spec
cuid2
spec | cuid2 | |
---|---|---|
62 | 15 | |
8,648 | 1,821 | |
1.4% | 4.7% | |
0.0 | 4.1 | |
4 months ago | 2 months ago | |
JavaScript | ||
GNU General Public License v3.0 only | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
spec
-
The UX of UUIDs
Can use ULID to "fix" some issues
https://github.com/ulid/spec
- Ulid: Universally Unique Lexicographically Sortable Identifier
-
Ask HN: Is it acceptable to use a date as a primary key for a table in Postgres?
Both ULID and UUID v7 have a time code component which can be extracted.
It would be best for indexing to store the actual value in binary, though not strictly necessary as these later UUID standards (unlike conventional UUIDs) use time code prefixes (so indexing clusters.)
https://uuid7.com/
https://github.com/ulid/spec
-
Bye Sequence, Hello UUIDv7
UUIDv7 is a nice idea, and should probably be what people use by default instead of UUIDv4.
For the curious:
* UUIDv4 are 128 bits long, 122 bits of which are random, with 6 bits used for the version. Traditionally displayed as 32 hex characters with 4 dashes, so 36 alphanumeric characters, and compatible with anything that expects a UUID.
* UUIDv7 are 128 bits long, 48 bits encode a unix timestamp with millisecond precision, 6 bits are for the version, and 74 bits are random. You're expected to display them the same as other UUIDs, and should be compatible with basically anything that expects a UUID. (Would be a very odd system that parses a UUID and throws an error because it doesn't recognise v7, but I guess it could happen, in theory?)
* ULIDs (https://github.com/ulid/spec) are 128 bits long, 48 bits encode a unix timestamp with millisecond precision, 80 bits are random. You're expected to display them in Crockford's base32, so 26 alphanumeric characters. Compatible with almost everything that expects a UUID (since they're the right length). Spec has some dumb quirks if followed literally but thankfully they mostly don't hurt things.
* KSUIDs (https://github.com/segmentio/ksuid) are 160 bits long, 32 bits encode a timestamp with second precision and a custom epoch of May 13th, 2014, and 128 bits are random. You're expected to display them in base62, so 27 alphanumeric characters. Since they're a different length, they're not compatible with UUIDs.
I quite like KSUIDs; I think base62 is a smart choice. And while the timestamp portion is a trickier question, KSUIDs use 32 bits which, with second precision (more than good enough), means they won't overflow for well over a century. Whereas UUIDv7s use 48 bits, so even with millisecond precision (not needed) they won't overflow for something like 8000 years. We can argue whether 100 years us future proof enough (I'd argue it probably is), but 8000 years is just silly. Nobody will ever generate a compliant UUIDv7 with any of the first several bits aren't 0. The only downside to KSUIDs is the length isn't UUID compatible (and arguably, that they don't devote 6 bits to a compliant UUID version).
Still feels like there's room for improvement, but for now I think I'd always pick UUIDv7 over UUIDv4 unless there's an very specific reason not to.
-
50 years later, is Two-Phase Locking the best we can do?
I'd love for Postgres to adopt ULID as a first class variant of the same basic 128bit wide binary optimized column type they use for UUIDs, but I don't expect they will, while its "popular" its not likely popular enough to have support for them to maintain it in the long run... Also the smart money ahead of time would have been for the ULID spec to sacrifice a few data bits to leave the version specifying sections of the bit field layout unused in the ULID binary spec (https://github.com/ulid/spec#binary-layout-and-byte-order) for the sake of future compatibility with "proper" UUIDs... Performing one big bulk bitfield modification to a PostgreSQL column would have been much less painful than re-computing appropriate UUIDv7 (or UUIDv8s for some reason) and then having to perform a primary key update on every row in the table.
- FLaNK Stack Weekly for 12 September 2023
- You Don't Need UUID
- UUID Collision
-
Type-safe, K-sortable, globally unique identifier inspired by Stripe IDs
Many people had the same idea. For example ULID https://github.com/ulid/spec is more compact and stores the time so it is lexically ordered.
- ULID: Universally Unique Lexicographically Sortable Identifier
cuid2
-
The UX of UUIDs
The CUID readme [1] explains that there's no real point to K-sortable on modern hardware:
[1] https://github.com/paralleldrive/cuid2?tab=readme-ov-file#no...
-
Bye Sequence, Hello UUIDv7
There's a comparison in the README of the project:
https://github.com/paralleldrive/cuid2#the-contenders
Some of the arguments mentioned are explained elsewhere in the README, others are assumed.
One argument standing out for me is the lack of collision-resistance for UUIDv4 which is surprising for me and I didn't spot any sources for that argument.
Another argument is the entropy source where they go about that Math.random is not reliable as a single entropy source but glimpsing at the source code, they sprinkle the CUID with Math.random data.
I am no expert in ID security, so I am not qualified to speak about the validity of their arguments, only that there's insufficient information to validate without prior knowledge about the problem domain.
-
You Don't Need UUID
I'm recently finding cuid2 to be the best of these alternative GUIDs. They seem to have all of the benefits for what you would want to use a GUID for, but none of the drawbacks of existing implementations.[1]
[1]: https://github.com/paralleldrive/cuid2#the-contenders
-
Cuid2 - Secure, collision-resistant ids optimized for horizontal scaling and performance. Next generation UUIDs.
I've just released v2.0.0 of my cuid2 python port. The original cuid2 package comes from JS world by ParallelDrive. They have a lot of the reasons to use Cuid2 posted in their repo, including
-
I "did my own research" and "AI" is not taking my job any time soon.
I recently wrote a Go implementation of CUID2 because I could not find an existing one. It is not hello-world, but it is not duff's device either, which by the way neither could explain what it did from just the raw code in isolation.
-
I'm making a hashing function to hash user ids for a hobby app and would love some feedback
I think this implementation is the original one. It has the following to say about why it exists. And what it is good for:
-
I've created long guide regard modern and old algorithms for Identifiers like ULID, UUID, slug and others.
There's also https://github.com/paralleldrive/cuid2 which likely should be added to this as it is likely one of the better ones out there now.
-
How to ensure that we get 100% unique id in postgres with node js and prisma
If you're using prisma then you can use CUID or CUID2 to manually generate it.
- Cuid2 – Secure, collision-resistant ids optimized for scaling and performance
- Cuid2: Next Generation GUIDs
What are some alternatives?
dynamodb-onetable - DynamoDB access and management for one table designs with NodeJS
pg_idkit - Postgres extension for generating UUIDs
uuid6-ietf-draft - Next Generation UUID Formats
postgresql-uuid-generate-v7
kuuid - K-sortable UUID - roughly time-sortable unique id generator
ksuid - K-Sortable Globally Unique IDs
python-ksuid - A pure-Python KSUID implementation
dxid - A better and safer way to display your primary keys in urls or in your app
ulid-lite - Generate unique, yet sortable identifiers
nanoid - A tiny (124 bytes), secure, URL-friendly, unique string ID generator for JavaScript
shortuuid.rb - Convert UUIDs & numbers into space efficient and URL-safe Base62 strings, or any other alphabet.
typeid - Type-safe, K-sortable, globally unique identifier inspired by Stripe IDs