exponential_backoff'; export * from './src/formatters'; export * from './src/compat'; diff --git a/packages/util/src/uuid.ts b/packages/util/src/uuid.ts deleted file mode 100644 index d931d4644e2..00000000000 --- a/packages/util/src/uuid.ts +++ /dev/null @@ -1,29 +0,0 @@ -/** - * @license - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/** - * Copied from https://stackoverflow.com/a/2117523 - * Generates a new uuid. - * @public - */ -export const uuidv4 = function (): string { - return 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, c => { - const r = (Math.random() * 16) | 0, - v = c === 'x' ? r : (r & 0x3) | 0x8; - return v.toString(16); - }); -};