fix: unsafe regular expression

.husky/pre-commit

@@ -0,0 +1 @@
+npm test

.xo-config.json

@@ -7,6 +7,7 @@
         "es2021"
     ],
     "rules": {
+        "unicorn/better-regex": "off",
         "unicorn/filename-case": "off",
         "unicorn/prefer-string-replace-all": "off",
         "@typescript-eslint/consistent-type-definitions": "off",

package.json

@@ -1,56 +1,59 @@
 {
-    "name": "@kabeep/exception",
-    "version": "1.2.2",
-    "type": "module",
-    "description": "Exception is a custom error library for Node.js that provides a more flexible and customizable way of handling errors.",
-    "main": "./dist/index.js",
-    "types": "./dist/index.d.ts",
-    "files": [
-        "dist"
-    ],
-    "scripts": {
-        "docs": "jsdoc -c jsdoc.config.json",
-        "lint": "xo src/**/*.ts --fix",
-        "test": "vitest run",
-        "coverage": "vitest run --coverage",
-        "watch": "tsup --watch",
-        "watch:test": "vitest",
-        "build": "tsup --dts --treeshake smallest"
-    },
-    "devDependencies": {
-        "@swc/core": "^1.5.0",
-        "@types/chalk": "^2.2.0",
-        "@types/chalk-pipe": "^2.0.4",
-        "@types/node": "^20.12.7",
-        "@vitest/coverage-istanbul": "^1.5.1",
-        "docdash": "^2.0.2",
-        "jsdoc": "^4.0.2",
-        "ts-node": "^10.9.2",
-        "tsup": "^8.0.2",
-        "typescript": "^5.4.5",
-        "vitest": "^1.5.1",
-        "xo": "^0.58.0"
-    },
-    "dependencies": {
-        "chalk": "^5.3.0",
-        "chalk-pipe": "^6.0.0"
-    },
-    "author": "Zhang Zixin (kabeep)",
-    "homepage": "https://github.com/kabeep/exception#readme",
-    "repository": "git@github.com:kabeep/exception.git",
-    "bugs": "https://github.com/kabeep/exception/issue",
-    "keywords": [
-        "nodejs",
-        "error",
-        "pretty error",
-        "beauty error",
-        "custom error",
-        "unexpected",
-        "exception",
-        "expectation"
-    ],
-    "engines": {
-        "node": ">=14"
-    },
-    "license": "MIT"
+  "name": "@kabeep/exception",
+  "version": "1.2.2",
+  "type": "module",
+  "description": "Exception is a custom error library for Node.js that provides a more flexible and customizable way of handling errors.",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "docs": "jsdoc -c jsdoc.config.json",
+    "lint": "xo src/**/*.ts --fix",
+    "pretest": "npm run lint",
+    "test": "vitest run",
+    "coverage": "vitest run --coverage",
+    "watch": "tsup --watch",
+    "watch:test": "vitest",
+    "build": "tsup --dts --treeshake smallest",
+    "prepare": "husky"
+  },
+  "devDependencies": {
+    "@swc/core": "^1.5.0",
+    "@types/chalk": "^2.2.0",
+    "@types/chalk-pipe": "^2.0.4",
+    "@types/node": "^20.12.7",
+    "@vitest/coverage-istanbul": "^1.5.1",
+    "docdash": "^2.0.2",
+    "husky": "^9.0.11",
+    "jsdoc": "^4.0.2",
+    "ts-node": "^10.9.2",
+    "tsup": "^8.0.2",
+    "typescript": "^5.4.5",
+    "vitest": "^1.5.1",
+    "xo": "^0.58.0"
+  },
+  "dependencies": {
+    "chalk": "^5.3.0",
+    "chalk-pipe": "^6.0.0"
+  },
+  "author": "Zhang Zixin (kabeep)",
+  "homepage": "https://github.com/kabeep/exception#readme",
+  "repository": "git@github.com:kabeep/exception.git",
+  "bugs": "https://github.com/kabeep/exception/issue",
+  "keywords": [
+    "nodejs",
+    "error",
+    "pretty error",
+    "beauty error",
+    "custom error",
+    "unexpected",
+    "exception",
+    "expectation"
+  ],
+  "engines": {
+    "node": ">=14"
+  },
+  "license": "MIT"
 }

src/core/TraceError.ts

@@ -1,5 +1,5 @@
 import { basename, dirname } from 'node:path';
-import { normalizeNumber, normalizePath, normalizeTrack } from '../helpers/index.js';
+import { getAddress, normalizeNumber, normalizePath, normalizeTrack } from '../helpers/index.js';
 import type { TraceOption } from '../shared/index.js';
 import PaletteError from './PaletteError.js';
 
@@ -71,9 +71,9 @@ export default class TraceError extends PaletteError {
         let col: number | undefined;
         let packageName = '[current]';
 
