All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.sonar.l10n.py.rules.python.S5857.html Maven / Gradle / Ivy

There is a newer version: 4.23.0.17664
Show newest version

Why is this an issue?

Using reluctant quantifiers (also known as lazy or non-greedy quantifiers) in patterns can often lead to needless backtracking, making the regex needlessly inefficient and potentially vulnerable to catastrophic backtracking. Particularly when using .*? or .+? to match anything up to some terminating character, it is usually a better idea to instead use a greedily or quantified negated character class containing the terminating character. For example <.+?> should be replaced with <[^>]*> or <[^>]+>.

Noncompliant code example

r'<.+?>'
r'".*?"'

Compliant solution

r'<[^>]+>'
r'"[^"]*"'

Exceptions

This rule only applies in cases where the reluctant quantifier can easily be replaced with a negated character class. That means the repetition has to be terminated by a single character or character class. Patterns such as the following, where the alternatives without reluctant quantifiers are more complicated, are therefore not subject to this rule:

/<!--.*?-->/
-/\*.*?\*/-




© 2015 - 2024 Weber Informatics LLC | Privacy Policy