Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
named-regexp-groups
Advanced tools
Regular expressions with named capture groups and named back-references
Regular expressions with named capture groups and named back-references
Create a named capture group with (?<name>.*)
or (:<name>.*)
when using
a RegExp. The methods of RegExp are supported excluding compile and toString.
Use named back-references using (?&name)
to include already defined named pattern.
npm install --save named-regexp-groups
import NamedRegExp from 'named-regexp-groups'
//or
const NamedRegExp = require('named-regexp-groups')
// as string
var r = new NamedRegExp('(?<foo>foo)(?<bar>)(-)(?:wat)(?<na>(?:na)+)(?&na)')
// or as regex
var r = new NamedRegExp(/(:<foo>foo)(:<bar>)(-)(?:wat)(:<na>(?:na)+)(:&na)/)
r.source
// => r.source === '(foo)([^]+)(-)(?:wat)((?:na)+)((?:na)+)'
For nodejs < v5.0 core-js
polyfills are required.
Use npm i -S core-js
in your project and add:
// for node < v0.11
require('core-js/es6/object')
// for node < v5.0
require('core-js/es6/string')
require('core-js/es6/symbol')
var r = new NamedRegExp('(?<foo>foo)(?<bar>bar)(-)(?:wat)(?<na>(?:na)+)(?&na)')
r.exec('nanafoobar-watnana')
// => [ 'foobar-watnana', 'foo', 'bar', '-', 'na', 'na',
// index: 4,
// input: 'nanafoobar-watnana',
// groups: { foo: 'foo', bar: 'bar', '0': '-', na: 'na', '1': 'na' } ]
r = new NamedRegExp('(?<foo>foo)(bar)(?:waah)')
r.source
// => '(foo)(bar)(?:waah)'
r.test('nanafoobarwaah')
// => true
If using a string as replacement use $+{name}
to define the placeholder for the capture group.
This follows the Syntax of PCRE Named backreferences.
var r = new NamedRegExp(/(:<year>\d+)-(:<month>\d+)-(:<day>\d+)/)
// ---- using strings
'2017-01-02'.replace(r, 'day: $+{day}, month: $+{month}, year: $+{year}')
// => 'day: 02, month: 01, year: 2017')
// ---- using function
'2016-11-22'.replace(r, function () { // take care of NOT using an arrow function here!
var args = [].slice.call(arguments)
var g = this.groups
return `day: ${args[g.day]}, month: ${args[g.month]}, year: ${args[g.year]}`
})
// => 'day: 22, month: 11, year: 2017')
r = new NamedRegExp('(?<foo>foo)(bar)(?:waah)')
'nanafoobarwaah'.match(r)
// => [ 'foobarwaah', 'foo', 'bar',
// index: 4, input: 'nanafoobarwaah',
// groups: { '0': 'bar', foo: 'foo' } ]
r = new NamedRegExp('(?<foo>foo)')
'nanafoobarwaah'.split(r)
// => [ 'nana', 'foo', 'barwaah' ]
The proposed TC39 proposal-regexp-named-groups is finding it's way into the standard. Chrome>=64 already supports named groups. Maybe node>=10 soon as well...
Paste this into Chrome>=64
r = new RegExp(/(?<foo>foo)(?<bar>bar)(-)(?:wat)(?<na>(?:na)+)/);
o = r.exec('nanafoobar-watnana')
//> (5) ["foobar-watnana", "foo", "bar", "-", "na",
//> index: 4, input: "nanafoobar-watnana",
//> groups: {foo: "foo", bar: "bar", na: "nana"}]
Software is released under MIT.
FAQs
Regular expressions with named capture groups and named back-references
The npm package named-regexp-groups receives a total of 2,398 weekly downloads. As such, named-regexp-groups popularity was classified as popular.
We found that named-regexp-groups demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.