add escape-string-regexp dependency to get rid of the escaping charac…

…ters

README.md

@@ -20,7 +20,7 @@ A simple way to check that password strength of a certain passphrase. The librar
 ### Install via Browser Script Tag using [UNPKG](https://unpkg.com/)
 
 ```html
-<script src="https://unpkg.com/check-password-strength/dist/umd.js"></script>
+<script src="https://unpkg.com/check-password-strength/dist/umd.cjs"></script>
 <script type="text/javascript">
     const passwordStrength = checkPasswordStrength.passwordStrength('pwd123').value; // 'Weak'
 </script>
@@ -53,8 +53,11 @@ console.log(passwordStrength('A@2asdF2020!!*').value)
 The `passwordStrength` takes 3 arguments:
 
 - `password` (string): the user password
-- `options` (array — optional): an option to override the default complexity required to match your password policy
-- `restrictSymbolsTo` (string — optional): by default, `passwordStrength` will check against all character except the 26 latin lowercase, uppercase letters and 10 digits (includes the OWASP characters, accentuated letters, other alphabets, emojis). If you want to restrict it, you may pass a different string. You may import and use `owaspSymbols` that will restrict the symbols to the ones recommended by the OWASP.
+- `options` (array — optional): an option to override the default complexity required to match your password policy. See below.
+- `restrictSymbolsTo` (string — optional): 
+  - By default, the `passwordStrength` function checks against all characters except for the 26 Latin lowercase letters, 26 uppercase letters, and 10 digits. This includes OWASP-recommended characters, accented letters, other alphabets, and emojis.
+  - If you wish to apply restrictions, you can provide a custom string. This string should consist of unescaped symbol characters, which will be utilized internally in a RegExp expression in the following format: `[${escapeStringRegexp(restrictSymbolsTo)}]`.
+  - Additionally, you can import and use the owaspSymbols to limit the symbols to those recommended by OWASP.
 
 **Password Default Options**
 
@@ -103,7 +106,7 @@ To override the default options, simply pass your custom array as the second arg
   - minDiversity: between 0 and 4, correspond to the minimum of different criterias ('lowercase', 'uppercase', 'symbol', 'number') that should be met to pass the password strength
   - minLength: minimum length of the password that should be met to pass the password strength
 
-The `minDiversity` and `minLength` parameters of the first element cannot be overriden (set to 0 at the beginning of the method). Therefore, the first element should always correspond to a "too weak" option.
+**You can use an array containing fewer or more than four items to define the levels of trust.** However, the first element must have both the minDiversity and minLength parameters set to 0. This means that the first element should always represent a "too weak" option.
 
 ### Result
 

dist/index.cjs

@@ -0,0 +1 @@
+"use strict";function e(e){if("string"!=typeof e)throw new TypeError("Expected a string");return e.replace(/[|\\{}()[\]^$+*?.]/g,"\\$&").replace(/-/g,"\\x2d")}Object.defineProperty(exports,"__esModule",{value:!0});const t=[{id:0,value:"Too weak",minDiversity:0,minLength:0},{id:1,value:"Weak",minDiversity:2,minLength:8},{id:2,value:"Medium",minDiversity:4,minLength:10},{id:3,value:"Strong",minDiversity:4,minLength:12}],i="!\"#$%&'()*+,-./\\:;<=>?@[]^_`{|}~",n=(i,n=t,r)=>{n[0].minDiversity=0,n[0].minLength=0;const s=i??"",a=[{key:"lowercase",regex:"[a-z]"},{key:"uppercase",regex:"[A-Z]"},{key:"number",regex:"[0-9]"},{key:"symbol",regex:r?`[${e(r)}]`:"[^a-zA-Z0-9]"}];let o={};o.contains=a.filter((e=>new RegExp(`${e.regex}`).test(s))).map((e=>e.key)),o.length=s.length;let l=n.filter((e=>o.contains.length>=e.minDiversity)).filter((e=>o.length>=e.minLength)).sort(((e,t)=>t.id-e.id)).map((e=>({id:e.id,value:e.value})));return Object.assign(o,l[0]),o};var r={passwordStrength:n,defaultOptions:t,owaspSymbols:i};exports.default=r,exports.defaultOptions=t,exports.owaspSymbols=i,exports.passwordStrength=n;

