Use seedable PRNG instead of Math.random()

[Devvypaws]

Description

The library currently uses Math.random() for generating random values during testing. While Math.random() is "good enough" for creating values, it cannot be seeded for reproducible values. This prevents someone from being able to re-run a failing test with the same values, including ourselves.¹

Requirements

1. The algorithm MUST be seedable and deterministic.
   Tests must be reproducible in cases of failing tests that need to be explored further by the maintainers.

2. The algorithm MUST produce a reasonably random and distributed set of values.
   Cryptographic security is outside the scope of this library,² but it still needs to be able to provide a good variety over the course of testing.

3. The algorithm MUST be as fast as possible.
   Each fuzz test runs 100 times by default. This means generating 100 values for a primitive alone; this number grows exponentially for product types, such as objects and arrays. Nontrivial test suites must be able to run reasonably fast, otherwise the library will go unused.

Potential Algorithms

• PCG, 32-bit RXS-M-XS variant
• ChaCha8 (suggested by Emily)

Footnotes

1. This library aims to be self-testing before its initial release. ↩

2. If you require cryptographically secure value generation as part of your tests, consider using a fuzzer to generate a seed value, then use Fuzzer.map() or one of its variants to pass that to a more secure function. Just be sure the function you use does not rely on any global values, like the current time! If you're not sure, there's no better time than the present to review arbitrary code you're pulling in from outside sources. :-) ↩