chore: add linter rules for regexp (#3500)

## About the changes Add linter rules for regexp security vulnerabilities Commit 1c5d54c76e [fails due to regexp/no-super-linear-backtracking](https://github.com/Unleash/unleash/actions/runs/4668430535/jobs/8265506170#step:5:37) as reported here: https://github.com/Unleash/unleash/security/code-scanning/1 [0127d1a](0127d1a746) fixes the issues and warnings by running `yarn lint --fix`
2025-01-25 00:07:47 +01:00 · 2023-04-17 09:11:22 +02:00 · 2023-04-17 09:11:22 +02:00 · ea9bf7f447
commit ea9bf7f447
parent 6cc51b7ba0
8 changed files with 164 additions and 40 deletions
--- a/.eslintrc
+++ b/.eslintrc
@ -9,7 +9,7 @@
        "ecmaVersion": 2019,
        "project": "./tsconfig.json"
    },
-    "plugins": ["@typescript-eslint", "prettier", "import", "no-only-tests"],
+    "plugins": ["@typescript-eslint", "prettier", "import", "no-only-tests", "regexp"],
    "root": true,
    "rules": {
        "@typescript-eslint/no-var-requires": 0,
@ -32,7 +32,11 @@
            {
                "capIsNewExceptions": ["Router", "Mitm"]
            }
-        ]
+        ],
+        "regexp/no-super-linear-backtracking": "error",
+        "regexp/strict": "warn",
+        "regexp/no-useless-escape": "warn",
+        "prefer-regex-literals": "warn"
    },
    "overrides": [
        {
--- a/package.json
+++ b/package.json
@ -172,13 +172,14 @@
    "copyfiles": "2.4.1",
    "coveralls": "3.1.1",
    "del-cli": "5.0.0",
-    "eslint": "8.34.0",
+    "eslint": "^8.38.0",
    "eslint-config-airbnb-base": "15.0.0",
    "eslint-config-airbnb-typescript": "17.0.0",
    "eslint-config-prettier": "8.6.0",
    "eslint-plugin-import": "2.27.5",
    "eslint-plugin-no-only-tests": "^3.1.0",
    "eslint-plugin-prettier": "4.2.1",
+    "eslint-plugin-regexp": "^1.14.0",
    "faker": "5.5.3",
    "fast-check": "3.6.3",
    "fetch-mock": "9.11.0",
--- a/src/lib/metrics.test.ts
+++ b/src/lib/metrics.test.ts
@ -66,7 +66,7 @@ test('should collect metrics for requests', async () => {

    const metrics = await prometheusRegister.metrics();
    expect(metrics).toMatch(
-        /http_request_duration_milliseconds{quantile="0\.99",path="somePath",method="GET",status="200",appName="undefined"}.*1337/,
+        /http_request_duration_milliseconds\{quantile="0\.99",path="somePath",method="GET",status="200",appName="undefined"\}.*1337/,
    );
 });

@ -79,7 +79,7 @@ test('should collect metrics for updated toggles', async () => {

    const metrics = await prometheusRegister.metrics();
    expect(metrics).toMatch(
-        /feature_toggle_update_total{toggle="TestToggle",project="default",environment="default"} 1/,
+        /feature_toggle_update_total\{toggle="TestToggle",project="default",environment="default"\} 1/,
    );
 });

@ -97,7 +97,7 @@ test('should collect metrics for client metric reports', async () => {

    const metrics = await prometheusRegister.metrics();
    expect(metrics).toMatch(
-        /feature_toggle_usage_total{toggle="TestToggle",active="true",appName="undefined"} 10\nfeature_toggle_usage_total{toggle="TestToggle",active="false",appName="undefined"} 5/,
+        /feature_toggle_usage_total\{toggle="TestToggle",active="true",appName="undefined"\} 10\nfeature_toggle_usage_total\{toggle="TestToggle",active="false",appName="undefined"\} 5/,
    );
 });

@ -110,7 +110,7 @@ test('should collect metrics for db query timings', async () => {

    const metrics = await prometheusRegister.metrics();
    expect(metrics).toMatch(
-        /db_query_duration_seconds{quantile="0\.99",store="foo",action="bar"} 0.1337/,
+        /db_query_duration_seconds\{quantile="0\.99",store="foo",action="bar"\} 0.1337/,
    );
 });

