fix: prevent ReDoS vulnerability in regex patterns

Replace non-capturing groups (?:\n|$) with positive lookaheads (?=\n|$)
in regex patterns to prevent catastrophic backtracking and ReDoS attacks.

The pattern ([^+\n]+?)(?:\n|$) uses a lazy quantifier followed by a
non-capturing group, which can cause super-linear runtime when the input
doesn't match. Using positive lookahead (?=\n|$) prevents backtracking
by not consuming characters, making the regex safe from ReDoS.

Fixed patterns in:
- Invoice Date patterns (2 regexes)
- Due Date patterns (2 regexes)
- Service patterns (2 regexes)

All patterns now use (?=\n|$) instead of (?:\n|$) to prevent ReDoS.

Author: T-DevH

src/ui/web/src/pages/DocumentExtraction.tsx

@@ -1056,18 +1056,21 @@ const DocumentExtraction: React.FC = () => {
                       if (orderNumMatch) parsedFields.order_number = { value: orderNumMatch[1] };
 
                       // Invoice Date patterns
-                      const invoiceDateMatch = extractedText.match(/Invoice Date:\s*([^+\n]+?)(?:\n|$)/i) ||
-                                             extractedText.match(/Date:\s*([^+\n]+?)(?:\n|$)/i);
+                      // Use positive lookahead (?=\n|$) instead of non-capturing group to prevent ReDoS
+                      const invoiceDateMatch = extractedText.match(/Invoice Date:\s*([^+\n]+?)(?=\n|$)/i) ||
+                                             extractedText.match(/Date:\s*([^+\n]+?)(?=\n|$)/i);
                       if (invoiceDateMatch) parsedFields.invoice_date = { value: invoiceDateMatch[1].trim() };
 
                       // Due Date patterns
-                      const dueDateMatch = extractedText.match(/Due Date:\s*([^+\n]+?)(?:\n|$)/i) ||
-                                         extractedText.match(/Payment Due:\s*([^+\n]+?)(?:\n|$)/i);
+                      // Use positive lookahead (?=\n|$) instead of non-capturing group to prevent ReDoS
+                      const dueDateMatch = extractedText.match(/Due Date:\s*([^+\n]+?)(?=\n|$)/i) ||
+                                         extractedText.match(/Payment Due:\s*([^+\n]+?)(?=\n|$)/i);
                       if (dueDateMatch) parsedFields.due_date = { value: dueDateMatch[1].trim() };
 
                       // Service patterns
-                      const serviceMatch = extractedText.match(/Service:\s*([^+\n]+?)(?:\n|$)/i) ||
-                                         extractedText.match(/Description:\s*([^+\n]+?)(?:\n|$)/i);
+                      // Use positive lookahead (?=\n|$) instead of non-capturing group to prevent ReDoS
+                      const serviceMatch = extractedText.match(/Service:\s*([^+\n]+?)(?=\n|$)/i) ||
+                                         extractedText.match(/Description:\s*([^+\n]+?)(?=\n|$)/i);
                       if (serviceMatch) parsedFields.service = { value: serviceMatch[1].trim() };
 
                       // Rate/Price patterns