@bluehive/random – Full TypeScript Meteor Random Port (API Compatible, Unit Tested, GitHub CI, Modern Packaging)

wreiske · August 4, 2025, 5:34pm

Hey Meteor Community!

I’m excited to share @bluehive/random, a TypeScript-first, fully unit-tested, 100% API-compatible port of Meteor’s random package, now available as a modern npm package!
GitHub Repo | Live Demos & Docs

Why Another Random Port?

There are a few Meteor random ports, but I needed a solution that checks these boxes:

Full TypeScript support (with complete type definitions)
Comprehensive unit tests (89%+ coverage, 79 tests, see coverage reports)
GitHub Actions CI/CD for every commit/PR
Modern ESM/CommonJS packaging (works in Node, browsers, bundlers)
Zero runtime dependencies
API and deterministic output match Meteor’s original package
Easy migration: existing Meteor code should “just work” after changing the import.
Live interactive docs and playground

I’m migrating Meteor methods to a Fastify API for docs.bluehive.com and needed a drop-in replacement for Random.id() and Random.secret() that would behave identically—especially for session tokens and reproducible test data.

Features

Cryptographically secure: Uses crypto.randomBytes() (Node) or window.crypto.getRandomValues() (browser); falls back to Alea PRNG with entropy if crypto is unavailable.

API Compatibility: All Meteor Random methods supported:

import { Random } from '@bluehive/random';
const id = Random.id();
const secret = Random.secret();
const seeded = Random.createWithSeeds(42);

Deterministic output: Seeded generators produce the same sequence as Meteor’s implementation.
Character sets:
- IDs: “Unmistakable” (avoids 0, 1, I, l, O)
- Secrets: URL-safe base64
- Hex strings: lowercase hex
Zero dependencies and modern JS packaging
Full coverage and test suite (89%+ coverage, 79 tests)
Works everywhere (Node, browsers, ESM/CJS, React/Next, etc.)
Live playground: Try it here

TypeScript & Testing

Every API is fully typed; includes advanced usage and generic utilities (see the TypeScript examples)
79 unit tests, including edge cases and environment fallbacks
Test commands:
```
npm test
npm run test:coverage
```

Migration from Meteor

npm install @bluehive/random

Change imports:

- import { Random } from 'meteor/random';
+ import { Random } from '@bluehive/random';

All existing code should “just work”.

Install & Example

npm install @bluehive/random

import { Random } from '@bluehive/random';

const id = Random.id();                // 17-char unique ID
const secret = Random.secret();        // 43-char cryptographically secure secret
const hex = Random.hexString(8);       // 8-char hex string
const seeded = Random.createWithSeeds(0);
console.log(seeded.id());              // Deterministic ID (matches Meteor)

Docs, Live Demos, and More

Use Cases

Drop-in replacement for Meteor’s random utilities (works in Meteor, Fastify, Next.js, Node, browser, etc.)
Generating session tokens, secrets, test data, API keys, etc.
Deterministic/random testing with seeds

Feedback, issues, and PRs welcome!
Let me know if you hit any migration snags or want to see more features/examples.

Thanks and happy hacking!

awatson1978 · August 6, 2025, 7:27pm

Splendid!
What do you think about extending the API? Over the years, I’ve run into a number of additional randoms that projects needed, which got partially recorded in the clinical:extended-api package. I’m thinking:

Random.uuid():
Random.date();
Random.integer();
Random.cardinal();
Random.number();
Random.decimal();
Random.fromRange();

wreiske · August 9, 2025, 12:30am

Great idea!

I let copilot take a stab… Thoughts?

github.com/bluehive-health/meteor-random

Implement additional random functions: uuid, date, integer, cardinal, number, decimal, and fromRange

bluehive-health:main ← bluehive-health:copilot/fix-3

opened 10:52PM - 08 Aug 25 UTC

Copilot

+1021 -1

This PR implements seven new random generation functions requested in the issue …to expand the library's capabilities: ## New Functions Added ### Random.uuid() Generates RFC4122 version 4 UUIDs with proper version and variant bits: ```typescript const id = Random.uuid(); // → "f47ac10b-58cc-4372-a567-0e02b2c3d479" ``` ### Random.date(startDate?, endDate?) Generates random dates within specified ranges (defaults to last 100 years): ```typescript const randomDate = Random.date(); const dateInRange = Random.date(new Date('2020-01-01'), new Date('2023-12-31')); ``` ### Random.integer(min?, max?) Generates random integers with flexible parameter handling: ```typescript const int1 = Random.integer(); // 0-100 const int2 = Random.integer(10); // 0-10 const int3 = Random.integer(5, 15); // 5-15 ``` ### Random.cardinal(max?) Generates non-negative integers (cardinal numbers): ```typescript const cardinal = Random.cardinal(); // 0-100 const limited = Random.cardinal(50); // 0-50 ``` ### Random.number(min?, max?) Generates floating point numbers with range support: ```typescript const num1 = Random.number(); // 0-1 const num2 = Random.number(1, 10); // 1-10 ``` ### Random.decimal(precision?, max?) Generates decimal numbers with specified precision: ```typescript const dec1 = Random.decimal(); // 2 decimal places, 0-1 const dec2 = Random.decimal(4, 100); // 4 decimal places, 0-100 ``` ### Random.fromRange(min, max) Generates numbers within precise ranges [min, max): ```typescript const range = Random.fromRange(-50, 50); // -50 to 50 (exclusive) ``` ## Implementation Details - All functions work seamlessly with secure, insecure, and seeded generators - Maintains backwards compatibility with existing API - Follows existing code patterns and TypeScript conventions - RFC4122 v4 compliant UUID generation with proper bit manipulation - Comprehensive parameter validation and flexible argument handling ## Quality Assurance - **34 new comprehensive test cases** covering all functions with edge cases, distribution testing, and deterministic behavior verification - **158 total tests passing** (124 original + 34 new) - **Complete documentation** updated in README.md with API reference and usage examples - **Interactive examples** added to the demo page with live demonstrations - **TypeScript compilation** successful with proper type definitions - **Linting passes** with no errors ## Live Demo The interactive examples page now includes dedicated sections for each new function with working demonstrations. The custom function builder dropdown also includes all new functions for easy testing. Fixes #3. --- ✨ Let Copilot coding agent [set things up for you](https://github.com/bluehive-health/meteor-random/issues/new?title=✨Set+up+Copilot+instructions&body=Configure%20instructions%20for%20this%20repository%20as%20documented%20in%20%5BBest%20practices%20for%20Copilot%20coding%20agent%20in%20your%20repository%5D%28https://gh.io/copilot-coding-agent-tips%29%0A%0A%3COnboard%20this%20repo%3E&assignees=copilot) — coding agent works faster and does higher quality work when set up for your repo.

harry97 · August 9, 2025, 9:36am

How long will we maintain our code abilities before our brains turn into mush?

jkuester · August 13, 2025, 10:14am

@wreiske this is awesome. One more somewhat related thing that should also be interesting for @awatson1978 - did you consider to look at the SHA256 function that is still used in Meteor core in many places (via sha package)?

I kept this private and reported it but nothing happened so I thought you might take a look at it.

Edit: I don’t want to spam / distort your post I just think its a great move to improve the overall security of Meteor and in my opinion that sha256 is also a part of it. If you think this is worth to work on then I will start providing a drop-in replacement for the sha package and PR to core

Edit edit: continue this topic in Accounts improvement initiative - #6 by pwix