Detects "RegExp(variable)", which might allow an attacker to DOS your server with a long-running regular expression (security/detect-non-literal-regexp)

December 14, 2022 · View on GitHub

⚠️ This rule warns in the ✅ recommended config.