Regex Without Tests is Asking for Trouble - Don't be lazy. It is free with AI!
TL;DR: Use clear and concise regular expressions, and test them thoroughly.
Problems
- Readability
- No test cases
- Missed edge cases
- Debugging challenges
- Unclear failures
- Hidden defects
Solutions
- Ask your favorite AI to write test cases
- Break down complex regular expressions into smaller, more readable parts.
- Check edge cases
- Validate outputs
- Refactor regex once you created the tests
- Improve the Error Messages
Context
Regular expressions are powerful but tricky.
If you write a regex without tests, you're asking for unexpected errors.
If you write a cryptic regex and skip automated testing, you could miss important cases, causing security issues or user frustration.
Sample Code
Wrong
public class PasswordValidator {
public static boolean isValidPassword(String password) {
return password.matches(
"^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[a-zA-Z\d]{8,}$");
// This is a cryptic Regular Expression
}
}
Right
import java.util.ArrayList;
import java.util.List;
public class PasswordValidator {
public static List<string> validatePassword(String password) {
List<string> errors = new ArrayList();
if (password.length() result =
PasswordValidator.validatePassword(
"StrongPass1");
assertEquals("Password is valid.", result.get(0));
}
@Test
public void testTooShortPassword() {
List<string> result = PasswordValidator.validatePassword(
"Short1");
assertTrue(result.contains(
"Password must be at least 8 characters long."));
}
@Test
public void testNoUppercase() {
List<string> result = PasswordValidator.validatePassword(
"nouppercase1");
assertTrue(
result.contains(
"Password must contain at least one uppercase letter."));
}
@Test
public void testNoLowercase() {
List<string> result = PasswordValidator.validatePassword(
"NOLOWERCASE1");
assertTrue(result.contains(
"Password must contain at least one lowercase letter."));
}
@Test
public void testNoNumber() {
List<string> result = PasswordValidator.validatePassword(
"NoNumberPass");
assertTrue(result.contains(
"Password must contain at least one digit."));
}
}
</string></string></string></string></string></string>
Detection
[X] Automatic
You can detect when your regex is uncovered by changing it to fail and running all your tests.
If your validation returns "false" without user-friendly explanations, it's a clear sign you need to refactor it and improve the feedback.
Tags
- Testing
Level
[X] Beginner
AI Generation
AI can generate regular expressions but often fails to provide helpful error messages.
Without proper instructions, AI-generated validators may fail to guide users through fixing their inputs.
AI Detection
AI can detect basic regular expression patterns and missing feedback with clear prompting.
it might not automatically create detailed test cases or descriptions unless asked specifically.
Try Them!
Remember: AI Assistants make lots of mistakes
| Without Proper Instructions | With Specific Instructions |
|---|---|
| ChatGPT | ChatGPT |
| Claude | Claude |
| Perplexity | Perplexity |
| Copilot | Copilot |
| Gemini | Gemini |
Conclusion
A regular expression without clear feedback is user-unfriendly and prone to errors.
It would help if you described why they failed and wrote thorough tests to ensure your regex works as expected.
Relations
Code Smell 41 - Regular Expression Abusers
Maxi Contieri ・ Dec 3 '20
Code Smell 185 - Evil Regular Expressions
Maxi Contieri ・ Dec 8 '22
Code Smell 97 - Error Messages Without Empathy
Maxi Contieri ・ Oct 27 '21
Disclaimer
Code Smells are my opinion.
Credits
Photo by rc.xyz NFT gallery on Unsplash
Feedback is the breakfast of champions.
Ken Blanchard
Software Engineering Great Quotes
Maxi Contieri ・ Dec 28 '20
This article is part of the CodeSmell Series.
How to Find the Stinky parts of your Code
Maxi Contieri ・ May 21 '21
The above is the detailed content of Code Smell - Untested Regular Expressions. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Notepad++7.3.1
Easy-to-use and free code editor
