The library BitcoinJS (https://github.com/bitcoinjs) has a method called
makeRandom(). Where does its entropy (randomness) come from? Is it as secure as the method from http://bitaddress.org/ (moving around the mouse), or even more so?
This code calls this code, which calls
crypto.getRandomValues, which is a trustworthy cryptographically secure random number generator. It's secure enough to compete with bitaddress.org, as long as one's browser was not hacked.