devcert is vulnerable to regular expression denial of service. An attacker can crash the application by providing a malicious input to the certificateFor
function of index.ts
due to the insecure regex pattern used for VALID_IP
and VALID_DOMAIN
parameters.