You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I noticed a very recent paper by @Aurele-Barriere & @cpitclaudel that describes an algorithm for js regex lookbehinds and lookarounds that isn't vulnerable to ReDoS. Think it'd be worth adding to re2? I'm unemployed ATM, so this could be fun for me if it's the kind of direction you'd like to go.
The text was updated successfully, but these errors were encountered:
I suggest to write a minimal C/C++ implementation — we can dress it up as a Node extension later using the technique I used for node-re2, Node-API, or wasm.
Obviously, you can start with a POC written in JS, which is neat by itself.
Ultimately, if it works, it can be a sister project for node-re2.
@Aurele-Barriere and @cpitclaudel: I want to clarify that I am not a maintainer of google/re2. I am a maintainer of Node bindings for that library interested in using modern fast tools, which are stable in the case of ReDOS yet mimic the standard JS regular expressions as much as possible so it can be used as a drop-in replacement.
While I can switch the underlying libraries, if you are interested in incorporating your code in google/re2, you should talk to different people. Naturally, I assume that would be some faceless shirts from some bowels of Google. :-D
I noticed a very recent paper by @Aurele-Barriere & @cpitclaudel that describes an algorithm for js regex lookbehinds and lookarounds that isn't vulnerable to ReDoS. Think it'd be worth adding to re2? I'm unemployed ATM, so this could be fun for me if it's the kind of direction you'd like to go.
The text was updated successfully, but these errors were encountered: