Detect potentially catastrophic exponential-time regular expressions by limiting the star height to 1.
This is a fork of https://github.com/substack/safe-regex at 1.1.0.
WARNING: This module has both false positives and false negatives. It is not meant as a full checker, but it detects basic cases.
npm i safe-regex2
const safe = require('safe-regex2');
const regex = process.argv.slice(2).join(' ');
console.log(safe(regex));$ node safe.js '(x+x+)+y'
false
$ node safe.js '(beep|boop)*'
true
$ node safe.js '(a+){10}'
false
$ node safe.js '\blocation\s*:[^:\n]+\b(Oakland|San Francisco)\b'
true
const safe = require('safe-regex')Returns a boolean indicating whether the regex re is safe
and not possibly catastrophic.
re can be a RegExp object or just a string.
If re is a string and is an invalid regex, it returns false.
-
opts.limit- maximum number of allowed repetitions in the entire regex. Default:25.
Licensed under MIT.