Security News
Crates.io Users Targeted by Phishing Emails
The Rust Security Response WG is warning of phishing emails from rustfoundation.dev targeting crates.io users.
By Sarah Gooding - Sep 12, 2025
url-id-replace
Advanced tools
url-id-replace
Replace things like IDs and other regexes in a URL path with a placeholder
Sample Usage
const parse = require('url-id-replace')();
console.log(parse('/users/12345')); // /users/*
console.log(parse('/users/123e4567-e89b-12d3-a456-426655440000/')); // /users/*/
Built-in Matchers
A few common matchers are already provided:
const builtInMatchers = urlIdReplace.getBuiltInMatchers();
// Returns an object that looks like this:
{
digits: ..., // Regex for matching only digits
uuid: .., // Regex for matching only UUIDs
hexLowercase: ..., // Regex for matching only lowercase hex values that are at least 7 characters
hexUppercase: ..., // Regex for matching only uppercase hex values that are at least 7 chracters
iso8061: ... // Regex for matching ISO8061 timestamp values
}
Currently, only digits and uuid are included in the list of default matchers. (IE: if you use
the default parameters when building the parser.) The others are provided for your convenience if
you need them. Simply follow the next step for adding custom matchers.
Custom Matchers
Custom matchers are regexes that can be specified when the parser is created
const parse = require('url-id-replace')({
matchers: [/^ITEM-\d*$/]
});
console.log(parse('/items/ITEM-12345/location')); // /items/*/location
console.log(parse('/items/123')); // items/123 -- the default matchers were overwritten
This will override the default matchers. The default matchers are still available if you need them
by calling getDefaultMatchers(). This returns an array of the default RegExps, to which you can
then add other matchers:
const urlIdReplace = require('url-id-replace');
const parse = urlIdReplace({
matchers: urlIdReplace.getDefaultMatchers().concat(/^ITEM-\d*$/)
});
console.log(parse('/items/ITEM-12345/location')); // /items/*/location
console.log(parse('/items/123')); // items/*
You can include the built-in matchers in a similar way:
const urlIdReplace = require('url-id-replace');
const parse = urlIdReplace({
matchers: [urlIdReplace.getBuiltInMatchers().hexLowercase]
});
console.log(parse('/items/abc348f/location')); // /items/*/location
Changing the Placeholder
Instead of *, you can specify any string you want to be used for matches:
const parse = require('url-id-replace')({
placeholder: 'X'
});
console.log(parse('/items/123/location/')); // items/X/location/
FAQs
Used for replacing parts of a path that look like IDs
The npm package url-id-replace receives a total of 55 weekly downloads. As such, url-id-replace popularity was classified as not popular.
We found that url-id-replace demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 26 Oct 2017
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Custom Pull Request Alert Comment Headers
Socket now lets you customize pull request alert headers, helping security teams share clear guidance right in PRs to speed reviews and reduce back-and-forth.
By André Staltz - Sep 12, 2025
Product
Rust Support Now in Beta
Socket's Rust support is moving to Beta: all users can scan Cargo projects and generate SBOMs, including Cargo.toml-only crates, with Rust-aware supply chain checks.
By Mikola Lysenko, Trevor Norris - Sep 11, 2025