Use SecureRandom if uuid4r is not available

[atrzaska]

Fixes: #50

Problem

Currently beetle uses UUID4R gem for generating message UUID.
UUID4R gem uses OSSP-UUID native library.
OSSP-UUID library is outdated (2008). It is also not included as package in many linux distributions.
Therefore many times developers are stuck installing this library by compiling from the source.

Proposal

Replace UUID4R gem with SecureRandom.

Speed benchmark

SecureRandom seems like a 4 times faster solution than UUID4R:

[4] pry(main)> Benchmark.bmbm(100) { |b| b.report('SecureRandom.uuid') { SecureRandom.uuid }; b.report('UUID4R::uuid(4)') { UUID4R::uuid(4) } }
Rehearsal ----------------------------------------------------------------------------------------------------------------------------------------
SecureRandom.uuid                                                                                      0.000037   0.000004   0.000041 (  0.000034)
UUID4R::uuid(4)                                                                                        0.000032   0.000112   0.000144 (  0.000144)
------------------------------------------------------------------------------------------------------------------------------- total: 0.000185sec

                                                                                                           user     system      total        real
SecureRandom.uuid                                                                                      0.000029   0.000003   0.000032 (  0.000027)
UUID4R::uuid(4)                                                                                        0.000030   0.000078   0.000108 (  0.000103)

[atrzaska]

@skaes PTAL

[skaes]

I'm reluctant to merge this, because we have no information on the quality of randomness of SecureRandom vs UUID4r. Could be better, worse or just as good.

Also, in order to merge it, it must not include changes to lib/version.rb or the RELEASE notes.

[atrzaska]

@skaes I reverted changes to lib/version, readme and changelog.
SecureRandom is faster and should be also very secure to use. It is also included in ruby so it is maintained, unlike ossp_uuid.

[skaes]

I still have my doubts. Can you please change the code to still allow the use of UUID4R if it is available?

Please follow this pattern: https://github.com/skaes/logjam_agent/blob/master/lib/logjam_agent.rb#L221-L230
but without the gsub.

Then we can try rolling this out incrementally.

And please make uuidr a development dependency.

[atrzaska]

@skaes Addressed. Let me know if those changes look ok.

[skaes]

LGTM. Thx for the contribution.