csprng dependency
alexangas opened this issue · comments
Thanks for your focus on making this a tiny and fast uuid generator!
I was wondering about the @lukeed/csprng dependency for those users that do not need the secure version. Is this increasing the package size for those users, and if so is there a way to remove that dependency in this case?
Thanks :)
No, it has no effect. It's always installed, but it's only imported by uuid/secure
. This means that if you're not using the secure mode, the dependency is never loaded in Node.js (because the secure.js
isn't) – and any browser-facing bundle will not include it either.
This was extracted to a dependency because it automatically handles the Nodejs/bundler configuration automatically. It would be more complex to do it all internally. (And it'd have to be replicated for uid
too).
Let me know if that helps :)