{"id":15651832,"url":"https://github.com/grosser/safe_regexp","last_synced_at":"2025-06-25T17:03:18.341Z","repository":{"id":56894151,"uuid":"178289970","full_name":"grosser/safe_regexp","owner":"grosser","description":"Ruby Regex Timeout / Backtracking Bomb Safety","archived":false,"fork":false,"pushed_at":"2022-04-07T20:38:10.000Z","size":42,"stargazers_count":31,"open_issues_count":1,"forks_count":3,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-05-19T11:15:04.794Z","etag":null,"topics":["regex","regexp","ruby"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/grosser.png","metadata":{"files":{"readme":"Readme.md","changelog":null,"contributing":null,"funding":null,"license":"MIT-LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-03-28T22:14:01.000Z","updated_at":"2023-08-07T12:26:45.000Z","dependencies_parsed_at":"2022-08-20T16:10:47.828Z","dependency_job_id":null,"html_url":"https://github.com/grosser/safe_regexp","commit_stats":null,"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"purl":"pkg:github/grosser/safe_regexp","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grosser%2Fsafe_regexp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grosser%2Fsafe_regexp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grosser%2Fsafe_regexp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grosser%2Fsafe_regexp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/grosser","download_url":"https://codeload.github.com/grosser/safe_regexp/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grosser%2Fsafe_regexp/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":261153582,"owners_count":23116915,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["regex","regexp","ruby"],"created_at":"2024-10-03T12:40:19.398Z","updated_at":"2025-06-25T17:03:18.291Z","avatar_url":"https://github.com/grosser.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"Ruby Regex Timeout / Backtracking Bomb Safety\n\nDon't let untrusted regular expressions kill your servers (cannot be caught with a `Timeout`).\n\nDEPRECATED: Ruby 3.2+ [supports this natively](https://www.ruby-lang.org/en/news/2022/04/03/ruby-3-2-0-preview1-released/)\n\nInstall\n=======\n\n```Bash\ngem install safe_regexp\n```\n\nUsage\n=====\n\n```Ruby\n# normal\n/a/.match?('a') # -\u003e true in 0.0001ms\nSafeRegexp.execute(/a/, :match?, 'a') # -\u003e true in 0.13568ms\n\n# bomb\nrequire \"safe_regexp\"\nregex = /aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?aa?/\nvalue = \"a\" * 46\nregex.match? value # false in ~60s\nSafeRegexp.execute(regex, :match?, value) # -\u003e SafeRegexp::RegexpTimeout\n\n# methods without arguments\nregex = \"^(The '(?\u003cfirst_group\u003e.*)' parameter of the (?\u003csecond_group\u003e.*))$\"\nSafeRegexp.execute(regex, :names) # -\u003e [\"first_group\", \"second_group\"]\n```\n\nBehind the scenes\n=================\n\n - not using `Thread` or `Timeout`\n - spawns a co-processor and `kill -9` it if it takes too long, shuts down after 10s of not being used (to avoid process boot cost), use `keepalive: 0` to shutdown immediately\n - defaults to 1s timeout\n - uses 1 co-processor per thread\n - any `MatchData` object is returned as Array since it cannot be dumped\n\nAuthor\n======\n[Michael Grosser](http://grosser.it)\u003cbr/\u003e\nmichael@grosser.it\u003cbr/\u003e\nLicense: MIT\u003cbr/\u003e\n[![Build Status](https://travis-ci.org/grosser/safe_regexp.png)](https://travis-ci.org/grosser/safe_regexp)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgrosser%2Fsafe_regexp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgrosser%2Fsafe_regexp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgrosser%2Fsafe_regexp/lists"}