@ -119,7 +119,7 @@ test('should collect metrics for feature toggle size', async () => {
        setTimeout(done, 10);
    });
    const metrics = await prometheusRegister.metrics();
-    expect(metrics).toMatch(/feature_toggles_total{version="(.*)"} 0/);
+    expect(metrics).toMatch(/feature_toggles_total\{version="(.*)"\} 0/);
 });

 test('should collect metrics for feature toggle size', async () => {
@ -127,7 +127,7 @@ test('should collect metrics for feature toggle size', async () => {
        setTimeout(done, 10);
    });
    const metrics = await prometheusRegister.metrics();
-    expect(metrics).toMatch(/client_apps_total{range="(.*)"} 0/);
+    expect(metrics).toMatch(/client_apps_total\{range="(.*)"\} 0/);
 });

 test('Should collect metrics for database', async () => {
@ -163,10 +163,10 @@ test('Should collect metrics for client sdk versions', async () => {
        'client_sdk_versions',
    );
    expect(metrics).toMatch(
-        /client_sdk_versions\{sdk_name="unleash-client-node",sdk_version="3\.2\.5"} 3/,
+        /client_sdk_versions\{sdk_name="unleash-client-node",sdk_version="3\.2\.5"\} 3/,
    );
    expect(metrics).toMatch(
-        /client_sdk_versions\{sdk_name="unleash-client-java",sdk_version="5\.0\.0"} 3/,
+        /client_sdk_versions\{sdk_name="unleash-client-java",sdk_version="5\.0\.0"\} 3/,
    );
    eventStore.emit(CLIENT_REGISTER, {
        sdkVersion: 'unleash-client-node:3.2.5',
@ -175,7 +175,7 @@ test('Should collect metrics for client sdk versions', async () => {
        'client_sdk_versions',
    );
    expect(newmetrics).toMatch(
-        /client_sdk_versions\{sdk_name="unleash-client-node",sdk_version="3\.2\.5"} 4/,
+        /client_sdk_versions\{sdk_name="unleash-client-node",sdk_version="3\.2\.5"\} 4/,
    );
 });

--- a/src/lib/services/email-service.ts
+++ b/src/lib/services/email-service.ts
@ -229,6 +229,6 @@ export class EmailService {
    }

    stripSpecialCharacters(str: string): string {
-        return str?.replace(/[`~!@#$%^&*()_|+=?;:'",.<>\{\}\[\]\\\/]/gi, '');
+        return str?.replace(/[`~!@#$%^&*()_|+=?;:'",.<>{}[\]\\/]/gi, '');
    }
 }
--- a/src/lib/util/is-email.test.ts
+++ b/src/lib/util/is-email.test.ts
@ -0,0 +1,47 @@
+import isEmail from './is-email';
+
+test.each([
+    'jessie34@claritymail.net',
+    'brianne33@sparkmail.com',
+    'kevin98@brightmail.org',
+    'sophia22@crestmail.com',
+    'zachary55@horizonmail.net',
+    'giselle89@fogmail.org',
+    'david23@peakmail.net',
+    'maria77@apexmail.com',
+    'jacob66@skywardmail.org',
+    'kylie44@oceanmail.net',
+    'user1.email@testmail.com',
+    'email2-user@example.org',
+    '3test_email@example.net',
+    'myemail+4@example.com',
+    'em5a.il@example.net',
+    'user#6@example.org',
+    '_email7@example.com',
+    'email-8@example.net',
+    'test.email-9@example.com',
+    'email10@test-mail.net',
+])(`should validate email address %s`, (email) => {
+    expect(isEmail(email)).toBe(true);
+});
+
+test.each([
+    'myemail@.com', // (missing domain name)
+    'email123@com', // (missing period before domain name)
+    '@gmail.com', // (missing username)
+    'email123@.com', // (missing domain name)
+    'email123@domain.', // (missing top-level domain)
+    'email@-domain.com', // (hyphen at the beginning of domain name)
+    'email@domain.c', // (invalid top-level domain)
+    'email@.domain.com', // (missing subdomain name)
+    'notanemail',
+    'missing@symbol',
+    '@missingusername.com',
+    'invalid.email@missingtld',
+    '.missingusername@missingtld',
+    'invalid.username@missingtld.',
+    'invalid.email@-invalid-domain.com',
+    'invalid.email@missingtld.',
+])(`should validate email address %s`, (email) => {
+    expect(isEmail(email)).toBe(false);
+});
--- a/src/lib/util/is-email.ts
+++ b/src/lib/util/is-email.ts
@ -1,6 +1,7 @@
 // Email address matcher.
 // eslint-disable-next-line no-useless-escape
-const matcher = /.+\@.+\..+/;
+const matcher =
+    /[A-Z0-9.!#$%&'*+-/=?^_{|}~]+@[A-Z0-9][A-Z0-9.!#$%&'*+-/=?^_{|}~]*\.[A-Z]{2,}$/i;

