regex-prepared-statements
v1.0.1
Published
SQL like prepared statements for regular expressions
Downloads
0
Maintainers
Readme
Regex Prepared Statements
SQL like prepared statements for regular expressions
Regex prepared statements helps with sanitizing user inputs for usage in regular expression statements.
Similar to SQL's ?
, this library uses a sequence of special characters <_>
that will be replaced with sanitized
inputs via escape-string-regexp
as a peer dependency.
npm install regex-prepared-statements
Additionally you'll need to install the peer dependency escape-string-regexp
npm install escape-string-regexp
Example usages
Simple replacement:
regexp('^foo<_>baz$')('bar') // Produces a regex '^foobarbaz$'
Passing flags:
regexp('^foo<_>baz$', 'i)'('bar') // Produces a regex '^foobarbaz$'
Multiple place holders:
regexp('^<_><_><_>$')('foo', 'bar', 'baz') // Produces a regex '^foobarbaz$'
Regex syntax within a placeholder:
regexp('_<>_<_>?/?_<_>?.*')('.*)*.*///', '<_>')) // Produces a regex '_<>_\\.\\*\\)\\*\\.\\*\\/\\/\\/?\\/?_<_>?.*'
For use cases where you just need a simple sanitization:
regexpSimple(".?") // Produces a regex '\\.\\?'
ESLint Rule
We suggest using this eslint rule to help enforce the usage of this regex library:
"no-restricted-syntax": ["error", {
"selector": "NewExpression[callee.name='RegExp']",
"message": "Use regexp() prepared regex function instead.",
}],