diff --git a/package-lock.json b/package-lock.json index ca581e0c..543fe6ed 100644 --- a/package-lock.json +++ b/package-lock.json @@ -15763,14 +15763,6 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/regexp-tree": { - "version": "0.1.27", - "resolved": "https://registry.npmjs.org/regexp-tree/-/regexp-tree-0.1.27.tgz", - "integrity": "sha512-iETxpjK6YoRWJG5o6hXLwvjYAoW+FEZn9os0PD/b6AP6xQwsa/Y7lCVgIixBbUPMfhu+i2LtdeAqVTgGlQarfA==", - "bin": { - "regexp-tree": "bin/regexp-tree" - } - }, "node_modules/regexp.prototype.flags": { "version": "1.5.4", "resolved": "https://registry.npmjs.org/regexp.prototype.flags/-/regexp.prototype.flags-1.5.4.tgz", @@ -16142,14 +16134,6 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/safe-regex": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/safe-regex/-/safe-regex-2.1.1.tgz", - "integrity": "sha512-rx+x8AMzKb5Q5lQ95Zoi6ZbJqwCLkqi3XuJXp5P3rT8OEc6sZCJG5AE5dU3lsgRr/F4Bs31jSlVN+j5KrsGu9A==", - "dependencies": { - "regexp-tree": "~0.1.1" - } - }, "node_modules/safe-regex-test": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/safe-regex-test/-/safe-regex-test-1.1.0.tgz", @@ -18497,8 +18481,7 @@ "@apify/input_secrets": "^1.2.11", "@apify/json_schemas": "^0.7.0", "acorn-loose": "^8.4.0", - "countries-list": "^3.0.0", - "safe-regex": "^2.1.1" + "countries-list": "^3.0.0" }, "devDependencies": { "@types/safe-regex": "^1.1.6" diff --git a/packages/input_schema/package.json b/packages/input_schema/package.json index 86458dcf..b1213c2b 100644 --- a/packages/input_schema/package.json +++ b/packages/input_schema/package.json @@ -52,8 +52,7 @@ "@apify/input_secrets": "^1.2.11", "@apify/json_schemas": "^0.7.0", "acorn-loose": "^8.4.0", - "countries-list": "^3.0.0", - "safe-regex": "^2.1.1" + "countries-list": "^3.0.0" }, "peerDependencies": { "ajv": "^8.0.0" diff --git a/packages/input_schema/src/utilities.ts b/packages/input_schema/src/utilities.ts index 23582597..ee408060 100644 --- a/packages/input_schema/src/utilities.ts +++ b/packages/input_schema/src/utilities.ts @@ -2,7 +2,6 @@ import { parse } from 'acorn-loose'; import type { ValidateFunction } from 'ajv'; import type Ajv from 'ajv/dist/2019'; import { countries } from 'countries-list'; -import safe from 'safe-regex'; import { PROXY_URL_REGEX, URL_REGEX } from '@apify/consts'; import { isEncryptedValueForFieldSchema, isEncryptedValueForFieldType } from '@apify/input_secrets'; @@ -369,19 +368,19 @@ export function ensureAjvSupportsDraft2019(ajvInstance: Ajv) { * @param fieldKey The field key where the pattern is used (for error messages). */ export function validateRegexpPattern(pattern: string, fieldKey: string) { - let regex: RegExp; - try { // Validate that the pattern is a valid regular expression - regex = new RegExp(pattern); + // eslint-disable-next-line + new RegExp(pattern); } catch { const message = m('inputSchema.validation.regexpNotValid', { pattern, fieldKey }); throw new Error(`Input schema is not valid (${message})`); } + // TODO: add check for safe regex but figure out how to avoid false positives with some valid regexes // Check if the regex is safe (to avoid ReDoS attacks) - if (!safe(regex)) { - const message = m('inputSchema.validation.regexpNotSafe', { pattern, fieldKey }); - throw new Error(`Input schema is not valid (${message})`); - } + // if (!safe(regex)) { + // const message = m('inputSchema.validation.regexpNotSafe', { pattern, fieldKey }); + // throw new Error(`Input schema is not valid (${message})`); + // } } diff --git a/test/input_schema.test.ts b/test/input_schema.test.ts index 3d4ccb28..2e7fe394 100644 --- a/test/input_schema.test.ts +++ b/test/input_schema.test.ts @@ -1066,49 +1066,6 @@ describe('input_schema.json', () => { 'Input schema is not valid (The regular expression "^[0-9+$" in field schema.properties.objectField.patternValue must be valid.)', ); }); - - it('should throw error on not safe regexp', () => { - const invalidRegexps = [ - '(a+)+$', - '^(a|a?)+$', - '^(a|a*)+$', - '^(a|a+)+$', - '^(a?)+$', - '^(a*)+$', - '^(a+)*$', - '^(a|aa?)+$', - '^(a|aa*)+$', - '^(a|a+)*$', - '^(a|a?)*$', - '^(a|a*)*$', - '^(a?)*$', - '^(a*)*$', - '^(a+)?$', - '^(a*)?$', - 'a*b*c*d*e*f*g*h*i*j*k*l*m*n*o*p*q*r*s*t*u*v*w*x*y*z*', - ]; - - for (const pattern of invalidRegexps) { - const schema = { - title: 'Test input schema', - type: 'object', - schemaVersion: 1, - properties: { - myField: { - title: 'Field title', - type: 'string', - description: 'Some description ...', - editor: 'textfield', - pattern, - }, - }, - }; - - expect(() => validateInputSchema(validator, schema)).toThrow( - `Input schema is not valid (The regular expression "${pattern}" in field schema.properties.myField.pattern may cause excessive backtracking or be unsafe to execute.)`, - ); - } - }); }); }); });