DEV.co
Open-Source Testing · fent

randexp.js

randexp.js generates random strings that match a given regular expression, useful for testing and fuzzing. It supports complex regex patterns including character ranges, repetitions, groups, and backreferences.

Source: GitHub — github.com/fent/randexp.js
1.9k
GitHub stars
93
Forks
JavaScript
Primary language
MIT
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositoryfent/randexp.js
Ownerfent
Primary languageJavaScript
LicenseMIT — OSI-approved
Stars1.9k
Forks93
Open issues14
Latest releasev0.5.3 (2018-07-21)
Last updated2025-11-23
Sourcehttps://github.com/fent/randexp.js

What randexp.js is

JavaScript library that parses RegExp objects and produces random strings conforming to the pattern. Uses Math.random() by default but supports custom PRNG injection. Handles infinite repetitions by capping to min+100, configurable per instance.

Quickstart

Get the randexp.js source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/fent/randexp.js.gitcd randexp.js# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Test data generation for validation logic

Generate realistic random strings matching email, URL, or custom format patterns to test input validators without manual test case creation.

Fuzzing and property-based testing

Create diverse random inputs conforming to API contracts or data schema patterns to uncover edge cases in parsers and handlers.

JSON Schema faker integration

Use as generator backend for JSON-Schema-Faker to populate mock API responses and sample data structures for frontend development.

Implementation considerations

  • Infinite repetition quantifiers (*, +, {n,}) default to min+100; explicitly set `.max` property on instance if different bounds needed.
  • Character range defaults to printable ASCII (32–126); use `defaultRange.add()` and `subtract()` to customize or extend to Unicode.
  • Backreferences to non-existent groups or forward references are silently ignored, returning empty strings; validate regex correctness before use.
  • TypeScript definitions included; can import directly in TS projects without separate @types package.
  • No built-in seeding or reproducibility; override `randInt()` method if deterministic output required for test reproducibility.

When to avoid it — and what to weigh

  • Cryptographic randomness required — Library defaults to Math.random(), which is not cryptographically secure. Requires custom PRNG override for security-sensitive use cases.
  • Pathological regex patterns — Library ignores positional anchors (^ $), silently handles malformed backreferences, and returns empty strings for impossible character sets. May not detect problematic patterns.
  • Performance-critical loops — No benchmarks provided; gen() behavior on complex patterns unknown. Infinite repetition handling (min+100) may produce unexpectedly large strings.
  • Production validation enforcement — Test fixture tool only; should not be deployed in production code paths for actual string validation or sanitization.

License & commercial use

Licensed under MIT (MIT License), an OSI-approved permissive license. Commercial use, modification, and distribution permitted with attribution.

MIT license permits commercial use without restriction. Suitable for commercial test automation and data generation tools. Include license text in derivative works.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceModerate
DocumentationAdequate
License clarityClear
Deployment complexityLow
DEV.co fitGood
Assessment confidenceHigh
Security considerations

Math.random() is not cryptographically secure; do not use for generating security tokens or secrets. Override `.randInt()` with cryptographic RNG if needed. No vulnerability scanning data provided. Pattern parsing does not perform ReDoS (regex DoS) analysis; untrusted user-supplied regex could potentially cause performance issues.

Alternatives to consider

casual / faker.js

Higher-level data generators for common types (emails, names, addresses); better for realistic mock data but less flexible for custom patterns.

json-schema-faker

JSON Schema-driven mock data generation; uses randexp internally but provides schema-level abstraction; heavier dependency footprint.

fast-check

Property-based testing framework with built-in generators and shrinking; more powerful for finding edge cases but steeper learning curve.

Software development agency

Build on randexp.js with DEV.co software developers

Use randexp.js to generate realistic test data and automate fuzzing. Install via npm and start generating pattern-matched random strings in minutes.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

randexp.js FAQ

Can I use randexp in production code?
No. It is a test utility library. Production code should use explicit validators and sanitizers, not random string generation.
How do I generate reproducible random strings?
Override the `randInt()` method on the RandExp instance with a seeded PRNG (e.g., seedrandom). Math.random() is not seeded by default.
What happens with regex patterns that match nothing?
Library returns empty strings for impossible character sets (e.g., `/[^\w\W]/`), backreferences to non-existent groups, and ignores anchors. No error is raised.
Is this library still maintained?
Maintenance is moderate. Last code push was November 2025, but the latest release is from July 2018. Bug fixes appear handled, but no active feature development evident.

Work with a software development agency

From first prototype to production, DEV.co delivers software development services around tools like randexp.js. Our software development agency staffs experienced software developers and web developers for custom software development, web development, integrations, and ongoing support across open-source testing and beyond.

Ready to integrate randexp into your test suite?

Use randexp.js to generate realistic test data and automate fuzzing. Install via npm and start generating pattern-matched random strings in minutes.