/**
 * Copyright (c) 2025 Ofri Peretz
 * Licensed under the MIT License. Use of this source code is governed by the
 * MIT license that can be found in the LICENSE file.
 */
/**
 * ESLint Rule: no-unsafe-regex-construction
 * Detects unsafe regex construction patterns (user input without escaping, dynamic flags)
 * CWE-400: Uncontrolled Resource Consumption
 *
 * Extends detect-non-literal-regexp with pattern analysis
 *
 * @see https://cwe.mitre.org/data/definitions/400.html
 * @see https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS
 */
import type { TSESLint } from '@interlace/eslint-devkit';
type MessageIds = 'unsafeRegexConstruction' | 'escapeUserInput' | 'validatePattern' | 'useSafeLibrary' | 'avoidDynamicFlags';
export interface Options {
    /** Allow literal string patterns. Default: false */
    allowLiterals?: boolean;
    /** Trusted functions that escape input. Default: ['escapeRegex', 'escape', 'sanitize'] */
    trustedEscapingFunctions?: string[];
    /** Maximum pattern length for dynamic regex. Default: 100 */
    maxPatternLength?: number;
}
type RuleOptions = [Options?];
export declare const noUnsafeRegexConstruction: TSESLint.RuleModule<MessageIds, RuleOptions, unknown, TSESLint.RuleListener> & {
    name: string;
};
export {};