 /**
 * Loosely validate an email address.
--- a/src/test/e2e/api/admin/project/variants.e2e.test.ts
+++ b/src/test/e2e/api/admin/project/variants.e2e.test.ts
@ -490,7 +490,7 @@ test('PUTing an invalid variant throws 400 exception', async () => {
        .expect((res) => {
            expect(res.body.details).toHaveLength(1);
            expect(res.body.details[0].message).toMatch(
-                /.*weightType\" must be one of/,
+                /.*weightType" must be one of/,
            );
        });
 });
@ -525,7 +525,7 @@ test('Invalid variant in PATCH also throws 400 exception', async () => {
        .expect((res) => {
            expect(res.body.details).toHaveLength(1);
            expect(res.body.details[0].message).toMatch(
-                /.*weight\" must be less than or equal to 1000/,
+                /.*weight" must be less than or equal to 1000/,
            );
        });
 });
--- a/yarn.lock
+++ b/yarn.lock
@ -531,14 +531,26 @@
  dependencies:
    "@jridgewell/trace-mapping" "0.3.9"

-"@eslint/eslintrc@^1.4.1":
-  version "1.4.1"
-  resolved "https://registry.yarnpkg.com/@eslint/eslintrc/-/eslintrc-1.4.1.tgz#af58772019a2d271b7e2d4c23ff4ddcba3ccfb3e"
-  integrity sha512-XXrH9Uarn0stsyldqDYq8r++mROmWRI1xKMXa640Bb//SY1+ECYX6VzT6Lcx5frD0V30XieqJ0oX9I2Xj5aoMA==
+"@eslint-community/eslint-utils@^4.2.0":
+  version "4.4.0"
+  resolved "https://registry.yarnpkg.com/@eslint-community/eslint-utils/-/eslint-utils-4.4.0.tgz#a23514e8fb9af1269d5f7788aa556798d61c6b59"
+  integrity sha512-1/sA4dwrzBAyeUoQ6oxahHKmrZvsnLCg4RfxW3ZFGGmQkSNQPFNLV9CUEFQP1x9EYXHTo5p6xdhZM1Ne9p/AfA==
+  dependencies:
+    eslint-visitor-keys "^3.3.0"
+
+"@eslint-community/regexpp@^4.4.0", "@eslint-community/regexpp@^4.5.0":
+  version "4.5.0"
+  resolved "https://registry.yarnpkg.com/@eslint-community/regexpp/-/regexpp-4.5.0.tgz#f6f729b02feee2c749f57e334b7a1b5f40a81724"
+  integrity sha512-vITaYzIcNmjn5tF5uxcZ/ft7/RXGrMUIS9HalWckEOF6ESiwXKoMzAQf2UW0aVd6rnOeExTJVd5hmWXucBKGXQ==
+
+"@eslint/eslintrc@^2.0.2":
+  version "2.0.2"
+  resolved "https://registry.yarnpkg.com/@eslint/eslintrc/-/eslintrc-2.0.2.tgz#01575e38707add677cf73ca1589abba8da899a02"
+  integrity sha512-3W4f5tDUra+pA+FzgugqL2pRimUTDJWKr7BINqOpkZrC0uYI0NIc0/JFgBROCU07HR6GieA5m3/rsPIhDmCXTQ==
  dependencies:
    ajv "^6.12.4"
    debug "^4.3.2"
-    espree "^9.4.0"
+    espree "^9.5.1"
    globals "^13.19.0"
    ignore "^5.2.0"
    import-fresh "^3.2.1"
@ -546,6 +558,11 @@
    minimatch "^3.1.2"
    strip-json-comments "^3.1.1"

