Security News
ESLint is Now Language-Agnostic: Linting JSON, Markdown, and Beyond
ESLint has added JSON and Markdown linting support with new officially-supported plugins, expanding its versatility beyond JavaScript.
eslint-plugin-regexp
Advanced tools
ESLint plugin for finding RegExp mistakes and RegExp style guide violations.
eslint-plugin-regexp is an ESLint plugin that provides linting rules for regular expressions. It helps developers write more efficient, readable, and secure regular expressions by catching common mistakes and suggesting improvements.
No Unnecessary Escape
This rule disallows unnecessary escape characters in regular expressions. In the example, the backslash before the dot is unnecessary and should be removed.
/* eslint regexp/no-useless-escape: 'error' */
const regex = /\./;
No Obscure Character Class
This rule disallows obscure character class ranges that can be confusing or error-prone. In the example, the character class is clear and does not contain obscure ranges.
/* eslint regexp/no-obscure-range: 'error' */
const regex = /[a-zA-Z]/;
No Unnecessary Quantifier
This rule disallows unnecessary quantifiers in regular expressions. In the example, the quantifier {1} is unnecessary and should be removed.
/* eslint regexp/no-useless-quantifier: 'error' */
const regex = /a{1}/;
No Empty Character Class
This rule disallows empty character classes in regular expressions. In the example, the character class is empty and should be corrected.
/* eslint regexp/no-empty-character-class: 'error' */
const regex = /[]/;
eslint-plugin-security is an ESLint plugin that helps identify potential security issues in JavaScript code. While it covers a broader range of security concerns, it includes some rules related to regular expressions, such as detecting potential ReDoS (Regular Expression Denial of Service) vulnerabilities. It is more general in scope compared to eslint-plugin-regexp.
eslint-plugin-unicorn is a collection of various ESLint rules aimed at improving code quality and consistency. It includes some rules for regular expressions, such as preventing potential ReDoS attacks and suggesting more readable patterns. However, it is not as focused on regular expressions as eslint-plugin-regexp.
eslint-plugin-regexp is ESLint plugin for finding RegExp mistakes and RegExp style guide violations.
This ESLint plugin provides linting rules relate to better ways to help you avoid problems when using RegExp.
You can check on the Online DEMO.
See documents.
npm install --save-dev eslint eslint-plugin-regexp
Requirements
- ESLint v8.44.0 and above
- Node.js v18.x, v20.x and above
Add regexp
to the plugins section of your eslint.config.js
or .eslintrc
configuration file (you can omit the eslint-plugin-
prefix)
and either use one of the two configurations available (recommended
or all
) or configure the rules you want:
The plugin.configs["flat/recommended"]
config enables a subset of the rules that should be most useful to most users.
See lib/configs/rules/recommended.ts for more details.
// eslint.config.js
import * as regexpPlugin from "eslint-plugin-regexp"
export default [
regexpPlugin.configs["flat/recommended"],
];
The plugin:regexp/recommended
config enables a subset of the rules that should be most useful to most users.
See lib/configs/rules/recommended.ts for more details.
// .eslintrc.js
module.exports = {
"plugins": [
"regexp"
],
"extends": [
// add more generic rulesets here, such as:
// 'eslint:recommended',
"plugin:regexp/recommended"
]
}
Override/add specific rules configurations. See also: http://eslint.org/docs/user-guide/configuring.
// eslint.config.js
import * as regexpPlugin from "eslint-plugin-regexp"
export default [
{
plugins: { regexp: regexpPlugin }
rules: {
// Override/add rules settings here, such as:
"regexp/rule-name": "error"
}
}
];
// .eslintrc.js
module.exports = {
"plugins": [
"regexp"
],
"rules": {
// Override/add rules settings here, such as:
"regexp/rule-name": "error"
}
}
The plugin.configs["flat/all"]
/ plugin:regexp/all
config enables all rules. It's meant for testing, not for production use because it changes with every minor and major version of the plugin. Use it at your own risk.
See lib/configs/rules/all.ts for more details.
πΌ Configurations enabled in.
β οΈ Configurations set to warn in.
π’ Set in the flat/recommended
configuration.
π΅ Set in the recommended
configuration.
π§ Automatically fixable by the --fix
CLI option.
π‘ Manually fixable by editor suggestions.
