Prepare regular expressions for the linear engine

[ericcornelissen]

Relates to #373, 552e8ea, Don't Block the Event Loop

Summary

This project makes extensive use of regular expressions and has been subject to ReDoS vulnerabilities in the past. To avoid this in the future, it would be nice to prepare for and possibly even use the (experimental) linear regexp engine whenever possible.

As of writing, it is unclear to me how libraries can do this tho... See nodejs/node#51659 (comment)

[ericcornelissen]

For future reference, I quickly benchmarked using /syntax/ against using new RegExp("constructor") and found:

node regex-constructor.bench.js
Regular Expression Constructors
┌─────────┬───────────────┬───────────────────┬──────────────────┬────────────────────────┬────────────────────────┬─────────┐
│ (index) │ Task name     │ Latency avg (ns)  │ Latency med (ns) │ Throughput avg (ops/s) │ Throughput med (ops/s) │ Samples │
├─────────┼───────────────┼───────────────────┼──────────────────┼────────────────────────┼────────────────────────┼─────────┤
│ 0       │ 'syntax'      │ '31.71 ± 0.18%'   │ '30.00 ± 0.00'   │ '32450434 ± 0.01%'     │ '33333333 ± 0'         │ 3153247 │
│ 1       │ 'constructor' │ '773.22 ± 91.85%' │ '210.00 ± 20.00' │ '4289881 ± 0.14%'      │ '4761905 ± 501253'     │ 129330  │
└─────────┴───────────────┴───────────────────┴──────────────────┴────────────────────────┴────────────────────────┴─────────┘

Code

// 1. clone and cd into shescape
// 2. run `npm install --save-dev tinybench`
// 3. copy this snippet into a file named `regex-constructor.bench.js`
// 4. run `node regex-constructor.bench.js`

import { Bench } from "tinybench";

const bench = new Bench({ name: "Regular Expression Constructors", time: 100 });

bench
  .add("syntax", () => {
    /foobar/g;
  })
  .add("constructor", async () => {
    new RegExp("foobar", "g");
  });

await bench.run();

console.log(bench.name);
console.table(bench.table());