JSPM

eslint-plugin-vuln-regex-detector

1.0.2
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 306
  • Score
    100M100P100Q96099F
  • License MIT

Detect vulnerable regexes using the vuln-regex-detector module.

Package Exports

  • eslint-plugin-vuln-regex-detector

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (eslint-plugin-vuln-regex-detector) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

eslint-plugin-vuln-regex-detector

Detect unsafe regexes.

This is an experimental plugin. It works, but it makes a synchronous HTTP request for every regex in your code. If you have more than a few regexes or are located far from Virginia Tech, the overhead might be intolerable.

Installation

You'll first need to install ESLint:

$ npm i eslint --save-dev

Next, install eslint-plugin-vuln-regex-detector:

$ npm install eslint-plugin-vuln-regex-detector --save-dev

Note: If you installed ESLint globally (using the -g flag) then you must also install eslint-plugin-vuln-regex-detector globally.

Usage

Add vuln-regex-detector to the plugins section of your .eslintrc configuration file. You can omit the eslint-plugin- prefix:

{
    "plugins": [
        "vuln-regex-detector"
    ]
}

Then configure the rules you want to use under the rules section.

{
    "rules": {
        "vuln-regex-detector/no-vuln-regex": 2
    }
}

Supported Rules

  • no-vuln-regex: Identify vulnerable regexes in your code.