dist/index.js

@@ -1,3 +1,5 @@
+import escapeStringRegexp from 'escape-string-regexp';
+
 const defaultOptions = [
   {
     id: 0,
@@ -25,7 +27,7 @@ const defaultOptions = [
   },
 ];
 
-const owaspSymbols = "!\"#$%&'()*+,-./:;<=>?@[\\\\\\]^_`{|}~";
+const owaspSymbols = "!\"#$%&'()*+,-./\\:;<=>?@[]^_`{|}~";
 
 const passwordStrength = (
   password,
@@ -53,7 +55,7 @@ const passwordStrength = (
     },
     {
       key: "symbol",
-      regex: restrictSymbolsTo ? `[${restrictSymbolsTo}]` : "[^a-zA-Z0-9]",
+      regex: restrictSymbolsTo ? `[${escapeStringRegexp(restrictSymbolsTo)}]` : "[^a-zA-Z0-9]",
     },
   ];
 
@@ -76,7 +78,6 @@ const passwordStrength = (
   return strength;
 };
 
-module.exports = { passwordStrength, defaultOptions, owaspSymbols };
-module.exports.passwordStrength = passwordStrength;
-module.exports.defaultOptions = defaultOptions;
-module.exports.owaspSymbols = owaspSymbols;
+var index = { passwordStrength, defaultOptions, owaspSymbols };
+
+export { index as default, defaultOptions, owaspSymbols, passwordStrength };

dist/umd.cjs

@@ -0,0 +1 @@
+!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).checkPasswordStrength={})}(this,(function(e){"use strict";function t(e){if("string"!=typeof e)throw new TypeError("Expected a string");return e.replace(/[|\\{}()[\]^$+*?.]/g,"\\$&").replace(/-/g,"\\x2d")}const i=[{id:0,value:"Too weak",minDiversity:0,minLength:0},{id:1,value:"Weak",minDiversity:2,minLength:8},{id:2,value:"Medium",minDiversity:4,minLength:10},{id:3,value:"Strong",minDiversity:4,minLength:12}],n="!\"#$%&'()*+,-./\\:;<=>?@[]^_`{|}~",r=(e,n=i,r)=>{n[0].minDiversity=0,n[0].minLength=0;const s=e??"",o=[{key:"lowercase",regex:"[a-z]"},{key:"uppercase",regex:"[A-Z]"},{key:"number",regex:"[0-9]"},{key:"symbol",regex:r?`[${t(r)}]`:"[^a-zA-Z0-9]"}];let a={};a.contains=o.filter((e=>new RegExp(`${e.regex}`).test(s))).map((e=>e.key)),a.length=s.length;let l=n.filter((e=>a.contains.length>=e.minDiversity)).filter((e=>a.length>=e.minLength)).sort(((e,t)=>t.id-e.id)).map((e=>({id:e.id,value:e.value})));return Object.assign(a,l[0]),a};var s={passwordStrength:r,defaultOptions:i,owaspSymbols:n};e.default=s,e.defaultOptions=i,e.owaspSymbols=n,e.passwordStrength=r,Object.defineProperty(e,"__esModule",{value:!0})}));

package.json

@@ -2,13 +2,13 @@
   "name": "check-password-strength",
   "version": "2.0.7",
   "description": "A NPM Password strength checker based from Javascript RegExp. Check passphrase if it's \"Too weak\", \"Weak\", \"Medium\" or \"Strong\"",
-  "main": "dist/index.js",
-  "module": "dist/index.mjs",
+  "main": "dist/index.cjs",
+  "module": "dist/index.js",
   "types": "dist/index.d.ts",
   "scripts": {
     "build": "rm -rf dist && rollup -c",
     "test": "npm run test:lib && npm run test:types",
-    "test:lib": "jest",
+    "test:lib": "vitest --disable-console-intercept",
     "test:types": "tsd"
   },
   "repository": {
@@ -41,14 +41,20 @@
   },
   "homepage": "https://github.com/deanilvincent/check-password-strength#readme",
   "devDependencies": {
-    "@rollup/plugin-commonjs": "^25.0.7",
+    "@rollup/plugin-commonjs": "^28.0.1",
+    "@rollup/plugin-node-resolve": "^15.3.0",
     "@rollup/plugin-terser": "^0.4.4",
-    "jest": "^26.4.2",
-    "rollup": "^2.77.0",
+    "jest": "^29.7.0",
+    "rollup": "^4.28.0",
     "rollup-plugin-copy": "^3.5.0",
-    "tsd": "^0.14.0"
+    "tsd": "^0.31.2",
+    "vitest": "^2.1.8"
   },
   "tsd": {
-		"directory": "test"
-	}
-}
+    "directory": "test"
+  },
+  "dependencies": {
+    "escape-string-regexp": "^5.0.0"
+  },
+  "type": "module"
+}