Cryptographically verifiable, distributed dependency reviews
Add the last reviewed version to Cargo.toml / [dependencies]:
fastrand = "1.8.0"
Please, use mobile in landscape.
Filter reviews clicking on the numbers in the summary.
Full column names in tooltip hints: rating Negative, rating Neutral, rating Positive, rating Strong, thoroughness, understanding, reviews count.
This new version adds trivial methods to get the seed out of an existing
generator. I don't see any problem with this feature.
My recommendation stands: use this as a non-cryptographic PRNG if you don't
already depend on rand
and want to keep your dependencies to the minimum.
Compared to 1.6.0, the Cargo.toml indicates MSRV of 1.34, and there is a newchar()
method to generate characters. The code looks clean enough, contains
to unsafe
, and I don't see any flaws in it.
My recommendation stands: use this as a non-cryptographic PRNG if you don't
already depend on rand
and want to keep your deps to the minimum.
Compared to 1.6.0, the Cargo.toml indicates MSRV of 1.34, and there is a newchar()
method to generate characters. The code looks clean enough, contains
to unsafe
, and I don't see any flaws in it.
My recommendation stands: use this as a non-cryptographic PRNG if you don't
already depend on rand
and want to keep your deps to the minimum.
Compared to 1.5.0, this release only adds #[derive(PartialEq, Eq)]
for theRng
type. It's now possible to check if the generator is in a particular
state, but this was already possible through the Debug
trait. Considering
the crate is not for cryptographic use, this seems totally fine to me.
My recommendation stands: use this as a non-cryptographic PRNG if you don't
already depend on rand
and want to keep your deps to the minimum.
Compared to 1.5.0, this release only adds #[derive(PartialEq, Eq)]
for theRng
type. It's now possible to check if the generator is in a particular
state, but this was already possible through the Debug
trait. Considering
the crate is not for cryptographic use, this seems totally fine to me.
My recommendation stands: use this as a non-cryptographic PRNG if you don't
already depend on rand
and want to keep your deps to the minimum.
Generates random numbers using Wyrand algorithm (which is not
cryptographically secure, but ostensibly passes some popular tests — I didn't
verify that).
No unsafe
, no dependencies other than std (except on WASM, where it pulls
in instant
crate to get initial entropy).
By default, the generator is initialized from a hash of
std::time::Instant::now() and process ID. Good enough for a non-cryptographic
PRNG.
Interesting detail: if the thread-local storage has already been
de-initialized by we try to use it, the generator is initialized by a fixed
seed 0x4d595df4d0f33173. This constant is an initial state for PCG-XSH-RR,
which is an algorithm that previous versions of the crate used.
I verified that the algorithms match the documents they reference:
wyrand()
inI also verified that the algorithms that generate floating-point numbers
indeed do what they're supposed to do: set sign to 0 (i.e. positive),
exponent to 127 (i.e. zero), then fill the fraction with random bits, and
subtracting 1.0 from the result to get [0; 1).
Also worth mentioning that the crate doesn't guarantee a specific algorithm,
so you shouldn't depend on a specific seed to always produce the same
results.
Recommended for non-cryptographic purposes that do not require
reproducibility.
Generates random numbers using Wyrand algorithm (which is not
cryptographically secure, but ostensibly passes some popular tests — I didn't
verify that).
No unsafe
, no dependencies other than std (except on WASM, where it pulls
in instant
crate to get initial entropy).
By default, the generator is initialized from a hash of
std::time::Instant::now() and process ID. Good enough for a non-cryptographic
PRNG.
Interesting detail: if the thread-local storage has already been
de-initialized by we try to use it, the generator is initialized by a fixed
seed 0x4d595df4d0f33173. This constant is an initial state for PCG-XSH-RR,
which is an algorithm that previous versions of the crate used.
I verified that the algorithms match the documents they reference:
wyrand()
inI also verified that the algorithms that generate floating-point numbers
indeed do what they're supposed to do: set sign to 0 (i.e. positive),
exponent to 127 (i.e. zero), then fill the fraction with random bits, and
subtracting 1.0 from the result to get [0; 1).
Also worth mentioning that the crate doesn't guarantee a specific algorithm,
so you shouldn't depend on a specific seed to always produce the same
results.
Recommended for non-cryptographic purposes that do not require
reproducibility.
© bestia.dev 2023, MIT License, Version: 2023.608.1636
Open source repository for this web app: https://github.com/bestia-dev/cargo_crev_web/
This new version adds trivial methods to get the seed out of an existing
generator. I don't see any problem with this feature.
My recommendation stands: use this as a non-cryptographic PRNG if you don't
already depend on
rand
and want to keep your dependencies to the minimum.