Starting with .NET 6 the runtime uses native platform API to generate random numbers: https://docs.microsoft.com/en-us/dotnet/api/system.guid.newguid?view=net-6.0#remarks

In browser crypto.getRandomValues is utilized by the runtime and for other environments we are using a naive Math.random shim at the moment: https://github.com/Elringus/DotNetJS/blob/97647de97a9ffe0aafdc1941a947f79f9816b9d8/JavaScript/dotnet-runtime/src/mono.ts#L39

As mentioned in the documentation, the function does not provide cryptographically secure random numbers.

While it's probably not possible (?) to implement proper strong entropy generation without access to the native APIs, we have to at least improve current naive solution.

Related: #2

Should probably use something like https://github.com/uuidjs/uuid