security: precompile banned source regex patterns

unadlib · unadlib · commit cecc92b3bbe0 · 2026-02-16T02:39:21.000+08:00
diff --git a/packages/security/src/index.ts b/packages/security/src/index.ts
@@ -217,6 +217,10 @@ export class DefaultSecurityChecker implements SecurityChecker {
   private policy: RuntimeSecurityPolicy = getSecurityProfilePolicy(
     DEFAULT_SECURITY_PROFILE,
   );
+  private sourceBannedPatterns: Array<{
+    raw: string;
+    regex: RegExp;
+  }> = compileSourceBannedPatterns(this.policy.sourceBannedPatternStrings);
   private profile: RuntimeSecurityProfile = DEFAULT_SECURITY_PROFILE;
 
   initialize(input?: SecurityInitializationInput): void {
@@ -243,6 +247,9 @@ export class DefaultSecurityChecker implements SecurityChecker {
         normalized.overrides?.sourceBannedPatternStrings ??
         basePolicy.sourceBannedPatternStrings,
     };
+    this.sourceBannedPatterns = compileSourceBannedPatterns(
+      this.policy.sourceBannedPatternStrings,
+    );
     this.profile = profile;
   }
 
@@ -598,16 +605,9 @@ export class DefaultSecurityChecker implements SecurityChecker {
       issues.push("Runtime source dynamic import() is disabled by policy");
     }
 
-    for (const patternText of this.policy.sourceBannedPatternStrings) {
-      let pattern: RegExp;
-      try {
-        pattern = new RegExp(patternText, "i");
-      } catch {
-        continue;
-      }
-
-      if (pattern.test(source.code)) {
-        issues.push(`Runtime source contains blocked pattern: ${patternText}`);
+    for (const pattern of this.sourceBannedPatterns) {
+      if (pattern.regex.test(source.code)) {
+        issues.push(`Runtime source contains blocked pattern: ${pattern.raw}`);
       }
     }
 
@@ -818,6 +818,27 @@ function clonePolicy(policy: RuntimeSecurityPolicy): RuntimeSecurityPolicy {
   };
 }
 
+function compileSourceBannedPatterns(patterns: string[]): Array<{
+  raw: string;
+  regex: RegExp;
+}> {
+  const compiled: Array<{
+    raw: string;
+    regex: RegExp;
+  }> = [];
+
+  for (const patternText of patterns) {
+    try {
+      compiled.push({
+        raw: patternText,
+        regex: new RegExp(patternText, "i"),
+      });
+    } catch {}
+  }
+
+  return compiled;
+}
+
 function walkNodes(
   node: RuntimeNode,
   visitor: (node: RuntimeNode) => void,
diff --git a/tests/security.test.ts b/tests/security.test.ts
@@ -179,6 +179,24 @@ test("security checker supports profile initialization", async () => {
   assert.equal(checker.getProfile(), "strict");
 });
 
+test("security checker precompiles source banned patterns on initialize", async () => {
+  const checker = new DefaultSecurityChecker();
+  checker.initialize({
+    sourceBannedPatternStrings: ["\\beval\\s*\\(", "["],
+  });
+
+  const compiled = (
+    checker as unknown as {
+      sourceBannedPatterns?: Array<{ raw?: string }>;
+    }
+  ).sourceBannedPatterns;
+
+  assert.deepEqual(
+    (compiled ?? []).map((entry) => entry.raw),
+    ["\\beval\\s*\\("],
+  );
+});
+
 test("security profiles list includes strict balanced relaxed", async () => {
   const profiles = listSecurityProfiles();
   assert.deepEqual(profiles.sort(), ["balanced", "relaxed", "strict"]);
