Sign inDemoInstall


Package Overview
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies



ESLint plugin for finding RegExp mistakes and RegExp style guide violations.

Version published
Weekly downloads
increased by8.5%
Install size
3.55 MB
Weekly downloads




Minor Changes

  • Improved compatibility of type information with typescript-eslint in config. (#740)




eslint-plugin-regexp is ESLint plugin for finding RegExp mistakes and RegExp style guide violations.

NPM license NPM version NPM downloads NPM downloads NPM downloads NPM downloads NPM downloads Build Status Coverage Status

:name_badge: Features

This ESLint plugin provides linting rules relate to better ways to help you avoid problems when using RegExp.

  • Find the wrong usage of regular expressions, and their hints.
  • Enforces a consistent style of regular expressions.
  • Find hints for writing optimized regular expressions.
  • 80 plugin rules for regular expression syntax and features.

You can check on the Online DEMO.

:book: Documentation

See documents.

:cd: Installation

npm install --save-dev eslint eslint-plugin-regexp


  • ESLint v8.44.0 and above
  • Node.js v18.x, v20.x and above

:book: Usage

Add regexp to the plugins section of your eslint.config.js or .eslintrc configuration file (you can omit the eslint-plugin- prefix) and either use one of the two configurations available (recommended or all) or configure the rules you want:

The plugin.configs["flat/recommended"] config enables a subset of the rules that should be most useful to most users. See lib/configs/rules/recommended.ts for more details.

// eslint.config.js
import * as regexpPlugin from "eslint-plugin-regexp"

export default [

The plugin:regexp/recommended config enables a subset of the rules that should be most useful to most users. See lib/configs/rules/recommended.ts for more details.

// .eslintrc.js
module.exports = {
    "plugins": [
    "extends": [
         // add more generic rulesets here, such as:
         // 'eslint:recommended',

Advanced Configuration

Override/add specific rules configurations. See also:

// eslint.config.js
import * as regexpPlugin from "eslint-plugin-regexp"

export default [
        plugins: { regexp: regexpPlugin }
        rules: {
            // Override/add rules settings here, such as:
            "regexp/rule-name": "error"
// .eslintrc.js
module.exports = {
    "plugins": [
    "rules": {
        // Override/add rules settings here, such as:
        "regexp/rule-name": "error"

Using the all configuration

The plugin.configs["flat/all"] / plugin:regexp/all config enables all rules. It's meant for testing, not for production use because it changes with every minor and major version of the plugin. Use it at your own risk. See lib/configs/rules/all.ts for more details.

:white_check_mark: Rules

πŸ’Ό Configurations enabled in.
⚠️ Configurations set to warn in.
🟒 Set in the flat/recommended configuration.
πŸ”΅ Set in the recommended configuration.
πŸ”§ Automatically fixable by the --fix CLI option.
πŸ’‘ Manually fixable by editor suggestions.

