presents
Hashids.java
presents | Hashids.java | |
---|---|---|
1 | 31 | |
7 | 1,012 | |
- | 0.0% | |
10.0 | 0.0 | |
over 5 years ago | 7 months ago | |
Go | Java | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
presents
-
New UUID Formats from IETF
I’ve been working on a robust scheme for encrypted sequential IDs, which is done, including implementations in Rust, JavaScript and Python, pending just a smidgeon more writing about it and reviewing a decision on naming. You store an integer in the database, then encrypt it with a real block cipher, and stringify with Base58. I have three modes: one for 32-bit IDs, using Speck32/64 and producing 4–6 character IDs; one for 64-bit IDs, using Speck64/128 and producing 8–11 character IDs; and one hybrid, using the 32-bit mode for IDs below 2³² and the 64-bit mode above that, providing both a forwards-compatibility measure and a way of producing short IDs as long as possible. Contact me (see my profile) if you’re interested, or I’ll probably publish it in another day or two. Trouble is that I’ve been getting distracted with other related concepts, like optimally-short encoding by using encryption domains [0, 58¹), [58¹, 58²), …, [58¹⁰, 2⁶⁴) (this is format-preserving encryption; the main reputable and practical choices I’ve found are Hasty Pudding, which I’ve just about finished implementing but would like test vectors for but they’re on a dead FTP site, and NIST’s FF1 and FF3, which are patent-encumbered), and ways of avoiding undesirable patterns (curse words and such) by skipping integers from the database’s ID sequence if they encode to what you don’t want, and check characters with the Damm algorithm. If I didn’t keep getting distracted with these things, I’d have published a couple of weeks ago.
(I am not aware of any open-source library embodying a scheme like what I propose—all that I’ve found have either reduced scope or badly broken encryption; https://github.com/yi-jiayu/presents is sound, but doesn’t stringify; Hashids is broken almost beyond belief and should not be considered encryption; Optimus uses an extremely weak encryption.)
Hashids.java
- Hashids: Generate short unique ids from integers
-
Auto Generate Sequential UIID
You basically want Hashids but sequential? Why not simple convert a base 10 (0-9) number to hex? (0-F)
-
Features I'd Like in PostgreSQL
I found hashids [1] to be a great compromise between integer ids in the database and copyable non-enumerable strings on the client.
[1] https://hashids.org/
- Short, friendly base32 slugs from timestamps
-
We Chose NanoIDs for PlanetScale’s API
I wonder how this might compare to just storing regular autoincrementing ints in the database, and converting to/from hashids (https://hashids.org/) at the edge. It eliminates the collision concern and stores more compactly at the cost of a tiny amount of encode/decode when processing requests. You’d want to push it down as close to the database layer as possible to avoid inadvertent int ID leaks; I added native hashids support to clickhouse but I’m not sure what other database support might entail.
-
How can I generate truly unique slugs?
Since hashids are not really hashes and are not secure at all this is not even achieved. Hashids can be easily decoded without the salt by a simple brute-force attack described by the authors of hashid themselves right on their website: https://hashids.org/
-
How to handle id-based routes with UUID
You don't necessarily need to use UUIDs. You could use something like Hashids to generate random strings from your sequential IDs in a reversible way, so that users can't predict what their values will be, but you can decode them as needed.
-
All of my database models have id replaced with UUID4s. Is there any risk to using these in URLs?
You should not use UUIDv4 as a primary key. You can use normal int values and then use hashids to make them safe for URL. UUIDv7 might be good to use as well once they are more widely supported as well.
- What’s Django’s argument for using 64-bit int as default pk over uuid. Can anyone point me to something I can read?
- Library for generating string IDs from number IDs
What are some alternatives?
uuid7 - UUID version 7, which are time-sortable (following the Peabody RFC4122 draft)
BLAKE3 - the official Rust and C implementations of the BLAKE3 cryptographic hash function
uuid6-python - New time-based UUID formats which are suited for use as a database key
dart-uuid - Generate RFC4122(v1,v4,v5,v6,v7,v8) UUIDs
Guava - Google core libraries for Java
vanity-uuid - Create "readable" UUIDs such as "5eedbed5-f05e-b055-ada0-d15ab11171e5" for all your UUID needs!
JGit - JGit project repository (jgit)
prototypes - Draft Prototypes and Tests for UUIDv6 and beyond
Embulk - Embulk: Pluggable Bulk Data Loader.
JADE - a pug implementation written in Java (formerly known as jade)
CRaSH - The shell for the Java Platform