Nano ID is a tiny, secure, URL-friendly unique string ID generator for JavaScript, designed to create short IDs with a URL-safe alphabet. It supports secure and non-secure modes (using hardware random generation by default) and can be customized by ID size or alphabet.
Project status
- The source appears actively maintained as of today, with upstream and repo pushes within the last day (last upstream push 2026-06-24) and a steady stream of updates through late June 2026.
- Apparent update cadence is high, with multiple versioned updates clustered in June 2026 (for example 5.1.13, 5.1.14, 5.1.15, 5.1.16 between 2026-06-18 and 2026-06-24), suggesting ongoing work rather than maintenance mode.
AI summary generated
Recent updates
5.1.16
Release 5.1.16 notes only mention a fix for an infinite loop when Nano ID is called with a negative size. However, the actual diff from 3.3.15 to 5.1.16 shows this fix alongside broader changes to the node and browser implementations, TypeScript typings, and exported entrypoints. It also removes the entire async API surface.
3.3.15
Release 3.3.15 only documents a fix for an npm provenance error. However, the code diff shows a much larger packaging and module-system refactor, including new .cjs entrypoints, ESM conversions, and a new exports map with conditional entry resolution.
5.1.15
Release 5.1.15 is described as a targeted fix for random pool corruption when generating large Nano ID strings. The provided code diff, however, shows additional refactors to the Node and browser implementations, TypeScript types, and even removal of entire async entrypoints that are not mentioned in the release notes.
3.3.14
Release 3.3.14 claims to fix random pool corruption when generating large Nano ID sizes. The code diff shows a much broader packaging and module-format overhaul (CommonJS to ESM, new conditional exports, new *.cjs browser/entry files) in addition to the pool-corruption fix.
BreakingFeatures5.1.14
Release 5.1.14 is a small packaging maintenance update intended to address an npm package size regression. The release notes only mention the size fix, and the code diff shows the change is confined to release metadata and the packaging/cleanup workflow.
5.1.13
Release 5.1.13 bumps the package version and updates CI tooling used to clean the npm package. The only documented change is a fix for an npm package size regression, and the repository changelog reflects that.
5.1.12
Release 5.1.12 release notes only mention publishing pipeline changes: moving to npm Provenance and staged publishing. The actual code diff shows substantial library changes to the Nano ID generation implementation, module formats for some entrypoints, TypeScript typings, and removal of the async API.
3.3.13
Release 3.3.13 claims only that the npm package size was reduced. However, the code diff shows a broader refactor around module formats (CommonJS vs ESM), plus runtime behavior changes in the ID size validation path.
5.1.11
Release 5.1.11 is documented as a fix for “breaking Nano ID by requesting big ID”. The code changes in this version range include that size handling fix, but also show broader undocumented refactors across the Node and browser implementations, export style, and TypeScript types.
Breaking3.3.12
Release 3.3.12 states it fixes Nano ID breaking when requesting a big ID. The code change set goes far beyond that one-line note, introducing a major ESM/CJS packaging refactor (conditional exports and new entrypoint files) and adding explicit runtime bounds checking for requested ID sizes.
Features5.1.10
Release 5.1.10’s notes say it fixes a breaking issue in nanoid by “requesting big ID”. The actual code diff for this tag shows much broader changes beyond that single fix, including API surface removal (async entrypoints), ESM export changes, TypeScript typing changes, and modifications to the core ID generation algorithm and edge-case handling.
5.1.9
Release 5.1.9 publishes a version bump and claims to fix an npm package size regression. The code diff indicates the change is related to what gets included in the npm package rather than any runtime/API logic.
5.1.8
Release 5.1.8 claims a performance improvement to `customAlphabet`, stating it is 75% faster. The code diff shows a deeper change to the random ID generation algorithm used by `customRandom` (and therefore `customAlphabet`), not just a micro-optimization. The test expectations for deterministic `customRandom` outputs were updated accordingly.
5.1.7
Release 5.1.7 adds a CLI option to print the package version, updates the CDN-focused build artifact, and fixes documentation plus TypeScript typings for `customRandom`. The code diff also includes several additional changes related to TypeScript export mappings and the internal CDN build of `nanoid.js`.
Features5.1.6
Release 5.1.6 fixes an infinite loop when using `customAlphabet` with a size of 0. The core runtime change is a guard that returns an empty string for falsy `size` values, and the release adds regression tests for 0-size behavior.
5.1.5
Release 5.1.5 release notes only state: the package’s latest version on npm was fixed after the 3.x release line. The actual code diff between 3.3.11 and 5.1.5 includes substantial API and module-format changes (not just an npm metadata fix).
3.3.11
Release 3.3.11 is described as a fix for React Native support. The actual code changes go well beyond that, introducing a new ESM/CJS packaging layout (new `exports` map and `*.cjs` entry files) and updating build mappings for browser and React Native.
Features5.1.4
The 5.1.4 release notes only mention a packaging fix: "Fixed latest version on npm after 3.x release." However, the actual code diff from 3.3.10 to 5.1.4 contains much larger changes, including API surface changes (notably async removal), module system changes, and TypeScript signature updates.