safe-regex2
TypeScript icon, indicating that this package has built-in type declarations

5.0.0 • Public • Published

safe-regex2

CI NPM version neostandard javascript style

Detect potentially catastrophic exponential-time regular expressions by limiting the star height to 1.

This is a fork of https://github.com/substack/safe-regex at 1.1.0.

WARNING: This module has both false positives and false negatives. It is not meant as a full checker, but it detects basic cases.

Install

npm i safe-regex2

Example

const safe = require('safe-regex2');
const regex = process.argv.slice(2).join(' ');
console.log(safe(regex));
$ node safe.js '(x+x+)+y'
false
$ node safe.js '(beep|boop)*'
true
$ node safe.js '(a+){10}'
false
$ node safe.js '\blocation\s*:[^:\n]+\b(Oakland|San Francisco)\b'
true

Methods

const safe = require('safe-regex')

const ok = safe(re, opts={})

Returns a boolean indicating whether the regex re is safe and not possibly catastrophic.

re can be a RegExp object or just a string.

If re is a string and is an invalid regex, it returns false.

  • opts.limit - maximum number of allowed repetitions in the entire regex. Default: 25.

License

Licensed under MIT.

Package Sidebar

Install

npm i safe-regex2

Weekly Downloads

2,086,051

Version

5.0.0

License

MIT

Unpacked Size

9.2 kB

Total Files

13

Last publish

Collaborators

  • zekth
  • eomm
  • gurgunday
  • ivan-tymoshenko
  • simoneb
  • climba03003
  • jsumners
  • fdawgs
  • metcoder95
  • matteo.collina