Regex Safety Audit

Create a lint-style audit that blocks regular expressions with super-linear behavior. The audit must rely on the regex performance safeguards provided by the dependency to detect backtracking and move-based ReDoS risks rather than custom pattern parsing.

Capabilities

Flags backtracking risks

• Auditing a file that contains const r = /(a+)+$/; returns ok as false and includes an issue with kind "backtracking" referencing that file path @test

Flags move-based risks

• Auditing a file that contains const r = /(ab|a?b)+$/; returns ok as false and includes an issue with kind "move" referencing that file path @test

Passes safe patterns

• Auditing files containing only /^a+$/ and /^(ab?)+c$/ returns ok as true with an empty issues list @test

Implementation

@generates

API

export type IssueKind = 'backtracking' | 'move';

export interface RegexIssue {
  file: string;
  pattern: string;
  kind: IssueKind;
  message: string;
}

export interface RegexSafetyResult {
  ok: boolean;
  issues: RegexIssue[];
}

export interface AuditOptions {
  format?: 'text' | 'json';
  cwd?: string;
}

export async function runRegexSafetyAudit(paths: string[], options?: AuditOptions): Promise<RegexSafetyResult>;

export async function emitReport(result: RegexSafetyResult, format?: 'text' | 'json'): Promise<string>;

Dependencies { .dependencies }

eslint-plugin-regexp { .dependency }

Provides regex-focused lint rules that detect super-linear backtracking and move issues in regular expressions.