Meteor.uuid() safe to use?


I’m using Meteor.uuid() in an app to generate random verification code. I just noticed that it is not included in the Meteor docs and was just wondering if it is safe to use and that it is not being deprecated.


I would use either or Random.secret(). Be sure to do meteor add random first. Both take an argument (numeric) that determines how many characters are returned.


Perfect, thanks for the tip.


I can confirm that Meteor.uuid() is depreciated, according to this source code comment:

// Before this package (random) existed, we used to use this Meteor.uuid() // implementing the RFC 4122 v4 UUID. It is no longer documented // and will go away.


Instead of meteor add random you can use meteor npm i --save random and import the package. That way you reduce the amount of “smart package” dependencies. (I seem to be doing that now that i have the capability to).


Sure, you could use any random UID package out there. Though when I want to use IDs that look like Meteor’s, I use the Meteor random package so things look consistent.


Actually that’s true, I just noticed it is one of those “core” meteor packages, I just reverted that change on my app.


Just FYI, Meteor.uuid has been removed in without any warning. We should probably find a better way to deprecate functions than comments deep in the core.


It wasn’t entirely without warning:
The original docs pre version 0.5.7 said it would likely go away in future:

Currently Meteor uses this function to generate _id fields for new Mongo documents. In the future we will likely switch to native binary Mongo IDs. At that point this function will be deprecated or moved into a separate package.

Then they disappeared from the docs in 0.5.7, and the changelog noted it was deprecated (in Feb 2013):

New random package provides several functions for generating random values. The new function is used to provide shorter string IDs for MongoDB documents. Meteor.uuid() is deprecated.

And then it was noted in the 1.6.1 changelog that it was removed:

The deprecated Meteor.uuid function has been removed. If your application is still using Meteor.uuid, you should run

meteor npm install uuid

to install the widely used uuid package from npm. Example usage:

import uuid from "uuid";

However, I do agree that the warning was not loud enough. Not everyone reads change logs.
Surely in the version before removal, Meteor should start logging that the deprecated function is about to be removed.

Also it’d be nice if Meteor versions were a bit more semver-ish, and not remove deprecated api’s for what looks like a minor version update.


Thanks for the quick reply! The fact that it was deprecated back in 2013 surely explains why we never saw it. Definitely missed it in the 1.6 release notes as this is not an expected change in a minor version bump. Logging before removal would be very helpful indeed, we have a large app and most likely have more of those silently deprecated functions lurking deep within the codebase.