non-linear back tracking in the regex used in getDataProtocolModuleFormat

[JLHwung]

Version

v24.11.1

Platform

Darwin 25.3.0 Darwin Kernel Version 25.3.0: Wed Jan 28 20:53:15 PST 2026; root:xnu-12377.81.4~5/RELEASE_ARM64_T6000 arm64

Subsystem

esm

What steps will reproduce the bug?

node/lib/internal/modules/esm/get_format.js

Lines 99 to 102 in 94df36a

	const { 1: mime } = RegExpPrototypeExec(
	/^([^/]+\/[^;,]+)(?:[^,]*?)(;base64)?,/,
	parsed.pathname,
	) || [ null, null, null ];

The ESLint rule regexp/no-super-linear-backtracking reports that

The quantifier '[^;,]+' can exchange characters with '[^,]*?'. Using any string accepted by /[^,;]+/, this can be exploited to cause at least polynomial backtracking.

For example, if the pathname is ./aaaaaaaaaaaB, the back tracking becomes polynomial since both [^;,]+ and [^,]*? match a.

How often does it reproduce? Is there a required condition?

Must reproduce

What is the expected behavior? Why is that the expected behavior?

The regex should not contain polynomial back tracking

What do you see instead?

It contains interchangeable terms

Additional information

First reported on wooorm/import-meta-resolve#33.

It would be great if we can add the eslint tool https://www.npmjs.com/package/eslint-plugin-regexp and thoroughly scan all the regex used in the lib. I believe this is not the only case containing super linear back tracking.