Product
A Fresh Look for the Socket Dashboard
We’ve redesigned the Socket dashboard with simpler navigation, less visual clutter, and a cleaner UI that highlights what really matters.
By André Staltz, Jeppe Hasseriis, Nolan Lawson - Jun 23, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
eslint-plugin-regexp
Advanced tools
eslint-plugin-regexp
ESLint plugin for finding RegExp mistakes and RegExp style guide violations.
What is eslint-plugin-regexp?
eslint-plugin-regexp is an ESLint plugin that provides linting rules for regular expressions. It helps developers write more efficient, readable, and secure regular expressions by catching common mistakes and suggesting improvements.
What are eslint-plugin-regexp's main functionalities?
No Unnecessary Escape
This rule disallows unnecessary escape characters in regular expressions. In the example, the backslash before the dot is unnecessary and should be removed.
/* eslint regexp/no-useless-escape: 'error' */
const regex = /\./;No Obscure Character Class
This rule disallows obscure character class ranges that can be confusing or error-prone. In the example, the character class is clear and does not contain obscure ranges.
/* eslint regexp/no-obscure-range: 'error' */
const regex = /[a-zA-Z]/;No Unnecessary Quantifier
This rule disallows unnecessary quantifiers in regular expressions. In the example, the quantifier {1} is unnecessary and should be removed.
/* eslint regexp/no-useless-quantifier: 'error' */
const regex = /a{1}/;No Empty Character Class
This rule disallows empty character classes in regular expressions. In the example, the character class is empty and should be corrected.
/* eslint regexp/no-empty-character-class: 'error' */
const regex = /[]/;Other packages similar to eslint-plugin-regexp
eslint-plugin-security
eslint-plugin-security is an ESLint plugin that helps identify potential security issues in JavaScript code. While it covers a broader range of security concerns, it includes some rules related to regular expressions, such as detecting potential ReDoS (Regular Expression Denial of Service) vulnerabilities. It is more general in scope compared to eslint-plugin-regexp.
eslint-plugin-unicorn
eslint-plugin-unicorn is a collection of various ESLint rules aimed at improving code quality and consistency. It includes some rules for regular expressions, such as preventing potential ReDoS attacks and suggesting more readable patterns. However, it is not as focused on regular expressions as eslint-plugin-regexp.
Introduction
eslint-plugin-regexp is ESLint plugin for finding RegExp mistakes and RegExp style guide violations.
:name_badge: Features
This ESLint plugin provides linting rules relate to better ways to help you avoid problems when using RegExp.
- Find the wrong usage of regular expressions, and their hints.
- Enforces a consistent style of regular expressions.
- Find hints for writing optimized regular expressions.
You can check on the Online DEMO.
:book: Documentation
See documents.
:cd: Installation
npm install --save-dev eslint eslint-plugin-regexp
Requirements
- ESLint v6.0.0 and above
- Node.js v8.10.0 and above
:book: Usage
Create .eslintrc.* file to configure rules. See also: http://eslint.org/docs/user-guide/configuring.
Example .eslintrc.js:
module.exports = {
extends: [
// add more generic rulesets here, such as:
// 'eslint:recommended',
'plugin:regexp/recommended'
],
rules: {
// override/add rules settings here, such as:
// 'regexp/rule-name': 'error'
}
}
Configuration
This plugin provides one config:
plugin:regexp/recommended... This is the recommended configuration for this plugin.
See lib/configs/recommended.ts for details.
:white_check_mark: Rules
The --fix option on the command line automatically fixes problems reported by rules which have a wrench :wrench: below.
