https://github.com/scala-js/scala-js-fake-insecure-java-securerandom

Fake and *insecure* implementation of java.security.SecureRandom for Scala.js
https://github.com/scala-js/scala-js-fake-insecure-java-securerandom

Last synced: 9 months ago
JSON representation

Fake and *insecure* implementation of java.security.SecureRandom for Scala.js

• Host: GitHub
• URL: https://github.com/scala-js/scala-js-fake-insecure-java-securerandom
• Owner: scala-js
• License: apache-2.0
• Created: 2022-03-30T07:56:17.000Z (over 3 years ago)
• Default Branch: main
• Last Pushed: 2023-07-31T00:28:41.000Z (over 2 years ago)
• Last Synced: 2025-01-10T00:35:41.663Z (10 months ago)
• Language: Scala
• Size: 19.5 KB
• Stars: 0
• Watchers: 3
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# scalajs-fake-insecure-java-securerandom

`scalajs-fake-insecure-java-securerandom` provides compatibility stubs for `java.security.SecureRandom` in Scala.js.

## ⚠️ This library is insecure by design! ⚠️

This library is insecure by design.

It does not provide a cryptographically secure implementation of `SecureRandom`.

It is only there to preserve support for `java.util.UUID.randomUUID()` from Scala.js core previous to v1.10.0 in environments where secure UUID generation is not a requirement, and if there is no other choice.

Use [`scalajs-java-securerandom`](https://github.com/scala-js/scala-js-java-securerandom) instead.

## Usage from a library

**Never, ever depend on `scalajs-fake-insecure-securerandom` from library code!**

If you do, you will expose your users to insecure code.

Always use [`scalajs-java-securerandom`](https://github.com/scala-js/scala-js-java-securerandom) instead.

## Usage from an application

**Almost never** depend on `scalajs-fake-insecure-securerandom`.

Use [`scalajs-java-securerandom`](https://github.com/scala-js/scala-js-java-securerandom) instead if possible, notably if you only target browsers and/or Node.js.

If you have no other choice, use the following dependency:

```scala

libraryDependencies += ("org.scala-js" %%% "scalajs-fake-insecure-java-securerandom" % "1.0.0").cross(CrossVersion.for3Use2_13)

```

When using a `crossProject`, add the above in `.jsSettings(...)`.

You can then use `java.security.SecureRandom` from your code, and by extension, the `java.util.UUID.randomUUID()` method.

Keep in mind that the generated random numbers (and random UUIDs) will *not* be cryptographically secure.

## License

`scalajs-fake-insecure-securerandom` is distributed under the [Apache 2.0 license](./LICENSE.txt), like Scala.js itself.