Skip to content
/ redosy Public

Regex Denial of Service static analysis tool for javascript and node.js

Notifications You must be signed in to change notification settings

alxolr/redosy

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Redosy Build Status

Redosy is a global npm package that scans your javascript source files for ReDoS

Installation

npm install -g redosy

Usage

redosy ./path/to/your/project/folder

Result

Redosy scans your application for Regex Denial of Service errors.
Was found the following issues

index.js
/([a-zA-Z]+)*/i on line 3 column 29
/([a-zA-Z]+)*/i on line 4 column 30

Ignore a specific regex

// redosy-disable-next-line
const ignoreVulnerableRegex = /([a-zA-Z]+)*/i;

About

Regex Denial of Service static analysis tool for javascript and node.js

Resources

Stars

Watchers

Forks

Packages

No packages published