I made TypeScript bindings for the Rust Regex library to prevent Regular Expression Denial of Service attacks. Rust's Regex uses a linear-time guaranteed Regex engine (which prevents these attacks) and I wanted to bring this functionality to TypeScript as a drop-in replacement for RegExp. Many CVEs happen because TypeScript libraries are vulnerable to these types of attacks. This library attempts to mitigate these vulnerabilities for TypeScript and JavaScript.I'm really fascinated by making programming languages safer and I would love to hear any feedback on how to improve this project. I'll try to answer all questions posted in the comments.
Thanks!
- Jake
No comments yet.