recheck
The trustworthy ReDoS checker (by makenowjust-labs)
py
Python development support library (note: maintenance only) (by pytest-dev)
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
recheck
Posts with mentions or reviews of recheck.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-12-28.
-
Protegendo sua API NodeJs contra ReDos Attack[Parte 3]
Recheck
-
ReDoS “Vulnerabilities” and Misaligned Incentives
I'm using a great ReDoS checker.
https://github.com/makenowjust-labs/recheck
I use the checker to basically fix even regular expressions that are not actually vulnerable. This checker can be used as a lint, so there is no excuse to allow regular lint but not regular expression lint. ReDoS hunt is very enjoyable. Enjoy!
-
I'm working on a regular expression reuse database. You can search with examples to find regexes that have already been written in other projects
Please run all of your RegExs into a reliable regex checker. Many of the ones I saw are vulnerable to Regular Expression Denial of Service (ReDoS) attacks because they are inefficient for large inputs. I've used https://github.com/makenowjust-labs/recheck to check all of my projects using a simple file walker to make sure all of my projects are safe so maybe you could also try using recheck.
py
Posts with mentions or reviews of py.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-12-28.
-
ReDoS “Vulnerabilities” and Misaligned Incentives
One example of this was a CVE for ReDoS in the `py` support library, which caused failed CI runs and "noise for hundreds of thousands of pytest users" despite being of questionable severity (as original article explains) and not actually used anywhere in the wild.
https://github.com/pytest-dev/py/issues/287
- 18 Year Old Py RegEx Is Added to List of CVEs, Causes 1000s of Builds to Fail
- ReDoS Vulnerability in Svnurl.py #287
What are some alternatives?
When comparing recheck and py you can also consider the following projects:
scalajs-react - Facebook's React on Scala.JS
loader-utils - utils for webpack loaders
lodash - A modern JavaScript utility library delivering modularity, performance, & extras.
Cortex - Cortex: a Powerful Observable Analysis and Active Response Engine
Scala.js - Scala.js, the Scala to JavaScript compiler
zio-json - Fast, secure JSON library with tight ZIO integration.