[progbits]

This is missing a checksum which helps secret scanning avoid false positives in other high entropy strings.

See for example: https://docs.github.com/en/code-security/secret-scanning/sec...

[majkinetor]

Crockford has a checksum though

[progbits]

https://github.com/agentstation/uuidkey/blob/master/uuidkey....

They don't appear to check validity though? I haven't tested it so maybe someone else can double check.

[majkinetor]

yes they do. We use it in prod