fix: use nanoid instead of shortid

shortid is deprecated and they recommend nanoid instead. We're not sure if this has to do with possible name collisions or enumerability, but to be sure and on the safe side, we're changing this. nanoid seems quite safe since it uses node's crypto module underneath. Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2025-05-05 18:13:58 +02:00
parent c449d3a815
commit 637c451486
7 changed files with 18 additions and 25 deletions
--- a/yarn.lock
+++ b/yarn.lock
@@ -1461,6 +1461,7 @@ __metadata:
    moment: "npm:2.30.1"
    morgan: "npm:1.10.0"
    mysql2: "npm:3.14.0"
+    nanoid: "npm:3.3.11"
    node-fetch: "npm:2.7.0"
    optimize-css-assets-webpack-plugin: "npm:6.0.1"
    passport: "patch:passport@npm%3A0.7.0#~/.yarn/patches/passport-npm-0.7.0-df02531736.patch"
@@ -1491,7 +1492,6 @@ __metadata:
    scrypt-kdf: "npm:2.0.1"
    select2: "npm:3.5.2-browserify"
    sequelize: "npm:5.22.5"
-    shortid: "npm:2.2.17"
    socket.io: "npm:2.5.1"
    socket.io-client: "npm:2.5.0"
    spin.js: "npm:4.1.2"
@@ -11233,7 +11233,7 @@ __metadata:
  languageName: node
  linkType: hard

-"nanoid@npm:^3.3.8":
+"nanoid@npm:3.3.11, nanoid@npm:^3.3.8":
  version: 3.3.11
  resolution: "nanoid@npm:3.3.11"
  bin:
@@ -14963,15 +14963,6 @@ __metadata:
  languageName: node
  linkType: hard

-"shortid@npm:2.2.17":
-  version: 2.2.17
-  resolution: "shortid@npm:2.2.17"
-  dependencies:
-    nanoid: "npm:^3.3.8"
-  checksum: 10/5c85635e31c08f8c6824b1802a0abb4cd26b39a5c84498dacc91b865f9a860979b010420423e5a4c0abf966aedf197a664a610e813745a6df1497f1376a72350
-  languageName: node
-  linkType: hard
-
 "side-channel-list@npm:^1.0.0":
  version: 1.0.0
  resolution: "side-channel-list@npm:1.0.0"