+"@eslint/js@8.38.0":
+  version "8.38.0"
+  resolved "https://registry.yarnpkg.com/@eslint/js/-/js-8.38.0.tgz#73a8a0d8aa8a8e6fe270431c5e72ae91b5337892"
+  integrity sha512-IoD2MfUnOV58ghIHCiil01PcohxjbYR/qCxsoC+xNgUwh1EY8jOOrYmu3d3a71+tJJ23uscEV4X2HJWMsPJu4g==
+
 "@gar/promisify@^1.1.3":
  version "1.1.3"
  resolved "https://registry.yarnpkg.com/@gar/promisify/-/promisify-1.1.3.tgz#555193ab2e3bb3b6adc3d551c9c030d9e860daf6"
@ -2195,6 +2212,11 @@ commander@^9.4.1:
  resolved "https://registry.yarnpkg.com/commander/-/commander-9.4.1.tgz#d1dd8f2ce6faf93147295c0df13c7c21141cfbdd"
  integrity sha512-5EEkTNyHNGFPD2H+c/dXXfQZYa/scCKasxWcXJaWnNJ99pnQN9Vnmqow+p+PlFPE63Q6mThaZws1T+HxfpgtPw==

+comment-parser@^1.1.2:
+  version "1.3.1"
+  resolved "https://registry.yarnpkg.com/comment-parser/-/comment-parser-1.3.1.tgz#3d7ea3adaf9345594aedee6563f422348f165c1b"
+  integrity sha512-B52sN2VNghyq5ofvUsqZjmk6YkihBX5vMSChmSK9v4ShjKf3Vk5Xcmgpw4o+iIgtrnM/u5FiMpz9VKb8lpBveA==
+
 component-emitter@^1.3.0:
  version "1.3.0"
  resolved "https://registry.yarnpkg.com/component-emitter/-/component-emitter-1.3.0.tgz#16e4070fba8ae29b679f2215853ee181ab2eabc0"
@ -2895,6 +2917,20 @@ eslint-plugin-prettier@4.2.1:
  dependencies:
    prettier-linter-helpers "^1.0.0"

+eslint-plugin-regexp@^1.14.0:
+  version "1.14.0"
+  resolved "https://registry.yarnpkg.com/eslint-plugin-regexp/-/eslint-plugin-regexp-1.14.0.tgz#42dadd3217b0200c8f478922e429411448a7d3e4"
+  integrity sha512-5+bBSsRTTtkSf8+/iNSjiOW6qbjAdGyqv88HxPaBNFKxROK+UAdOGDl5Jr+csV5wW2BuOOvaG82zsvTriQBRFA==
+  dependencies:
+    "@eslint-community/eslint-utils" "^4.2.0"
+    "@eslint-community/regexpp" "^4.4.0"
+    comment-parser "^1.1.2"
+    grapheme-splitter "^1.0.4"
+    jsdoctypeparser "^9.0.0"
+    refa "^0.11.0"
+    regexp-ast-analysis "^0.6.0"
+    scslre "^0.2.0"
+
 eslint-scope@^5.1.1:
  version "5.1.1"
  resolved "https://registry.yarnpkg.com/eslint-scope/-/eslint-scope-5.1.1.tgz#e786e59a66cb92b3f6c1fb0d508aab174848f48c"
@ -2928,12 +2964,20 @@ eslint-visitor-keys@^3.3.0:
  resolved "https://registry.yarnpkg.com/eslint-visitor-keys/-/eslint-visitor-keys-3.3.0.tgz#f6480fa6b1f30efe2d1968aa8ac745b862469826"
  integrity sha512-mQ+suqKJVyeuwGYHAdjMFqjCyfl8+Ldnxuyp3ldiMBFKkvytrXUZWaiPCEav8qDHKty44bD+qV1IP4T+w+xXRA==

