Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Generates regular expressions that match a set of strings.
regexgen
can be installed using npm:
npm install regexgen
The simplest use is to simply pass an array of strings to regexgen
:
const regexgen = require('regexgen');
regexgen(['foobar', 'foobaz', 'foozap', 'fooza']); // => /foo(?:zap?|ba[rz])/
You can also use the Trie
class directly:
const {Trie} = require('regexgen');
let t = new Trie;
t.add('foobar');
t.add('foobaz');
t.toRegExp(); // => /fooba[rz]/
regexgen
also has a simple CLI to generate regexes using inputs from the command line.
$ regexgen
Usage: regexgen [-gimuy] string1 string2 string3...
The optional first parameter is the flags to add
to the regex (e.g. -i
for a case insensitive match).
By default regexgen
will output a standard JavaScript regular expression, with Unicode codepoints converted into UCS-2 surrogate pairs.
If desired, you can request an ES2015-compatible Unicode regular expression by supplying the -u
flag, which results in those codepoints being retained.
$ regexgen 👩 👩💻 👩🏻💻 👩🏼💻 👩🏽💻 👩🏾💻 👩🏿💻
/\uD83D\uDC69(?:(?:\uD83C[\uDFFB-\uDFFF])?\u200D\uD83D\uDCBB)?/
$ regexgen -u 👩 👩💻 👩🏻💻 👩🏼💻 👩🏽💻 👩🏾💻 👩🏿💻
/\u{1F469}(?:[\u{1F3FB}-\u{1F3FF}]?\u200D\u{1F4BB})?/u
Such regular expressions are compatible with current versions of Node, as well as the latest browsers, and may be more transferrable to other languages.
Generate a Trie containing all of the input strings. This is a tree structure where each edge represents a single character. This removes redundancies at the start of the strings, but common branches further down are not merged.
A trie can be seen as a tree-shaped deterministic finite automaton (DFA), so DFA algorithms can be applied. In this case, we apply Hopcroft's DFA minimization algorithm to merge the nondistinguishable states.
Convert the resulting minimized DFA to a regular expression. This is done using
Brzozowski's algebraic method,
which is quite elegant. It expresses the DFA as a system of equations which can be solved
for a resulting regex. Along the way, some additional optimizations are made, such
as hoisting common substrings out of an alternation, and using character class ranges.
This produces an an Abstract Syntax Tree
(AST) for the regex, which is then converted to a string and compiled to a JavaScript
RegExp
object.
MIT
FAQs
Generate regular expressions that match a set of strings
The npm package regexgen receives a total of 13,304 weekly downloads. As such, regexgen popularity was classified as popular.
We found that regexgen demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.