From 1a430ca67159b9314280efe7677c8e3d326c6d72 Mon Sep 17 00:00:00 2001
From: Seerat Awan <seeratsdsking@gmail.com>
Date: Wed, 16 Oct 2024 14:57:16 +0500
Subject: [PATCH] fix: weak cryptography

---
 packages/javascript-sdk/src/core/client.ts   | 2 +-
 packages/javascript-sdk/src/utils/common.ts  | 8 ++++++--
 packages/javascript-sdk/src/utils/helpers.ts | 3 ++-
 3 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/packages/javascript-sdk/src/core/client.ts b/packages/javascript-sdk/src/core/client.ts
index de88b89..e9aeb3d 100644
--- a/packages/javascript-sdk/src/core/client.ts
+++ b/packages/javascript-sdk/src/core/client.ts
@@ -41,7 +41,7 @@ export class UsermavenClient {
             this.config.maxSendAttempts || 3,
             this.config.minSendTimeout || 1000,
             10,
-            500  // Reduced interval to .5 second
+            200  // Reduced interval to .2 second
         );
 
         if (isWindowAvailable()) {
diff --git a/packages/javascript-sdk/src/utils/common.ts b/packages/javascript-sdk/src/utils/common.ts
index eb1e8eb..8c7d9ac 100644
--- a/packages/javascript-sdk/src/utils/common.ts
+++ b/packages/javascript-sdk/src/utils/common.ts
@@ -323,8 +323,12 @@ export function isWindowAvailable(): boolean {
 }
 
 
-export function  generateRandom(): string {
-    return Math.random().toString(36).substring(2, 7)
+export function  generateRandom(length: number = 5): string {
+    const array = new Uint8Array(length);
+    crypto.getRandomValues(array);
+    return Array.from(array, (byte) => byte.toString(36).padStart(2, '0'))
+        .join('')
+        .slice(0, length);
 }
 
 export function toCamelCase(str: string): string {
diff --git a/packages/javascript-sdk/src/utils/helpers.ts b/packages/javascript-sdk/src/utils/helpers.ts
index 738084e..40e8798 100644
--- a/packages/javascript-sdk/src/utils/helpers.ts
+++ b/packages/javascript-sdk/src/utils/helpers.ts
@@ -1,7 +1,8 @@
 import {LogLevel} from "../utils/logger";
+import {generateRandom} from "../utils/common";
 
 export function generateId(): string {
-    return Math.random().toString(36).substring(2, 12);
+    return generateRandom(10);
 }
 
 export function isValidEmail(email: string): boolean {