Nanoid is a popular and exceptionally small JavaScript library designed to generate unique string IDs suitable for URLs. Both versions 3.3.1 and 3.3.2 share the same core functionality: providing developers with a secure and URL-friendly way to create unique identifiers. Both versions boast a tiny footprint of approximately 130 bytes (minified and gzipped), minimizing impact on application size and load times. They are licensed under the MIT license, offering flexibility in usage and modification. The package is hosted on GitHub, ensuring transparency and community involvement. Both versions contain 24 files, with an unpacked size of 21672 bytes. Both versions have the same author, Andrey Sitnik.
The key difference lies in their release dates. Version 3.3.2 was released on March 28, 2022, following version 3.3.1 which was released on February 16, 2022. While the provided data doesn't explicitly detail the changes between the releases, the updated release date suggests bug fixes, performance improvements, or minor feature enhancements were implemented in version 3.3.2. Developers should always opt for the newest stable version. Those who used the older version is expected to check the release notes on GitHub for detailed change logs and update to the latest stable version (3.3.2) to benefit from any improvements and fixes incorporated. Always check for the latest releases of nanoid to keep your project up-to-date!
All the vulnerabilities related to the version 3.3.2 of the package
Predictable results in nanoid generation when given non-integer values
When nanoid is called with a fractional value, there were a number of undesirable effects:
Version 3.3.8 and 5.0.9 are fixed.
