regexpu’s core functionality, i.e. `rewritePattern(pattern, flag, options)`, which enables rewriting regular expressions that make use of the ES6 `u` flag into equivalent ES5-compatible regular expression patterns.
Installations
npm install regexpu-coreDeveloper
Developer Guide
Module System
CommonJS
Min. Node Version
>=4
Typescript Support
No
Node Version
22.11.0
NPM Version
10.9.0
Statistics
71 Stars
173 Commits
12 Forks
9 Watching
2 Branches
7 Contributors
Updated on 21 Nov 2024
Languages
JavaScript (100%)
Total Downloads
Cumulative downloads
Total Downloads
5,948,034,781
Last day
-22.8%
4,285,543
Compared to previous day
Last week
-3.3%
29,097,419
Compared to previous week
Last month
11%
120,740,539
Compared to previous month
Last year
1.2%
1,208,711,460
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
regexpu-core 
regexpu is a source code transpiler that enables the use of ES2015 Unicode regular expressions in JavaScript-of-today (ES5).
regexpu-core contains regexpu’s core functionality, i.e. rewritePattern(pattern, flag), which enables rewriting regular expressions that make use of the ES2015 u flag into equivalent ES5-compatible regular expression patterns.
Installation
To use regexpu-core programmatically, install it as a dependency via npm:
1npm install regexpu-core --save
Then, require it:
1const rewritePattern = require('regexpu-core');
API
This module exports a single function named rewritePattern.
rewritePattern(pattern, flags, options)
This function takes a string that represents a regular expression pattern as well as a string representing its flags, and returns an ES5-compatible version of the pattern.
1rewritePattern('foo.bar', 'u', { unicodeFlag: "transform" }); 2// → 'foo(?:[\\0-\\t\\x0B\\f\\x0E-\\u2027\\u202A-\\uD7FF\\uDC00-\\uFFFF]|[\\uD800-\\uDBFF][\\uDC00-\\uDFFF]|[\\uD800-\\uDBFF])bar' 3 4rewritePattern('[\\u{1D306}-\\u{1D308}a-z]', 'u', { unicodeFlag: "transform" }); 5// → '(?:[a-z]|\\uD834[\\uDF06-\\uDF08])' 6 7rewritePattern('[\\u{1D306}-\\u{1D308}a-z]', 'ui', { unicodeFlag: "transform" }); 8// → '(?:[a-z\\u017F\\u212A]|\\uD834[\\uDF06-\\uDF08])'
regexpu-core can rewrite non-ES6 regular expressions too, which is useful to demonstrate how their behavior changes once the u and i flags are added:
1// In ES5, the dot operator only matches BMP symbols: 2rewritePattern('foo.bar', '', { unicodeFlag: "transform" }); 3// → 'foo(?:[\\0-\\t\\x0B\\f\\x0E-\\u2027\\u202A-\\uFFFF])bar' 4 5// But with the ES2015 `u` flag, it matches astral symbols too: 6rewritePattern('foo.bar', 'u', { unicodeFlag: "transform" }); 7// → 'foo(?:[\\0-\\t\\x0B\\f\\x0E-\\u2027\\u202A-\\uD7FF\\uDC00-\\uFFFF]|[\\uD800-\\uDBFF][\\uDC00-\\uDFFF]|[\\uD800-\\uDBFF])bar'
The optional options argument recognizes the following properties:
Stable regular expression features
These options can be set to false or 'transform'. When using 'transform', the corresponding features are compiled to older syntax that can run in older browsers. When using false (the default), they are not compiled and they can be relied upon to compile more modern features.