NameΒ Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β | Description | πΌ | β οΈ | π§ | π‘ |
---|---|---|---|---|---|
no-contradiction-with-assertion | disallow elements that contradict assertions | π’ π΅ | π‘ | ||
no-control-character | disallow control characters | π‘ | |||
no-dupe-disjunctions | disallow duplicate disjunctions | π’ π΅ | π‘ | ||
no-empty-alternative | disallow alternatives without elements | π’ π΅ | π‘ | ||
no-empty-capturing-group | disallow capturing group that captures empty. | π’ π΅ | |||
no-empty-character-class | disallow character classes that match no characters | π’ π΅ | |||
no-empty-group | disallow empty group | π’ π΅ | |||
no-empty-lookarounds-assertion | disallow empty lookahead assertion or empty lookbehind assertion | π’ π΅ | |||
no-escape-backspace | disallow escape backspace ([\b] ) | π’ π΅ | π‘ | ||
no-invalid-regexp | disallow invalid regular expression strings in RegExp constructors | π’ π΅ | |||
no-lazy-ends | disallow lazy quantifiers at the end of an expression | π’ π΅ | π‘ | ||
no-misleading-capturing-group | disallow capturing groups that do not behave as one would expect | π’ π΅ | π‘ | ||
no-misleading-unicode-character | disallow multi-code-point characters in character classes and quantifiers | π’ π΅ | π§ | π‘ | |
no-missing-g-flag | disallow missing g flag in patterns used in String#matchAll and String#replaceAll | π’ π΅ | π§ | ||
no-optional-assertion | disallow optional assertions | π’ π΅ | |||
no-potentially-useless-backreference | disallow backreferences that reference a group that might not be matched | π’ π΅ | |||
no-super-linear-backtracking | disallow exponential and polynomial backtracking | π’ π΅ | π§ | ||
no-super-linear-move | disallow quantifiers that cause quadratic moves | ||||
no-useless-assertions | disallow assertions that are known to always accept (or reject) | π’ π΅ | π‘ | ||
no-useless-backreference | disallow useless backreferences in regular expressions | π’ π΅ | |||
no-useless-dollar-replacements | disallow useless $ replacements in replacement string | π’ π΅ | |||
strict | disallow not strictly valid regular expressions | π’ π΅ | π§ | π‘ |
NameΒ Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β | Description | πΌ | β οΈ | π§ | π‘ |
---|---|---|---|---|---|
confusing-quantifier | disallow confusing quantifiers | π’ π΅ | |||
control-character-escape | enforce consistent escaping of control characters | π’ π΅ | π§ | ||
negation | enforce use of escapes on negation | π’ π΅ | π§ | ||
no-dupe-characters-character-class | disallow duplicate characters in the RegExp character class | π’ π΅ | π§ | ||
no-empty-string-literal | disallow empty string literals in character classes | π’ π΅ | |||
no-extra-lookaround-assertions | disallow unnecessary nested lookaround assertions | π’ π΅ | π§ | ||
no-invisible-character | disallow invisible raw character | π’ π΅ | π§ | ||
no-legacy-features | disallow legacy RegExp features | π’ π΅ | |||
no-non-standard-flag | disallow non-standard flags | π’ π΅ | |||
no-obscure-range | disallow obscure character ranges | π’ π΅ | |||
no-octal | disallow octal escape sequence | π‘ | |||
no-standalone-backslash | disallow standalone backslashes (\ ) | ||||
no-trivially-nested-assertion | disallow trivially nested assertions | π’ π΅ | π§ | ||
no-trivially-nested-quantifier | disallow nested quantifiers that can be rewritten as one quantifier | π’ π΅ | π§ | ||
no-unused-capturing-group | disallow unused capturing group | π’ π΅ | π§ | π‘ | |
no-useless-character-class | disallow character class with one character | π’ π΅ | π§ | ||
no-useless-flag | disallow unnecessary regex flags | π’ π΅ | π§ | ||
no-useless-lazy | disallow unnecessarily non-greedy quantifiers | π’ π΅ | π§ | ||
no-useless-quantifier | disallow quantifiers that can be removed | π’ π΅ | π§ | π‘ | |
no-useless-range | disallow unnecessary character ranges | π’ π΅ | π§ | ||
no-useless-set-operand | disallow unnecessary elements in expression character classes | π’ π΅ | π§ | ||
no-useless-string-literal | disallow string disjunction of single characters in \q{...} | π’ π΅ | π§ | ||
no-useless-two-nums-quantifier | disallow unnecessary {n,m} quantifier | π’ π΅ | π§ | ||
no-zero-quantifier | disallow quantifiers with a maximum of zero | π’ π΅ | π‘ | ||
