Development quotes of the week - regular expression edition
Development quotes of the week - regular expression edition
Posted Feb 17, 2022 12:51 UTC (Thu) by flussence (guest, #85566)Parent article: Development quotes of the week - regular expression edition
I had a bunch of syslog data in wildly varying shapes (httpd, postfix, various other servers) and wanted to pull out badly-behaving remote actors' IPs and stuff them into an ipset. Easy enough to do those one at a time, but wouldn't it be nice to do them in a single pass? (Before you run away screaming, I had no intention of using a single regex for the whole thing)
So I used ripgrep's handy --file flag, which allegedly reads one regex per line (and more importantly, supports comments between them). And then I put the IP address part of each line in a capture group, intending to ask for "$1" as output. And... it broke horribly because it turns out something internally rewrites it into a single regex for the whole thing, and the capture groups become sequentially numbered. What about named (?<foo>) groups? That's a no-go too because libpcre loudly complains about duplicates and errors out.
I ended up doing it one at a time.