Phobos randomUUID is not suitable to generate secrets

Steven Schveighoffer schveiguy at
Mon Aug 31 16:10:33 UTC 2020

On 8/31/20 9:17 AM, WebFreak001 wrote:
> On Monday, 31 August 2020 at 07:49:24 UTC, Cym13 wrote:
>> Hi there,
>> As always when I make an appearance it's that something has gone 
>> wrong. Either in a popular library or D itself... This time it's a 
>> little bit of both.
>> [...]
> Thanks for the post! Read the crypto review before and surely enough 
> this time again it was really fun to read through the whole post. I also 
> love the random pictures in your posts :p

I share this sentiment, great article!

> I'm not too sure if I ever use randomUUID now, but if it was used in 
> vibe.d applications by default that's terrifying to me.

I had to look it up to make sure. The session id producer uses what is 
recommended in the article:



More information about the Digitalmars-d mailing list