Possible Errors

NameΒ Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β DescriptionπŸ’Όβš οΈπŸ”§πŸ’‘
no-contradiction-with-assertiondisallow elements that contradict assertions🟒 πŸ”΅πŸ’‘
no-control-characterdisallow control charactersπŸ’‘
no-dupe-disjunctionsdisallow duplicate disjunctions🟒 πŸ”΅πŸ’‘
no-empty-alternativedisallow alternatives without elements🟒 πŸ”΅πŸ’‘
no-empty-capturing-groupdisallow capturing group that captures empty.🟒 πŸ”΅
no-empty-character-classdisallow character classes that match no characters🟒 πŸ”΅
no-empty-groupdisallow empty group🟒 πŸ”΅
no-empty-lookarounds-assertiondisallow empty lookahead assertion or empty lookbehind assertion🟒 πŸ”΅
no-escape-backspacedisallow escape backspace ([\b])🟒 πŸ”΅πŸ’‘
no-invalid-regexpdisallow invalid regular expression strings in RegExp constructors🟒 πŸ”΅
no-lazy-endsdisallow lazy quantifiers at the end of an expression🟒 πŸ”΅πŸ’‘
no-misleading-capturing-groupdisallow capturing groups that do not behave as one would expect🟒 πŸ”΅πŸ’‘
no-misleading-unicode-characterdisallow multi-code-point characters in character classes and quantifiers🟒 πŸ”΅πŸ”§πŸ’‘
no-missing-g-flagdisallow missing g flag in patterns used in String#matchAll and String#replaceAll🟒 πŸ”΅πŸ”§
no-optional-assertiondisallow optional assertions🟒 πŸ”΅
no-potentially-useless-backreferencedisallow backreferences that reference a group that might not be matched🟒 πŸ”΅
no-super-linear-backtrackingdisallow exponential and polynomial backtracking🟒 πŸ”΅πŸ”§
no-super-linear-movedisallow quantifiers that cause quadratic moves
no-useless-assertionsdisallow assertions that are known to always accept (or reject)🟒 πŸ”΅πŸ’‘
no-useless-backreferencedisallow useless backreferences in regular expressions🟒 πŸ”΅
no-useless-dollar-replacementsdisallow useless $ replacements in replacement string🟒 πŸ”΅
strictdisallow not strictly valid regular expressions🟒 πŸ”΅πŸ”§πŸ’‘

Best Practices

NameΒ Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β DescriptionπŸ’Όβš οΈπŸ”§πŸ’‘
confusing-quantifierdisallow confusing quantifiers🟒 πŸ”΅
control-character-escapeenforce consistent escaping of control characters🟒 πŸ”΅πŸ”§
negationenforce use of escapes on negation🟒 πŸ”΅πŸ”§
no-dupe-characters-character-classdisallow duplicate characters in the RegExp character class🟒 πŸ”΅πŸ”§
no-empty-string-literaldisallow empty string literals in character classes🟒 πŸ”΅
no-extra-lookaround-assertionsdisallow unnecessary nested lookaround assertions🟒 πŸ”΅πŸ”§
no-invisible-characterdisallow invisible raw character🟒 πŸ”΅πŸ”§
no-legacy-featuresdisallow legacy RegExp features🟒 πŸ”΅
no-non-standard-flagdisallow non-standard flags🟒 πŸ”΅
no-obscure-rangedisallow obscure character ranges🟒 πŸ”΅
no-octaldisallow octal escape sequenceπŸ’‘
no-standalone-backslashdisallow standalone backslashes (\)
no-trivially-nested-assertiondisallow trivially nested assertions🟒 πŸ”΅πŸ”§
no-trivially-nested-quantifierdisallow nested quantifiers that can be rewritten as one quantifier🟒 πŸ”΅πŸ”§
no-unused-capturing-groupdisallow unused capturing group🟒 πŸ”΅πŸ”§πŸ’‘
no-useless-character-classdisallow character class with one character🟒 πŸ”΅πŸ”§
no-useless-flagdisallow unnecessary regex flags🟒 πŸ”΅πŸ”§
no-useless-lazydisallow unnecessarily non-greedy quantifiers🟒 πŸ”΅πŸ”§
no-useless-quantifierdisallow quantifiers that can be removed🟒 πŸ”΅πŸ”§πŸ’‘
no-useless-rangedisallow unnecessary character ranges🟒 πŸ”΅πŸ”§
no-useless-set-operanddisallow unnecessary elements in expression character classes🟒 πŸ”΅πŸ”§
no-useless-string-literaldisallow string disjunction of single characters in \q{...}🟒 πŸ”΅πŸ”§
no-useless-two-nums-quantifierdisallow unnecessary {n,m} quantifier🟒 πŸ”΅πŸ”§
no-zero-quantifierdisallow quantifiers with a maximum of zero🟒 πŸ”΅πŸ’‘
optimal-lookaround-quantifierdisallow the alternatives of lookarounds that end with a non-constant quantifier🟒 πŸ”΅πŸ’‘
optimal-quantifier-concatenationrequire optimal quantifiers for concatenated quantifiers🟒 πŸ”΅πŸ”§
prefer-escape-replacement-dollar-charenforces escape of replacement $ character ($$).
prefer-predefined-assertionprefer predefined assertion over equivalent lookarounds🟒 πŸ”΅πŸ”§
prefer-quantifierenforce using quantifierπŸ”§
prefer-rangeenforce using character class range🟒 πŸ”΅πŸ”§
prefer-regexp-execenforce that RegExp#exec is used instead of String#match if no global flag is provided
prefer-regexp-testenforce that RegExp#test is used instead of String#match and RegExp#execπŸ”§
prefer-set-operationprefer character class set operations instead of lookarounds🟒 πŸ”΅πŸ”§
require-unicode-regexpenforce the use of the u flagπŸ”§
require-unicode-sets-regexpenforce the use of the v flagπŸ”§
simplify-set-operationsrequire simplify set operations🟒 πŸ”΅πŸ”§
sort-alternativessort alternatives if order doesn't matterπŸ”§
use-ignore-caseuse the i flag if it simplifies the pattern🟒 πŸ”΅πŸ”§