-eslint@8.34.0:
-  version "8.34.0"
-  resolved "https://registry.yarnpkg.com/eslint/-/eslint-8.34.0.tgz#fe0ab0ef478104c1f9ebc5537e303d25a8fb22d6"
-  integrity sha512-1Z8iFsucw+7kSqXNZVslXS8Ioa4u2KM7GPwuKtkTFAqZ/cHMcEaR+1+Br0wLlot49cNxIiZk5wp8EAbPcYZxTg==
+eslint-visitor-keys@^3.4.0:
+  version "3.4.0"
+  resolved "https://registry.yarnpkg.com/eslint-visitor-keys/-/eslint-visitor-keys-3.4.0.tgz#c7f0f956124ce677047ddbc192a68f999454dedc"
+  integrity sha512-HPpKPUBQcAsZOsHAFwTtIKcYlCje62XB7SEAcxjtmW6TD1WVpkS6i6/hOVtTZIl4zGj/mBqpFVGvaDneik+VoQ==
+
+eslint@^8.38.0:
+  version "8.38.0"
+  resolved "https://registry.yarnpkg.com/eslint/-/eslint-8.38.0.tgz#a62c6f36e548a5574dd35728ac3c6209bd1e2f1a"
+  integrity sha512-pIdsD2jwlUGf/U38Jv97t8lq6HpaU/G9NKbYmpWpZGw3LdTNhZLbJePqxOXGB5+JEKfOPU/XLxYxFh03nr1KTg==
  dependencies:
-    "@eslint/eslintrc" "^1.4.1"
+    "@eslint-community/eslint-utils" "^4.2.0"
+    "@eslint-community/regexpp" "^4.4.0"
+    "@eslint/eslintrc" "^2.0.2"
+    "@eslint/js" "8.38.0"
    "@humanwhocodes/config-array" "^0.11.8"
    "@humanwhocodes/module-importer" "^1.0.1"
    "@nodelib/fs.walk" "^1.2.8"
@ -2944,10 +2988,9 @@ eslint@8.34.0:
    doctrine "^3.0.0"
    escape-string-regexp "^4.0.0"
    eslint-scope "^7.1.1"
-    eslint-utils "^3.0.0"
-    eslint-visitor-keys "^3.3.0"
-    espree "^9.4.0"
-    esquery "^1.4.0"
+    eslint-visitor-keys "^3.4.0"
+    espree "^9.5.1"
+    esquery "^1.4.2"
    esutils "^2.0.2"
    fast-deep-equal "^3.1.3"
    file-entry-cache "^6.0.1"
@ -2968,7 +3011,6 @@ eslint@8.34.0:
    minimatch "^3.1.2"
    natural-compare "^1.4.0"
    optionator "^0.9.1"
-    regexpp "^3.2.0"
    strip-ansi "^6.0.1"
    strip-json-comments "^3.1.0"
    text-table "^0.2.0"
@ -2978,24 +3020,24 @@ esm@^3.2.25:
  resolved "https://registry.yarnpkg.com/esm/-/esm-3.2.25.tgz#342c18c29d56157688ba5ce31f8431fbb795cc10"
  integrity sha512-U1suiZ2oDVWv4zPO56S0NcR5QriEahGtdN2OR6FiOG4WJvcjBVFB0qI4+eKoWFH483PKGuLuu6V8Z4T5g63UVA==

-espree@^9.4.0:
-  version "9.4.1"
-  resolved "https://registry.yarnpkg.com/espree/-/espree-9.4.1.tgz#51d6092615567a2c2cff7833445e37c28c0065bd"
-  integrity sha512-XwctdmTO6SIvCzd9810yyNzIrOrqNYV9Koizx4C/mRhf9uq0o4yHoCEU/670pOxOL/MSraektvSAji79kX90Vg==
+espree@^9.5.1:
+  version "9.5.1"
+  resolved "https://registry.yarnpkg.com/espree/-/espree-9.5.1.tgz#4f26a4d5f18905bf4f2e0bd99002aab807e96dd4"
+  integrity sha512-5yxtHSZXRSW5pvv3hAlXM5+/Oswi1AUFqBmbibKb5s6bp3rGIDkyXU6xCoyuuLhijr4SFwPrXRoZjz0AZDN9tg==
  dependencies:
    acorn "^8.8.0"
    acorn-jsx "^5.3.2"
-    eslint-visitor-keys "^3.3.0"
+    eslint-visitor-keys "^3.4.0"

 esprima@^4.0.0:
  version "4.0.1"
  resolved "https://registry.yarnpkg.com/esprima/-/esprima-4.0.1.tgz#13b04cdb3e6c5d19df91ab6987a8695619b0aa71"
  integrity sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==

-esquery@^1.4.0:
-  version "1.4.0"
-  resolved "https://registry.yarnpkg.com/esquery/-/esquery-1.4.0.tgz#2148ffc38b82e8c7057dfed48425b3e61f0f24a5"
-  integrity sha512-cCDispWt5vHHtwMY2YrAQ4ibFkAL8RbH5YGBnZBc90MolvvfkkQcJro/aZiAQUlQ3qgrYS6D6v8Gc5G5CQsc9w==
+esquery@^1.4.2:
+  version "1.5.0"
+  resolved "https://registry.yarnpkg.com/esquery/-/esquery-1.5.0.tgz#6ce17738de8577694edd7361c57182ac8cb0db0b"
+  integrity sha512-YQLXUplAwJgCydQ78IMJywZCceoqk1oH01OERdSAJc/7U2AylwjhSCLDEtqwg811idIS/9fIU5GjG73IgjKMVg==
  dependencies:
    estraverse "^5.1.0"

