Issue 3: Potential Denial of Service (DoS) Vulnerability in `smart_title` Due to Regular Expression Complexity

[PrinceSajjadHussain]

Title: Potential Regular Expression DoS (ReDoS) in smart_title Function

Body:
The smart_title function uses the regular expression r"\b[\w'-]+\b" to split the card name into tokens. While seemingly harmless, this regex is vulnerable to ReDoS (Regular Expression Denial of Service) attacks when given maliciously crafted input strings. Specifically, strings with many repeated characters separated by apostrophes or hyphens can cause the regex engine to enter a pathological backtracking state, consuming excessive CPU resources and potentially crashing the application or making it unresponsive.
For example: 'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a'a' or 'a-a-a-a-a-a-a-a-a-a-a-a-a-a-a-a-a-a-a-a-a-a-a-a-a-a-a-a-a-a-a-a'.

Recommendation:
Replace the vulnerable regular expression with a safer alternative. A simple .split() method might be sufficient for most cases, as it avoids the backtracking issue. If more complex tokenization is required, consider using a more robust parsing library or implementing a custom tokenizer that avoids backtracking. Limit the input string length as another defense.

def smart_title(name):
    tokens = name.split()  # Simple split on spaces
    return ' '.join(word.capitalize() for word in tokens)

This version does not handle apostrophes or hyphens, but it's far less vulnerable to ReDoS. The best approach depends on the specific requirements of the application and the range of expected card names.