-
unicodeFlag- Theuflag, enabling support for Unicode code point escapes in the form\u{...}.1rewritePattern('\\u{ab}', '', { 2 unicodeFlag: 'transform' 3}); 4// → '\\u{ab}' 5 6rewritePattern('\\u{ab}', 'u', { 7 unicodeFlag: 'transform' 8}); 9// → '\\xAB' -
dotAllFlag- Thes(dotAll) flag.1rewritePattern('.', '', { 2 dotAllFlag: 'transform' 3}); 4// → '[\\0-\\t\\x0B\\f\\x0E-\\u2027\\u202A-\\uFFFF]' 5 6rewritePattern('.', 's', { 7 dotAllFlag: 'transform' 8}); 9// → '[\\0-\\uFFFF]' 10 11rewritePattern('.', 'su', { 12 dotAllFlag: 'transform' 13}); 14// → '(?:[\\0-\\uD7FF\\uE000-\\uFFFF]|[\\uD800-\\uDBFF][\\uDC00-\\uDFFF]|[\\uD800-\\uDBFF](?![\\uDC00-\\uDFFF])|(?:[^\\uD800-\\uDBFF]|^)[\\uDC00-\\uDFFF])' -
unicodePropertyEscapes- Unicode property escapes.By default they are compiled to Unicode code point escapes of the form
\u{...}. If theunicodeFlagoption is set to'transform'they often result in larger output, although there are cases (such as\p{Lu}) where it actually decreases the output size.1rewritePattern('\\p{Script_Extensions=Anatolian_Hieroglyphs}', 'u', { 2 unicodePropertyEscapes: 'transform' 3}); 4// → '[\\u{14400}-\\u{14646}]' 5 6rewritePattern('\\p{Script_Extensions=Anatolian_Hieroglyphs}', 'u', { 7 unicodeFlag: 'transform', 8 unicodePropertyEscapes: 'transform' 9}); 10// → '(?:\\uD811[\\uDC00-\\uDE46])' -
namedGroups- Named capture groups.1rewritePattern('(?<name>.)\\k<name>', '', { 2 namedGroups: 'transform' 3}); 4// → '(.)\1' -
unicodeSetsFlag- Thev(unicodeSets) flag1rewritePattern('[\\p{Emoji}&&\\p{ASCII}]', 'v', { 2 unicodeSetsFlag: 'transform' 3}); 4// → '[#\\*0-9]'By default, patterns with the
vflag are transformed to patterns with theuflag. If you want to downlevel them more you can set theunicodeFlag: 'transform'option.1rewritePattern('[^[a-h]&&[f-z]]', 'v', { 2 unicodeSetsFlag: 'transform' 3}); 4// → '[^f-h]' (to be used with /u)1rewritePattern('[^[a-h]&&[f-z]]', 'v', { 2 unicodeSetsFlag: 'transform', 3 unicodeFlag: 'transform' 4}); 5// → '(?:(?![f-h])[\s\S])' (to be used without /u) -
modifiers- Inlinei/m/smodifiers1rewritePattern('(?i:[a-z])[a-z]', '', { 2 modifiers: 'transform' 3}); 4// → '(?:[a-zA-Z])([a-z])'
Experimental regular expression features
These options can be set to false, 'parse' and 'transform'. When using 'transform', the corresponding features are compiled to older syntax that can run in older browsers. When using 'parse', they are parsed and left as-is in the output pattern. When using false (the default), they result in a syntax error if used.
Once these features become stable (when the proposals are accepted as part of ECMAScript), they will be parsed by default and thus 'parse' will behave like false.
Miscellaneous options
-
onNamedGroupThis option is a function that gets called when a named capture group is found. It receives two parameters: the name of the group, and its index.
1rewritePattern('(?<name>.)\\k<name>', '', { 2 onNamedGroup(name, index) { 3 console.log(name, index); 4 // → 'name', 1 5 } 6}); -
onNewFlagsThis option is a function that gets called to pass the flags that the resulting pattern must be interpreted with.
1rewritePattern('abc', 'um', '', { 2 unicodeFlag: 'transform', 3 onNewFlags(flags) { 4 console.log(flags); 5 // → 'm' 6 } 7})
Caveats
- Lookbehind assertions cannot be transformed to older syntax.
- When using
namedGroups: 'transform', regexpu-core only takes care of the syntax: you will still need a runtime wrapper around the regular expression to populate the.groupsproperty ofRegExp.prototype.match()'s result. If you are using regexpu-core via Babel, it's handled automatically.
For maintainers
How to publish a new release
-
On the
mainbranch, bump the version number inpackage.json:1npm version patch -m 'Release v%s'Instead of
patch, useminorormajoras needed.Note that this produces a Git commit + tag.
-
Push the release commit and tag:
1git push --follow-tagsOur CI then automatically publishes the new release to npm.
-
Once the release has been published to npm, update
regexputo make use of it, and cut a new release ofregexpuas well.
Author
 |
|---|
| Mathias Bynens |
License
regexpu-core is available under the MIT license.
No vulnerabilities found.
Reason
18 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE-MIT.txt:0
- Info: FSF or OSI recognized license: MIT License: LICENSE-MIT.txt:0
Reason
Found 25/30 approved changesets -- score normalized to 8
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/mathiasbynens/regexpu-core/main.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/mathiasbynens/regexpu-core/main.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/mathiasbynens/regexpu-core/main.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/mathiasbynens/regexpu-core/main.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/mathiasbynens/regexpu-core/main.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-on-tag.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/mathiasbynens/regexpu-core/publish-on-tag.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-on-tag.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/mathiasbynens/regexpu-core/publish-on-tag.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/main.yml:28
- Warn: npmCommand not pinned by hash: .github/workflows/main.yml:48
- Warn: npmCommand not pinned by hash: .github/workflows/main.yml:50
- Warn: npmCommand not pinned by hash: .github/workflows/publish-on-tag.yml:20
- Info: 0 out of 7 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 4 npmCommand dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/main.yml:1
- Warn: no topLevel permission defined: .github/workflows/publish-on-tag.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'main'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 25 are checked with a SAST tool
Score
5.1
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More