Stylistic Issues

NameΒ Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β DescriptionπŸ’Όβš οΈπŸ”§πŸ’‘
grapheme-string-literalenforce single grapheme in string literal
hexadecimal-escapeenforce consistent usage of hexadecimal escapeπŸ”§
letter-caseenforce into your favorite caseπŸ”§
match-anyenforce match any character style🟒 πŸ”΅πŸ”§
no-useless-escapedisallow unnecessary escape characters in RegExp🟒 πŸ”΅πŸ”§
no-useless-non-capturing-groupdisallow unnecessary non-capturing group🟒 πŸ”΅πŸ”§
prefer-character-classenforce using character class🟒 πŸ”΅πŸ”§
prefer-denforce using \d🟒 πŸ”΅πŸ”§
prefer-lookaroundprefer lookarounds over capturing group that do not replaceπŸ”§
prefer-named-backreferenceenforce using named backreferencesπŸ”§
prefer-named-capture-groupenforce using named capture groups
prefer-named-replacementenforce using named replacementπŸ”§
prefer-plus-quantifierenforce using + quantifier🟒 πŸ”΅πŸ”§
prefer-question-quantifierenforce using ? quantifier🟒 πŸ”΅πŸ”§
prefer-result-array-groupsenforce using result array groupsπŸ”§
prefer-star-quantifierenforce using * quantifier🟒 πŸ”΅πŸ”§
prefer-unicode-codepoint-escapesenforce use of unicode codepoint escapes🟒 πŸ”΅πŸ”§
prefer-wenforce using \w🟒 πŸ”΅πŸ”§
sort-character-class-elementsenforces elements order in character classπŸ”§
sort-flagsrequire regex flags to be sorted🟒 πŸ”΅πŸ”§
unicode-escapeenforce consistent usage of unicode escape or unicode codepoint escapeπŸ”§
unicode-propertyenforce consistent naming of unicode propertiesπŸ”§


  • :no_entry: These rules have been removed in a previous major release, after they have been deprecated for a while.
Rule IDReplaced byRemoved in version
no-useless-exactly-quantifierregexp/no-useless-quantifier, regexp/no-zero-quantifierv2.0.0

:gear: Settings

See Settings.

:traffic_light: Semantic Versioning Policy

eslint-plugin-regexp follows Semantic Versioning and ESLint's Semantic Versioning Policy.

:beers: Contributing

Welcome contributing!

Please use GitHub's Issues/PRs.


Development Tools

  • npm test runs tests and measures coverage.
  • npm run update runs in order to update readme and recommended configuration.
  • npm run new [new rule name] runs to create the files needed for the new rule.
  • npm run docs:watch starts the website locally.

:lock: License

See the LICENSE file for license rights and limitations (MIT).



Last updated on 21 May 2024

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.


Related posts

SocketSocket SOC 2 Logo


  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚑️ by Socket Inc