Skip to content

Commit 9b02859

Browse files
committed
Release v0.1.3: Verified 1:1 behavior with recheck
- Added comprehensive test suite matching recheck's AutomatonCheckerSuite - Verified all constant, linear, polynomial, and exponential complexity patterns - Confirmed no false positives on safe patterns (^a+$, ^[a-z]+$, ^(a|b)+$) - Confirmed no false negatives on vulnerable patterns (^(a+)+$, ^(a|a)*$, ^(a|b|ab)*$) - Added SCC-based checker and NFAwLA implementation for precise detection - Extended test coverage with recheck compatibility tests
1 parent 07b5d12 commit 9b02859

File tree

11 files changed

+2546
-139
lines changed

11 files changed

+2546
-139
lines changed

docs/changelog.md

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,45 @@ All notable changes to ReDoctor are documented here.
1010
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
1111
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
1212

13+
## [0.1.3] - 2026-01-09
14+
15+
### Changed
16+
17+
- **Verified 1:1 Behavior with Recheck**: Comprehensive verification that detection behavior matches the reference [recheck](https://github.com/MakeNowJust-Labo/recheck) implementation
18+
- Added test suite mirroring recheck's `AutomatonCheckerSuite.scala` tests
19+
- Verified all constant, linear, polynomial, and exponential complexity patterns
20+
- Confirmed no false positives on safe patterns like `^a+$`, `^[a-z]+$`, `^(a|b)+$`
21+
- Confirmed no false negatives on vulnerable patterns like `^(a+)+$`, `^(a|a)*$`, `^(a|b|ab)*$`
22+
23+
### Added
24+
25+
- **Extended Test Coverage**
26+
- `test_recheck_compatibility.py` - Tests for must-be-safe and must-be-vulnerable patterns
27+
- `test_recheck_full_suite.py` - Full test suite matching recheck's complexity classification
28+
- `test_recheck_automaton_suite.py` - Direct ports from recheck's Scala test suite
29+
30+
### Fixed
31+
32+
- Edge cases in polynomial ambiguity detection with product automaton
33+
34+
---
35+
36+
## [0.1.2] - 2026-01-08
37+
38+
### Fixed
39+
40+
- Improved detection accuracy for nested quantifiers
41+
42+
---
43+
44+
## [0.1.1] - 2026-01-08
45+
46+
### Fixed
47+
48+
- Fixed false positives on simple patterns like `^a+$`
49+
50+
---
51+
1352
## [0.1.0] - 2026-01-09
1453

1554
### 🎉 Initial Release

setup.cfg

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
[metadata]
22
name = redoctor
3-
version = 0.1.2
3+
version = 0.1.3
44
description = ReDoctor - A Python ReDoS (Regular Expression Denial of Service) vulnerability checker
55
long_description = file: README.md
66
long_description_content_type = text/markdown

0 commit comments

Comments
 (0)