Replace uuidv4 generator with crypto.randomUUID()

The uuidv4 generator in util used `Math.random()`, which does not provide strong uniqueness guarantees
(https://www.bocoup.com/blog/random-numbers).

The places where the uuidv4 generator were used didn't require strong
uniqueness guarantees (nothing security related), but I think it's good
to move away from this from util in case we try to use it in the future.

A better built-in alternative is `crypto.randomUUID()`, which does provide strong
uniqueness guarantees. Since this is a more modern JS built-in, it's
only [defined in secure
contexts](https://blog.mozilla.org/security/2018/01/15/secure-contexts-everywhere/).
Is this something we're concerned about? Are there any App Check users
with apps running in non-secure environments?

Author: dlarocque

packages/app-check/src/storage.ts

@@ -16,7 +16,7 @@
  */
 
 import { FirebaseApp } from '@firebase/app';
-import { isIndexedDBAvailable, uuidv4 } from '@firebase/util';
+import { isIndexedDBAvailable } from '@firebase/util';
 import {
   readDebugTokenFromIndexedDB,
   readTokenFromIndexedDB,
@@ -77,7 +77,7 @@ export async function readOrCreateDebugTokenFromStorage(): Promise<string> {
 
   if (!existingDebugToken) {
     // create a new debug token
-    const newToken = uuidv4();
+    const newToken = crypto.randomUUID();
     // We don't need to block on writing to indexeddb
     // In case persistence failed, a new debug token will be generated every time the page is refreshed.
     // It renders the debug token useless because you have to manually register(whitelist) the new token in the firebase console again and again.

packages/data-connect/test/queries.test.ts

@@ -15,7 +15,6 @@
  * limitations under the License.
  */
 
-import { uuidv4 } from '@firebase/util';
 import { expect, use } from 'chai';
 import chaiAsPromised from 'chai-as-promised';
 
@@ -51,11 +50,11 @@ interface TaskListResponse {
 
 const SEEDED_DATA = [
   {
-    id: uuidv4(),
+    id: crypto.randomUUID(),
     content: 'task 1'
   },
   {
-    id: uuidv4(),
+    id: crypto.randomUUID(),
     content: 'task 2'
   }
 ];

packages/database/test/helpers/util.ts

@@ -16,7 +16,6 @@
  */
 
 import { FirebaseApp, initializeApp } from '@firebase/app';
-import { uuidv4 } from '@firebase/util';
 import { expect } from 'chai';
 
 import {
@@ -105,7 +104,7 @@ export function waitFor(waitTimeInMS: number) {
 
 // Creates a unique reference using uuid
 export function getUniqueRef(db: Database) {
-  const path = uuidv4();
+  const path = crypto.randomUUID();
   return ref(db, path);
 }
 

packages/util/index.node.ts

@@ -38,7 +38,6 @@ export * from './src/sha1';
 export * from './src/subscribe';
 export * from './src/validation';
 export * from './src/utf8';
-export * from './src/uuid';
 export * from './src/exponential_backoff';
 export * from './src/formatters';
 export * from './src/compat';

packages/util/index.ts

@@ -33,7 +33,6 @@ export * from './src/sha1';
 export * from './src/subscribe';
 export * from './src/validation';
 export * from './src/utf8';
-export * from './src/uuid';
 export * from './src/exponential_backoff';
 export * from './src/formatters';
 export * from './src/compat';