Big update!Introducing GitHub Bot Commands. Learn more
Socket
BlogLoveLog in
Book a demo

ansi-regex

Package Overview
Dependencies
0
Maintainers
2
Versions
17
Issues
File Explorer

Advanced tools

ansi-regex

Regular expression for matching ANSI escape codes

    6.0.1latest

Version published
Maintainers
2
Weekly downloads
130,679,023
increased by3.11%

Weekly downloads

Changelog

Source

Fixes

  • Fix ReDoS in certain cases (#37) You are only really affected if you run the regex on untrusted user input in a server context, which it's very unlikely anyone is doing, since this regex is mainly used in command-line tools.

CVE-2021-3807

https://github.com/chalk/ansi-regex/compare/v6.0.0...v6.0.1

Thank you @yetingli for the patch and reproduction case!

Readme

Source

ansi-regex

Regular expression for matching ANSI escape codes

Install

$ npm install ansi-regex

Usage

import ansiRegex from 'ansi-regex'; ansiRegex().test('\u001B[4mcake\u001B[0m'); //=> true ansiRegex().test('cake'); //=> false '\u001B[4mcake\u001B[0m'.match(ansiRegex()); //=> ['\u001B[4m', '\u001B[0m'] '\u001B[4mcake\u001B[0m'.match(ansiRegex({onlyFirst: true})); //=> ['\u001B[4m'] '\u001B]8;;https://github.com\u0007click\u001B]8;;\u0007'.match(ansiRegex()); //=> ['\u001B]8;;https://github.com\u0007', '\u001B]8;;\u0007']

API

ansiRegex(options?)

Returns a regex for matching ANSI escape codes.

options

Type: object

onlyFirst

Type: boolean
Default: false (Matches any ANSI escape codes in a string)

Match only the first ANSI escape.

FAQ

Why do you test for codes not in the ECMA 48 standard?

Some of the codes we run as a test are codes that we acquired finding various lists of non-standard or manufacturer specific codes. We test for both standard and non-standard codes, as most of them follow the same or similar format and can be safely matched in strings without the risk of removing actual string content. There are a few non-standard control codes that do not follow the traditional format (i.e. they end in numbers) thus forcing us to exclude them from the test because we cannot reliably match them.

On the historical side, those ECMA standards were established in the early 90's whereas the VT100, for example, was designed in the mid/late 70's. At that point in time, control codes were still pretty ungoverned and engineers used them for a multitude of things, namely to activate hardware ports that may have been proprietary. Somewhere else you see a similar 'anarchy' of codes is in the x86 architecture for processors; there are a ton of "interrupts" that can mean different things on certain brands of processors, most of which have been phased out.

Maintainers


Get professional support for this package with a Tidelift subscription
Tidelift helps make open source sustainable for maintainers while giving companies
assurances about security, maintenance, and licensing for their dependencies.

Keywords

FAQs

What is ansi-regex?

Regular expression for matching ANSI escape codes

Is ansi-regex popular?

The npm package ansi-regex receives a total of 106,892,648 weekly downloads. As such, ansi-regex popularity was classified as popular.

Is ansi-regex well maintained?

We found that ansi-regex demonstrated a not healthy version release cadence and project activity because the last version was released a year ago.It has 2 open source maintainers collaborating on the project.

Last updated on 10 Sep 2021
Socket

Product

Subscribe to our newsletter

Get open source security insights delivered straight into your inbox. Be the first to learn about new features and product updates.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc