Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
The ip-regex npm package is a module that provides regular expressions for matching IP addresses. It supports both IPv4 and IPv6 addresses and offers options to match exact strings, exclude CIDR notation, and more.
Matching IPv4 addresses
This feature allows you to match IPv4 addresses in a given string using the ipRegex.v4() method.
const ipRegex = require('ip-regex');
// Match all IPv4 addresses in a string
const text = 'Examples: 192.168.0.1 and 8.8.8.8';
const ips = text.match(ipRegex.v4());
console.log(ips);
Matching IPv6 addresses
This feature allows you to match IPv6 addresses in a given string using the ipRegex.v6() method.
const ipRegex = require('ip-regex');
// Match all IPv6 addresses in a string
const text = 'Examples: 1:2:3:4:5:6:7:8 and ::1';
const ips = text.match(ipRegex.v6());
console.log(ips);
Matching exact IP addresses
This feature allows you to match an exact IP address string using the ipRegex.v4() or ipRegex.v6() method with the 'exact' option set to true.
const ipRegex = require('ip-regex');
// Match an exact IPv4 address
const exactMatch = ipRegex.v4({exact: true}).test('192.168.0.1');
console.log(exactMatch);
The 'ip' npm package is used for IP address manipulation, such as formatting and parsing IP addresses, but does not focus on regex matching like ip-regex.
The 'is-ip' npm package is used to check if a given string is an IP address, which is a similar functionality to ip-regex, but it does not provide regex patterns for matching within larger strings.
The 'cidr-regex' npm package provides regular expressions for matching CIDR IP addresses. It is similar to ip-regex in that it provides regex patterns, but it is specifically for CIDR notation.
Regular expression for matching IP addresses
$ npm install ip-regex
This module targets Node.js 12 or later and the latest version of Chrome, Firefox, and Safari. If you want support for older browsers, use version 2.1.0: npm install ip-regex@2.1.0
import ipRegex from 'ip-regex';
// Contains an IP address?
ipRegex().test('unicorn 192.168.0.1');
//=> true
// Is an IP address?
ipRegex({exact: true}).test('unicorn 192.168.0.1');
//=> false
ipRegex.v6({exact: true}).test('1:2:3:4:5:6:7:8');
//=> true
'unicorn 192.168.0.1 cake 1:2:3:4:5:6:7:8 rainbow'.match(ipRegex());
//=> ['192.168.0.1', '1:2:3:4:5:6:7:8']
// Contains an IP address?
ipRegex({includeBoundaries: true}).test('192.168.0.2000000000');
//=> false
// Matches an IP address?
'192.168.0.2000000000'.match(ipRegex({includeBoundaries: true}));
//=> null
Returns a regex for matching both IPv4 and IPv6.
Returns a regex for matching IPv4.
Returns a regex for matching IPv6.
Type: object
Type: boolean
Default: false
(Matches any IP address in a string)
Only match an exact string. Useful with RegExp#test()
to check if a string is an IP address.
Type: boolean
Default: false
Include boundaries in the regex. When true
, 192.168.0.2000000000
will report as an invalid IPv4 address. If this option is not set, the mentioned IPv4 address would report as valid (ignoring the trailing zeros).
FAQs
Regular expression for matching IP addresses (IPv4 & IPv6)
The npm package ip-regex receives a total of 0 weekly downloads. As such, ip-regex popularity was classified as not popular.
We found that ip-regex demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.