revisedRandomId.jsMath.random() wired through the base-36 numeral system. The output is a 10-character string built from digits and lowercase letters (0-9, a-f plus g-z), stripped of any non-alphanumeric artifacts. Used by the frontend to create transient, collision-resistant IDs for UI elements like toast notifications, dynamically inserted DOM nodes, and temporary list keys that don't require cryptographic randomness.The function chains three operations: Math.random().toString(36) converts a random float to base-36 representation (producing a string like 0.4kzy9x2n7fl), .replace(/[^a-z0-9]+/g, '') strips the leading 0. and any other non-alphanumeric artifacts, and .substr(1, 10) extracts characters starting at index 1 for a 10-character result. The starting offset of 1 skips the leading zero that remains after the decimal point is removed.
This function is intentionally not cryptographically secure. It's used for UI-level identifiers (toast keys, React list keys) where collisions would only cause a React reconciliation glitch, not a security vulnerability. The trade-off is speed and simplicity — no crypto API overhead and no dependency on window.crypto availability.
| Commit | What changed |
|---|---|
993957ec7 | Two refinements to the random ID generation: (1) the regex character class was expanded from [^a-z]+ to [^a-z0-9]+, ensuring digit characters are preserved through the filter, which increases the ID space from 26^n to 36^n; (2) the substr starting index changed from 2 to 1, gaining one extra character of entropy instead of discarding it. Both changes were part of the toast action system implementation, where more robust IDs were needed. |
6cf072707 | Created the file with the initial random ID generator implementation. Used substr(2, 10) and [^a-z]+ regex — a more conservative approach that only produced alphabetic lowercase IDs of exactly 10 characters. |