fix: use nanoid/non-secure to avoid unnecessary dependency on crypto

[kylemcd]

Description

Switches the nanoid import in @knocklabs/client from nanoid to nanoid/non-secure to fix a bundling error in React Native environments. React Native users (particularly with Expo) hit a build error because nanoid's default export depends on Node's crypto module, which doesn't exist in the React Native runtime. Some users have worked around this by installing expo-crypto as a polyfill, but this is fragile — it depends on the polyfill loading before nanoid, which isn't guaranteed across different Expo SDK versions and build configurations. The non-secure variant uses Math.random() instead of crypto.getRandomValues(). The only usage of nanoid in the client is to generate a referenceId for Feed instances (e.g. client_V1StGXR8_Z5jdHi6B-myT), used for internal client tracking — it doesn't serve any security purpose, so cryptographic randomness is unnecessary.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
javascript-ms-teams-connect-example	Ready	Preview, Comment	Mar 12, 2026 7:10pm
javascript-nextjs-example	Ready	Preview, Comment	Mar 12, 2026 7:10pm
javascript-slack-connect-example	Ready	Preview, Comment	Mar 12, 2026 7:10pm
javascript-slack-kit-example	Ready	Preview, Comment	Mar 12, 2026 7:10pm

[linear]

KNO-12041 fix nanoid crypto issue with react native / expo

[changeset-bot]

🦋 Changeset detected

Latest commit: 0369385

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 13 packages

Name	Type
@knocklabs/client	Patch
client-example	Patch
guide-example	Patch
@knocklabs/expo	Patch
@knocklabs/react-core	Patch
@knocklabs/react-native	Patch
@knocklabs/react	Patch
@knocklabs/expo-example	Patch
ms-teams-connect-example	Patch
nextjs-app-dir-example	Patch
nextjs-example	Patch
slack-connect-example	Patch
slack-kit-example	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[kylemcd]

• fix: use nanoid/non-secure to avoid unnecessary dependency on crypto #902 👈 (View in Graphite)
• main

This stack of pull requests is managed by Graphite. Learn more about stacking.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 65.15%. Comparing base (d325732) to head (0369385).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #902   +/-   ##
=======================================
  Coverage   65.15%   65.15%           
=======================================
  Files         207      207           
  Lines        9593     9593           
  Branches     1250     1250           
=======================================
  Hits         6250     6250           
  Misses       3318     3318           
  Partials       25       25           

Files with missing lines	Coverage Δ
packages/client/src/clients/feed/feed.ts	81.50% <100.00%> (ø)