paint-brush
Code Smell 276 - Untested Regular Expressionsby@mcsee
233 reads

Code Smell 276 - Untested Regular Expressions

by Maximiliano ContieriOctober 27th, 2024
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

Use clear and concise regular expressions, and test them thoroughly.
featured image - Code Smell 276 - Untested Regular Expressions
Maximiliano Contieri HackerNoon profile picture

Regex Without Tests is Asking for Trouble - Don't be lazy. It is free with AI!

TL;DR: Use clear and concise regular expressions, and test them thoroughly.

Problems

  • Readability
  • No test cases
  • Missed edge cases
  • Debugging challenges
  • Unclear failures
  • Hidden defects

Solutions

  1. Ask your favorite AI to write test cases
  2. Break down complex regular expressions into smaller, more readable parts.
  3. Check edge cases
  4. Validate outputs
  5. Refactor regex once you created the tests
  6. Improve the Error Messages

Context

Regular expressions are powerful but tricky.


If you write a regex without tests, you're asking for unexpected errors.


If you write a cryptic regex and skip automated testing, you could miss important cases, causing security issues or user frustration.

Sample Code

Wrong

public class PasswordValidator {
    public static boolean isValidPassword(String password) {
        return password.matches(
            "^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)[a-zA-Z\\d]{8,}$");
        // This is a cryptic Regular Expression
    }
}

Right

import java.util.ArrayList;
import java.util.List;

public class PasswordValidator {
    public static List<String> validatePassword(String password) {
        List<String> errors = new ArrayList<>();

        if (password.length() < 8) {
            errors.add(
                "Password must be at least 8 characters long.");
        }
        if (!password.matches(".*[A-Z].*")) {
            errors.add(
                "Password must contain at least one uppercase letter.");
        }
        if (!password.matches(".*[a-z].*")) {
            errors.add(
                "Password must contain at least one lowercase letter.");
        }
        if (!password.matches(".*\\d.*")) {
            errors.add(
                "Password must contain at least one digit.");
        }
        if (errors.isEmpty()) {
            errors.add(
                "Password is valid.");
        }
        return errors;
        // You no longer need a Regular Expression!!
    }
}

import static org.junit.Assert.*;
import org.junit.Test;

public class PasswordValidatorTest {
    // Now you have a lot of tests
    // You can use a Regular Expression,
    // a String Validator
    // an External Library
    // Whatever you want as long as it passes the tests!

    @Test
    public void testValidPassword() {
        List<String> result = 
            PasswordValidator.validatePassword(
            "StrongPass1");
        assertEquals("Password is valid.", result.get(0));
    }

    @Test
    public void testTooShortPassword() {
        List<String> result = PasswordValidator.validatePassword(
            "Short1");
        assertTrue(result.contains(
            "Password must be at least 8 characters long."));
    }

    @Test
    public void testNoUppercase() {
        List<String> result = PasswordValidator.validatePassword(
            "nouppercase1");
        assertTrue(
            result.contains(
                "Password must contain at least one uppercase letter."));
    }

    @Test
    public void testNoLowercase() {
        List<String> result = PasswordValidator.validatePassword(
            "NOLOWERCASE1");
        assertTrue(result.contains(
            "Password must contain at least one lowercase letter."));
    }

    @Test
    public void testNoNumber() {
        List<String> result = PasswordValidator.validatePassword(
            "NoNumberPass");
        assertTrue(result.contains(
            "Password must contain at least one digit."));
    }
}

Detection

  • [x]Automatic

You can detect when your regex is uncovered by changing it to fail and running all your tests.


If your validation returns "false" without user-friendly explanations, it's a clear sign you need to refactor it and improve the feedback.

Tags

  • Testing

Level

  • [x]Beginner

AI Generation

AI can generate regular expressions but often fails to provide helpful error messages.


Without proper instructions, AI-generated validators may fail to guide users through fixing their inputs.

AI Detection

AI can detect basic regular expression patterns and missing feedback with clear prompting.


it might not automatically create detailed test cases or descriptions unless asked specifically.

Try Them!

Remember: AI Assistants make lots of mistakes

Without Proper Instructions

With Specific Instructions

ChatGPT

ChatGPT

Claude

Claude

Perplexity

Perplexity

Copilot

Copilot

Gemini

Gemini

Conclusion

A regular expression without clear feedback is user-unfriendly and prone to errors.


It would help if you described why they failed and wrote thorough tests to ensure your regex works as expected.

Relations

Code Smell 185 - Evil Regular Expressions

Disclaimer

Code Smells are my opinion.

Credits

Photo by rc.xyz NFT gallery on Unsplash


Feedback is the breakfast of champions.

Ken Blanchard


This article is part of the CodeSmell Series.