Menu
const str = 'Test test1 test2'
const pat = 'test';
const re = new RegExp(pat, 'i'); //Found non-literal argument to RegExp Constructoreslint(security/detect-non-literal-regexp)
const result = str.replace(re, "abc");
console.log(result);
Please help me to solved this.Thanking you in advance!
501
asked Jan 25 '26 17:01
ESLint detect-non-literal-regexp rule explains the logic behind it:
Detects RegExp(variable), which might allow an attacker to DOS your server with a long-running regular expression.
More information: Regular Expression DoS and Node.js
If you need to build regexps dynamically, disable the rule and use your code. Maybe implement the regex match cancel timeout feature.
If you have a simple static pattern like in the question, use regex literal notation:
const re = /test/i;
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
