JSLint error in commercial source code

Question

JS lint gives the following error in commercial source code (therefore code that is tested on all browsers without issue). Is there a way to suppress this warning by editing the code? I would rather not upgrade jslint if possible.

**** redactor/redactor917.js ****

redactor917.js
/var/moteevate/js/redactor/redactor917.js(1471): SyntaxError: unterminated character class ^
if (current.remove && current.nodeType === 3 && current.nodeValue.match(/[^/\u200B]/g) == null)
........................................................................................................^


1 error(s), 0 warning(s)

Answer 1

Interesting regular expression. If I'm reading that right, it looks like if you're removing, and your nodeType is 3, and your nodeValue isn't made up (matches are null) of anything that's not a zero-width space, take the branch.

The problem really isn't escaping ^, as blueberryfields suggests. The ^ is fine. It's just a regexp not operator when it's inside of the brackets.

The problem here is that Crockford (JSLint's author & maintainer) doesn't want you to say what shouldn't match a regular expression (here, you're looking for everything that's not a zero-width space).

He wants your regexp to be specific: Instead, say what should be valid so that items you weren't thinking about when setting up the negative case don't slip through. That's why the error you're seeing should be Insecure '^'.. It's insecure because you could let in patterns you didn't think of.

"I'd like a hamburger without onions, sauerkraut, or cheese."

"Sure thing! Here ya' go!"

"But this has motor oil on it!"

Perhaps that's not an issue in this case, but as a general rule, not too shabby.

Though I think that's a useful motivation, as it's catching that weird "double not" logic from the original regexp, let's not worry about the merits of if we agree with that or not for now and just see what needs to happen to fix it. ;^)

So if I'm doing this right, the current regexp's "nodeValue isn't made up of anything that's not a zero-width space" equates to "nodeValue is made up of zero or more zero-width spaces".

To make this JSLint happy, then, rearrange the regexp to check for "between the start of the string and the end of the string, we want zero or more zero-width spaces. That looks like this (fiddle)...

/*jslint browser: true, white:true, sloppy:true */
var current = {
    remove: true,
    nodeType: 3,
    nodeValue: "\u200b\u200b\u200b"
};

if (current.remove && current.nodeType === 3 
    && current.nodeValue.match(/^[\u200B]*$/g) !== null)
{
    window.alert("YOU CAN DO IT");
}

And yes, "".match(/^[\u200B]*$/g); gives one match as well.

Admittedly, I didn't know what character \u200B was initially. Good info on that here.

==============================================================

EDIT: Responding to the OP's comment.

Bergi's edit shouldn't pass JSLint.

So try this code:

/*jslint browser: true, white:true, sloppy:true */
var current = {
    remove: true,
    nodeType: 3,
    nodeValue: "\u200b\u200b\u200b"
};

if (current.remove && current.nodeType === 3 
    && current.nodeValue.match(/[^\/\u200B]/g) === null) // with Bergi's edit.
{
    window.alert("YOU CAN DO IT");
}    else    {
    window.alert("you can't do");
}

So it's not JSLint compliant.

But if your tool isn't complaining about the insecure ^, I'm not sure what's going on.

Answer 2

/[^/\u200B]/g

is a regex that does contain a slash, which is a regex literal delimiter actually, but is also valid inside a character class. However, JSLint does parse the regex as /[^/ and states for it that the character class is unterminated.

You should escape that slash:

/[^\/\u200B]/g