Does it say 'don't bother with a regex beyond checking it contains an @ surrounded by arbitrary pieces of text?' This still sounds like it is leading developers to conclude that they should use a too complex regex and then send a confirmation email.
Claude Sonnet says:
> A practical email regex that covers the vast majority of real-world addresses:
>
> ^[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}$
Which is still way more complex than needed (and takes effort to read), and buggy according to years of blog posts written about this topic.
Of course the problem is the developer asking for a regex at all, but the must-regex-email instinct seems heavily engrained in our collective psyche.
Claude Sonnet says:
> A practical email regex that covers the vast majority of real-world addresses: > > ^[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}$
Which is still way more complex than needed (and takes effort to read), and buggy according to years of blog posts written about this topic.
Of course the problem is the developer asking for a regex at all, but the must-regex-email instinct seems heavily engrained in our collective psyche.
I have no idea what other pay-to-play models say.