Add detect-unsafe-regex rule

[bdougherty]

Decided to go with just a warning for the unoptimized regex plugin since that is the example on the repo. I'll change it if you think it should be an error instead.

[bdougherty]

Hmm didn't realize the optimize regex plugin requires node >= 6. Let me know if you are ok with bumping the xo requirement or if I should remove that plugin.

[pvdlg]

Maybe we can use eslint-plugin-security#detect-unsafe-regex instead of no-unsafe-regex/no-unsafe-regex as the eslint-plugin-security seems better maintained and contains other rules we might want to enable.

Regarding the optimize regex, I'm not sure 1 rule would justify to drop node 4 support (at least while node 4 is still in LTS support).

[sindresorhus]

We can not drop Node.js 4 support yet.

[bdougherty]

Updated to use eslint-plugin-security#detect-unsafe-regex.

Found another discussion about that plugin in #205 where you weren't sure about adding the full plugin for just the one rule. Happy to add an unsafe regex rule to eslint-plugin-unicorn if that would be preferable.

[sindresorhus]

Happy to add an unsafe regex rule to eslint-plugin-unicorn if that would be preferable.

Yeah, that would be preferable, seeing how it's only a few lines of glue code to the safe-regex module, and that the eslint-plugin-security plugin doesn't seem very actively maintained. I think it would also be a good rule to use Selectors: https://eslint.org/docs/developer-guide/selectors You can just copy-paste this rule and do your changes: https://github.com/sindresorhus/eslint-plugin-unicorn/blob/master/rules/regex-shorthand.js :)

[bdougherty]

sindresorhus/eslint-plugin-unicorn#146 created.