Bits and Pieces has posted “Why is NanoID Replacing UUID?”, suggesting that NanoID is a replacement for uuid, being much smaller and nearly twice as fast.

It certainly has those advantages - uuid is 116kb unpacked, and nanoid is a whopping 25kb instead, and nanoid is able to generate strings in roughly half the time compared to uuid.

However, the article makes some arguments that don’t quite hold up under examination.

Unlike UUID, NanoID is 4.5 times smaller in size and does not have any dependencies. Furthermore, the size limit has been used to reduce the size from another 35%.

The size reduction directly affects on size of the data. For instance, an object using NanoID is small and compact for data transfer and storage. With the application growth, these numbers become visible.

uuid does have dependencies in the source tree, and it also has optional dependencies - but it has no dependencies block, meaning that it, too, has no runtime dependencies. That doesn’t address the actual runtime size, which is over four times larger unminified, but the claim is misleading.

There’s also no doubt that a NanoID is indeed smaller than a RFC-4122-compliant UUID, but it also has less information than a UUID does. Further, while collisions are still unlikely, they’re more likely than with a compliant UUID.

You also have control over the NanoID’s size, so the claim of a NanoID being smaller is dependent on the developer not altering the generated characteristics.

You also lose validation capabilities; one of the features of a UUID is that it’s governed by an RFC, and every part of it has some meaning, and therefore you can examine a UUID and determine what type of UUID it is, and if it even is a UUID, and - depending on the type - when and where it was generated, giving you security features a NanoID does not have and cannot have, by its own definition.

That doesn’t mean that you should avoid NanoID. It may solve a problem you have, and perfectly; it’s just a comment on the way the article is written, which has a competitive vibe that tries to replace UUID with NanoID, even though UUIDs also have a clear and useful purpose.