Regolith
A server-side TypeScript and JavaScript library immune to Regular Expression Denial of Service (ReDoS) attacks by using Rust and linear Regex under the hood. Regolith has a linear worst case time complexity, compared to the default RegExp found in TypeScript and JavaScript, which has an exponential worst case.
Motivation: I wanted a Regex library for TypeScript and JavaScript where I didn't have to worry about ReDoS attacks.
Important Regolith is still early in development! We need help building and getting developer adoption!
Drop-in Replacement
Regolith attempts to be a drop-in replacement for RegExp and requires minimal (to no) changes to be used instead. The goal of Regolith is to allow developers to easily build software that is immune to ReDoS attacks.
Preventing ReDoS Attacks
What are ReDoS attacks?
Regular Expression Denial of Service (ReDoS) attacks occur when vulnerable Regex patterns are executed with specifically constructed inputs that result in an inefficient execution. This can be exploited to cause services to become unavailable because the services are stuck trying to compute the inefficient Regex.
Read more: owasp.org & learn.snyk.io
... continue reading