-        const addressMatch = /\(([^)<>]+)\)(?:,\s<anonymous>:\d+:\d+\))?$/.exec(text);
+        const addressMatch = getAddress(text);
         if (addressMatch) {
-            address = addressMatch[1].trim();
+            address = addressMatch.trim();
             name = isEval ? 'eval' : text.slice(0, Math.max(0, text.length - address.length - 2)).trim();
         } else {
             address = text;

src/helpers/get-address.ts

@@ -0,0 +1,25 @@
+function getAddress(text: string) {
+    let index = 0;
+    let start = -1;
+    let end = -1;
+
+    while (index >= 0) {
+        const nextIndex = text.slice(Math.max(0, index)).indexOf('(');
+        index = nextIndex > 0 ? nextIndex + index + 1 : -1;
+
+        if (nextIndex > 0) {
+            start = index;
+        }
+    }
+
+    if (start === -1) return '';
+
+    index = text.slice(Math.max(0, start)).indexOf(')');
+    if (index === -1) return '';
+
+    end = index + start;
+
+    return text.slice(start, end);
+}
+
+export default getAddress;

src/helpers/index.ts

@@ -1,5 +1,5 @@
+export { default as getAddress } from './get-address.js';
 export { default as isBgRgb } from './is-bg-rgb.js';
-export { default as isNil } from './is-nil.js';
 export { default as isRgb } from './is-rgb.js';
 export { default as isString } from './is-string.js';
 export { default as normalizeNumber } from './normalize-number.js';

src/helpers/is-bg-rgb.ts

@@ -1,14 +1,10 @@
+import isRgb from './is-rgb.js';
+
 function isBgRgb(value: string): value is string {
     if (!value.startsWith('bg')) return false;
 
-    const rgbRegular = /^bg\((?:\d{1,3},){2}\d{1,3}\)$/;
-    const numberRegular = /\d{1,3}/g;
-
-    const numberMatch = value.match(numberRegular);
-    const validNumber = Boolean(numberMatch?.every((item) => Number(item) <= 255));
-
-    const validRgb = rgbRegular.test(value.replace(/\s/g, ''));
-    return validNumber && validRgb;
+    const rgbValue = value.slice(2).replace(/\s/g, '');
+    return isRgb(rgbValue);
 }
 
 export default isBgRgb;

src/helpers/is-rgb.ts

@@ -1,12 +1,12 @@
 function isRgb(value: string): value is string {
-    const rgbRegular = /^\((?:\d{1,3},){2}\d{1,3}\)$/;
-    const numberRegular = /\d{1,3}/g;
+    const rgbRegular = /^\(\d{1,3},\d{1,3},\d{1,3}\)$/;
+    const validRgb = rgbRegular.test(value.replace(/\s/g, ''));
+    if (!validRgb) return false;
 
+    const numberRegular = /\d{1,3}/g;
     const numberMatch = value.match(numberRegular);
-    const validNumber = Boolean(numberMatch?.every((item) => Number(item) <= 255));
 
-    const validRgb = rgbRegular.test(value.replace(/\s/g, ''));
-    return validNumber && validRgb;
+    return Boolean(numberMatch?.every((item) => Number(item) <= 255));
 }
 
 export default isRgb;

src/helpers/normalize-rgb.ts

@@ -1,5 +1,6 @@
 function normalizeRgb(color: string, prefix = ''): [number, number, number] {
-    const rgb = color.replace(/[\s()]/g, '').replace(new RegExp(`^${prefix}`), '');
+    const length = color.startsWith(prefix) ? prefix.length : 0;
+    const rgb = color.replace(/[\s()]/g, '').slice(Math.max(0, length));
 
     const [r, g, b] = rgb.split(',').map(Number);
 

test/helpers/get-address.spec.ts

@@ -0,0 +1,45 @@
+import { expect, test } from 'vitest';
+import getAddress from '../../src/helpers/get-address';
+
+test('getAddress - should return empty string for invalid input', () => {
+    const text = '';
+    const result = getAddress(text);
+    const expected = '';
+    expect(result).toBe(expected);
+});
+
+test('getAddress - should return empty string if no parentheses are found', () => {
+    const text = 'This is a test string without parentheses';
+    const result = getAddress(text);
+    const expected = '';
+    expect(result).toBe(expected);
+});
+
+test('getAddress - should return empty string if parentheses are not closed', () => {
+    const text = 'This is a test string with an open parenthesis ( but no closing parenthesis';
+    const result = getAddress(text);
+    const expected = '';
+    expect(result).toBe(expected);
+});
+
+test('getAddress - should return the content within the parentheses', () => {
+    const text = 'This is a test string with (some content) within parentheses';
+    const result = getAddress(text);
+    const expected = 'some content';
+    expect(result).toBe(expected);
+});
+
+test('getAddress - should return the content within the last set of parentheses', () => {
+    const text =
+        'This is a test string with (multiple sets of parentheses) but should return the content within the last one';
+    const result = getAddress(text);
+    const expected = 'multiple sets of parentheses';
+    expect(result).toBe(expected);
+});
+
+test('getAddress - should handle nested parentheses and return the content within the outermost set', () => {
+    const text = 'This is a test string with (nested (parentheses) within parentheses)';
+    const result = getAddress(text);
+    const expected = 'parentheses';
+    expect(result).toBe(expected);
+});