The rules with the following star :star: are included in the plugin:regexp/recommended config.
| Rule ID | Description | |
|---|---|---|
| regexp/letter-case | enforce into your favorite case | :wrench: |
| regexp/match-any | enforce match any character style | :star::wrench: |
| regexp/negation | enforce use of escapes on negation | :wrench: |
| regexp/no-assertion-capturing-group | disallow capturing group that captures assertions. | :star: |
| regexp/no-dupe-characters-character-class | disallow duplicate characters in the RegExp character class | :star: |
| regexp/no-dupe-disjunctions | disallow duplicate disjunctions | |
| regexp/no-empty-group | disallow empty group | :star: |
| regexp/no-empty-lookarounds-assertion | disallow empty lookahead assertion or empty lookbehind assertion | :star: |
| regexp/no-escape-backspace | disallow escape backspace ([\b]) | :star: |
| regexp/no-invisible-character | disallow invisible raw character | :star::wrench: |
| regexp/no-legacy-features | disallow legacy RegExp features | |
| regexp/no-octal | disallow octal escape sequence | :star: |
| regexp/no-unused-capturing-group | disallow unused capturing group | |
| regexp/no-useless-backreference | disallow useless backreferences in regular expressions | |
| regexp/no-useless-character-class | disallow character class with one character | :wrench: |
| regexp/no-useless-dollar-replacements | disallow useless $ replacements in replacement string | |
| regexp/no-useless-escape | disallow unnecessary escape characters in RegExp | |
| regexp/no-useless-exactly-quantifier | disallow unnecessary exactly quantifier | :star: |
| regexp/no-useless-non-capturing-group | disallow unnecessary Non-capturing group | :wrench: |
| regexp/no-useless-non-greedy | disallow unnecessary quantifier non-greedy (?) | :wrench: |
| regexp/no-useless-range | disallow unnecessary range of characters by using a hyphen | :wrench: |
| regexp/no-useless-two-nums-quantifier | disallow unnecessary {n,m} quantifier | :star: |
| regexp/order-in-character-class | enforces elements order in character class | :wrench: |
| regexp/prefer-character-class | enforce using character class | :wrench: |
| regexp/prefer-d | enforce using \d | :star::wrench: |
| regexp/prefer-escape-replacement-dollar-char | enforces escape of replacement $ character ($$). | |
| regexp/prefer-plus-quantifier | enforce using + quantifier | :star::wrench: |
| regexp/prefer-quantifier | enforce using quantifier | :wrench: |
| regexp/prefer-question-quantifier | enforce using ? quantifier | :star::wrench: |
| regexp/prefer-range | enforce using character class range | :wrench: |
| regexp/prefer-regexp-exec | enforce that RegExp#exec is used instead of String#match if no global flag is provided | |
| regexp/prefer-regexp-test | enforce that RegExp#test is used instead of String#match and RegExp#exec | :wrench: |
| regexp/prefer-star-quantifier | enforce using * quantifier | :star::wrench: |
| regexp/prefer-t | enforce using \t | :star::wrench: |
| regexp/prefer-unicode-codepoint-escapes | enforce use of unicode codepoint escapes | :wrench: |
| regexp/prefer-w | enforce using \w | :star::wrench: |
:beers: Contributing
Welcome contributing!
Please use GitHub's Issues/PRs.
Development Tools
npm testruns tests and measures coverage.npm run updateruns in order to update readme and recommended configuration.
:lock: License
See the LICENSE file for license rights and limitations (MIT).
FAQs
ESLint plugin for finding RegExp mistakes and RegExp style guide violations.
The npm package eslint-plugin-regexp receives a total of 878,704 weekly downloads. As such, eslint-plugin-regexp popularity was classified as popular.
We found that eslint-plugin-regexp demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 24 Mar 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Industry Insights
From Infra Engineer to CISO: A Conversation with Amplitude’s Terry O’Daniel
Terry O’Daniel, Head of Security at Amplitude, shares insights on building high-impact security teams, aligning with engineering, and why AI gives defenders a fighting chance.
By Feross Aboukhadijeh - Jun 23, 2025
Security News
MCP Spec Updated to Add Structured Tool Output and Improved OAuth 2.1 Compliance
MCP spec updated with structured tool output, stronger OAuth 2.1 security, resource indicators, and protocol cleanups for safer, more reliable AI workflows.
By Sarah Gooding - Jun 19, 2025