@ -4620,6 +4662,11 @@ jsbn@~0.1.0:
  resolved "https://registry.yarnpkg.com/jsbn/-/jsbn-0.1.1.tgz#a5e654c2e5a2deb5f201d96cefbca80c0ef2f513"
  integrity sha512-UVU9dibq2JcFWxQPA6KCqj5O42VOmAY3zQUfEKxU0KpTGXwNoCjkX1e13eHNvw/xPynt6pU0rZ1htjWTNTSXsg==

+jsdoctypeparser@^9.0.0:
+  version "9.0.0"
+  resolved "https://registry.yarnpkg.com/jsdoctypeparser/-/jsdoctypeparser-9.0.0.tgz#8c97e2fb69315eb274b0f01377eaa5c940bd7b26"
+  integrity sha512-jrTA2jJIL6/DAEILBEh2/w9QxCuwmvNXIry39Ay/HVfhE3o2yVV0U44blYkqdHA/OKloJEqvJy0xU+GSdE2SIw==
+
 jsesc@^2.5.1:
  version "2.5.2"
  resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-2.5.2.tgz#80564d2e483dacf6e8ef209650a67df3f0c283a4"
@ -6035,11 +6082,26 @@ redent@^4.0.0:
    indent-string "^5.0.0"
    strip-indent "^4.0.0"

+refa@^0.11.0:
+  version "0.11.0"
+  resolved "https://registry.yarnpkg.com/refa/-/refa-0.11.0.tgz#07d57a9f5f3ee2dd58e0d145a6a489fda2591ed0"
+  integrity sha512-486O8/pQXwj9jV0mVvUnTsxq0uknpBnNJ0eCUhkZqJRQ8KutrT1PhzmumdCeM1hSBF2eMlFPmwECRER4IbKXlQ==
+  dependencies:
+    "@eslint-community/regexpp" "^4.5.0"
+
 regenerator-runtime@^0.13.11:
  version "0.13.11"
  resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.13.11.tgz#f6dca3e7ceec20590d07ada785636a90cdca17f9"
  integrity sha512-kY1AZVr2Ra+t+piVaJ4gxaFaReZVH40AKNo7UCX6W+dEwBo/2oZJzqfuN1qLq1oL45o56cPaTXELwrTh8Fpggg==

+regexp-ast-analysis@^0.6.0:
+  version "0.6.0"
+  resolved "https://registry.yarnpkg.com/regexp-ast-analysis/-/regexp-ast-analysis-0.6.0.tgz#c0b648728c85d266a409ce00a6440c01c9834c61"
+  integrity sha512-OLxjyjPkVH+rQlBLb1I/P/VTmamSjGkvN5PTV5BXP432k3uVz727J7H29GA5IFiY0m7e1xBN7049Wn59FY3DEQ==
+  dependencies:
+    "@eslint-community/regexpp" "^4.5.0"
+    refa "^0.11.0"
+
 regexp.prototype.flags@^1.4.3:
  version "1.4.3"
  resolved "https://registry.yarnpkg.com/regexp.prototype.flags/-/regexp.prototype.flags-1.4.3.tgz#87cab30f80f66660181a3bb7bf5981a872b367ac"
@ -6237,6 +6299,15 @@ sanitize-filename@^1.6.3:
  dependencies:
    truncate-utf8-bytes "^1.0.0"

+scslre@^0.2.0:
+  version "0.2.0"
+  resolved "https://registry.yarnpkg.com/scslre/-/scslre-0.2.0.tgz#b604eedbab76f87003738d00de44d7601a78609e"
+  integrity sha512-4hc49fUMmX3jM0XdFUAPBrs1xwEcdHa0KyjEsjFs+Zfc66mpFpq5YmRgDtl+Ffo6AtJIilfei+yKw8fUn3N88w==
+  dependencies:
+    "@eslint-community/regexpp" "^4.5.0"
+    refa "^0.11.0"
+    regexp-ast-analysis "^0.6.0"
+
 semver@^5.0.3, semver@^5.3.0:
  version "5.7.1"
  resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.1.tgz#a954f931aeba508d307bbf069eff0c01c96116f7"