Skip to content

Commit

Permalink
test: ReDoS vulnerability of Nano ID regex
Browse files Browse the repository at this point in the history
  • Loading branch information
@vbudovski
vbudovski committed Jan 1, 2025
1 parent bfd84ad commit 3be994c
Showing 1 changed file with 10 additions and 0 deletions.
10 changes: 10 additions & 0 deletions paseri-lib/src/schemas/string.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -316,6 +316,16 @@ test('Invalid Nano ID', () => {
);
});

test('Nano ID ReDoS', () => {
const diagnostics = checkSync(nanoidRegex.source, nanoidRegex.flags);
if (diagnostics.status === 'vulnerable') {
console.log(`Vulnerable pattern: ${diagnostics.attack.pattern}`);
} else if (diagnostics.status === 'unknown') {
console.log(`Error: ${diagnostics.error.kind}.`);
}
expect(diagnostics.status).toBe('safe');
});

test('Optional', () => {
const schema = p.string().optional();

Expand Down

0 comments on commit 3be994c

Please sign in to comment.