JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 3004251
  • Score
    100M100P100Q205792F
  • License MIT

detect possibly catastrophic, exponential-time regular expressions

Package Exports

  • safe-regex2
  • safe-regex2/index.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (safe-regex2) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

safe-regex2

CI NPM version neostandard javascript style

Detect potentially catastrophic exponential-time regular expressions by limiting the star height to 1.

This is a fork of https://github.com/substack/safe-regex at 1.1.0.

WARNING: This module has both false positives and false negatives. It is not meant as a full checker, but it detects basic cases.

Install

npm i safe-regex2

Example

const safe = require('safe-regex2');
const regex = process.argv.slice(2).join(' ');
console.log(safe(regex));
$ node safe.js '(x+x+)+y'
false
$ node safe.js '(beep|boop)*'
true
$ node safe.js '(a+){10}'
false
$ node safe.js '\blocation\s*:[^:\n]+\b(Oakland|San Francisco)\b'
true

Methods

const safe = require('safe-regex')

const ok = safe(re, opts={})

Returns a boolean indicating whether the regex re is safe and not possibly catastrophic.

re can be a RegExp object or just a string.

If re is a string and is an invalid regex, it returns false.

  • opts.limit - maximum number of allowed repetitions in the entire regex. Default: 25.

License

Licensed under MIT.