Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@1password/password-rules-parser

Package Overview
Dependencies
Maintainers
1
Versions
6
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@1password/password-rules-parser

Parser for Apple's password rules format: https://developer.apple.com/password-rules/

  • 1.0.0
  • latest
  • npm
  • Socket score

Version published
Weekly downloads
2.6K
increased by8.34%
Maintainers
1
Weekly downloads
 
Created
Source

Password Rules Parser

Context Free Grammar and PEGs

A context-free grammar (CFG) is a set of "production rules" that describe all the possible strings that can be formed in a given formal language. Production rules are simple replacements, and they can produce more than one result.

A Parsing Expression Grammar (PEG) is a CFG that will choose the first match and therefore is not ambiguous. The nitty-gritty about PEGs can be read in this paper.

Note that a PEG is not a parser, but it can be converted into one.

How to get a parser from a PEG

The grammar itself is the set of substitution rules. Depending on the target language for the parser, it is possible to add functions in that language to clean up and improve the output. These functions should not alter what the grammar produces (don't add if statements!) just the way it presents the answer.

PEG.js is the best and most user friendly option. It outputs a JavaScript parser. To obtain a JavaScript parser, install and configure PEG.js in your computer, or generate it with the online tool by pasting the code here. The online tool makes it easy to test different inputs, but these inputs are not part of the generated or downloaded parser.

If you need a parser in Go instead of JS, the answer is Pigeon. There's no online version so it needs to be configured in your computer.

Apple's Password Rule Validation Tool

Apple has implemented a standard syntax for addressing password rules.

The grammar ParserNoCharacterClass defines a subset of the above specs, in PEG.js. It does not allow custom character classes (for now). It allows 0 or more spaces between the different parts of the rule so, minlength: 15;required: upper, lower; will output the same content result as minlength:15;required:upper, lower;. It does not allow line breaks.

And the custom character classes?

A grammar that parses the full specs will be added soon. Later on, a Go version for it.

FAQs

Package last updated on 19 Oct 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc