Product
Introducing SSO
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.
super-regex
Advanced tools
Readme
Make a regular expression time out if it takes too long to execute
This can be used to prevent ReDoS vulnerabilities when running a regular expression against untrusted user input.
This package also has a better API than the built-in regular expression methods. For example, none of the methods mutate the regex.
The timeout only works in Node.js. In the browser, it will simply not time out.
npm install super-regex
import {isMatch} from 'super-regex';
console.log(isMatch(/\d+/, getUserInput(), {timeout: 1000}));
Returns a boolean for whether the given regex
matches the given string
.
If the regex takes longer to match than the given timeout, it returns false
.
This method is similar to RegExp#test
, but differs in that the given regex
is never mutated, even when it has the /g
flag.
Returns the first Match
or undefined
if there was no match.
If the regex takes longer to match than the given timeout, it returns undefined
.
Returns an iterable of Match
es.
If the regex takes longer to match than the given timeout, it returns an empty array.
The regex
must have the /g
flag.
Type: object
Type: number
(integer)
The time in milliseconds to wait before timing out.
Type: number
(integer)
Only works in matches()
.
The time in milliseconds to wait before timing out when searching for each match.
{
match: string;
index: number;
groups: string[];
namedGroups: {string: string}; // object with string values
input: string;
}
FAQs
Make a regular expression time out if it takes too long to execute
The npm package super-regex receives a total of 302,581 weekly downloads. As such, super-regex popularity was classified as popular.
We found that super-regex demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.