RegExp.escape is safe

Assumptions:

• Escapes ASCII punctuator except _, including `(){}[]|,.?*+-^$=<>\#&!%:;@~'"`
• Also escapes line terminators
• We might be able to make this less aggressive
• We make `\-` and other currently-illegal escapes which would be produced by this function legal in u-mode RegExps (to mean the unescaped char)

This cannot lead to context escapes.

And these sequences have the same

meaning (or will error) everywhere*.

Exhaustive list of contexts

• "base" context: obvious
• character class: can't output unescaped `]`, `^`, `-` [etc]
• `(...)` group: can't output unescaped `)` or `?`
• `\u{...}` code point: can't output unescaped `}`
• `\k<...>` group name: can't output unescaped `>`
• `(?<...>)` group name: can't output unescaped `>`
• `foo{...}` repetition: can't output unescaped `}` or `,`
• `\p{...}` property name: can't output unescaped `}` or `=`

​

​

Proposed future contexts

• `\q{...}` quote: can't output unescaped `}` or `|`
• `(?>...)` atomic groups: can't output unescaped `)`
• `(?#...)` comments: can't output unescaped `)`
• `#...` x-mode line comments: can't output line terminator
• `(?i...)` modifiers: can't output unescaped `)`
• `(?(...)...)` condition: can't output unescaped `)` or `|`

Exception: immediately after `\`.

That does not seem like a real risk.

new RegExp("\\x" + RegExp.escape(user_val))

​

user_val = "20andthensomestuff"

Also if you put them in an x-mode comment they behave as a comment, which is what you wanted.

​

Similarly in a group name they are a group name (or an error), in a `{...}` repetition they are a count

(or an error) etc.

Please can we just have this.

Please.