You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
User-supplied pattern, patternProperties, and propertyNames regexes now run through a linear-time matching engine, so a crafted schema or input can no longer trigger catastrophic backtracking (ReDoS). Patterns the engine cannot represent, such as those using backreferences, fall back to the native RegExp. The built-in format checks (email, uri, uri-reference, hostname, ipv4, ipv6, date, date-time, time, duration, uuid) were routed through the same engine and stay linear on adversarial input.