optimal-lookaround-quantifier | disallow the alternatives of lookarounds that end with a non-constant quantifier | π’ π΅ | π‘ | ||
optimal-quantifier-concatenation | require optimal quantifiers for concatenated quantifiers | π’ π΅ | π§ | ||
prefer-escape-replacement-dollar-char | enforces escape of replacement $ character ($$ ). | ||||
prefer-predefined-assertion | prefer predefined assertion over equivalent lookarounds | π’ π΅ | π§ | ||
prefer-quantifier | enforce using quantifier | π§ | |||
prefer-range | enforce using character class range | π’ π΅ | π§ | ||
prefer-regexp-exec | enforce that RegExp#exec is used instead of String#match if no global flag is provided | ||||
prefer-regexp-test | enforce that RegExp#test is used instead of String#match and RegExp#exec | π§ | |||
prefer-set-operation | prefer character class set operations instead of lookarounds | π’ π΅ | π§ | ||
require-unicode-regexp | enforce the use of the u flag | π§ | |||
require-unicode-sets-regexp | enforce the use of the v flag | π§ | |||
simplify-set-operations | require simplify set operations | π’ π΅ | π§ | ||
sort-alternatives | sort alternatives if order doesn't matter | π§ | |||
use-ignore-case | use the i flag if it simplifies the pattern | π’ π΅ | π§ |
NameΒ Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β Β | Description | πΌ | β οΈ | π§ | π‘ |
---|---|---|---|---|---|
grapheme-string-literal | enforce single grapheme in string literal | ||||
hexadecimal-escape | enforce consistent usage of hexadecimal escape | π§ | |||
letter-case | enforce into your favorite case | π§ | |||
match-any | enforce match any character style | π’ π΅ | π§ | ||
no-useless-escape | disallow unnecessary escape characters in RegExp | π’ π΅ | π§ | ||
no-useless-non-capturing-group | disallow unnecessary non-capturing group | π’ π΅ | π§ | ||
prefer-character-class | enforce using character class | π’ π΅ | π§ | ||
prefer-d | enforce using \d | π’ π΅ | π§ | ||
prefer-lookaround | prefer lookarounds over capturing group that do not replace | π§ | |||
prefer-named-backreference | enforce using named backreferences | π§ | |||
prefer-named-capture-group | enforce using named capture groups | ||||
prefer-named-replacement | enforce using named replacement | π§ | |||
prefer-plus-quantifier | enforce using + quantifier | π’ π΅ | π§ | ||
prefer-question-quantifier | enforce using ? quantifier | π’ π΅ | π§ | ||
prefer-result-array-groups | enforce using result array groups | π§ | |||
prefer-star-quantifier | enforce using * quantifier | π’ π΅ | π§ | ||
prefer-unicode-codepoint-escapes | enforce use of unicode codepoint escapes | π’ π΅ | π§ | ||
prefer-w | enforce using \w | π’ π΅ | π§ | ||
sort-character-class-elements | enforces elements order in character class | π§ | |||
sort-flags | require regex flags to be sorted | π’ π΅ | π§ | ||
unicode-escape | enforce consistent usage of unicode escape or unicode codepoint escape | π§ | |||
unicode-property | enforce consistent naming of unicode properties | π§ |
See Settings.
eslint-plugin-regexp follows Semantic Versioning and ESLint's Semantic Versioning Policy.
Welcome contributing!
Please use GitHub's Issues/PRs.
See CONTRIBUTING.md.
npm test
runs tests and measures coverage.npm run update
runs in order to update readme and recommended configuration.npm run new [new rule name]
runs to create the files needed for the new rule.npm run docs:watch
starts the website locally.See the LICENSE file for license rights and limitations (MIT).
FAQs
ESLint plugin for finding RegExp mistakes and RegExp style guide violations.
The npm package eslint-plugin-regexp receives a total of 313,973 weekly downloads. As such, eslint-plugin-regexp popularity was classified as popular.
We found that eslint-plugin-regexp demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago.Β It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
ESLint has added JSON and Markdown linting support with new officially-supported plugins, expanding its versatility beyond JavaScript.
Security News
Members Hub is conducting large-scale campaigns to artificially boost Discord server metrics, undermining community trust and platform integrity.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.