diff options
author | TimberBro <mr.demix@yandex.ru> | 2023-08-20 17:06:42 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-08-20 17:06:42 +0200 |
commit | 84d05516dc430a7fbaf0572e976771e6785e208a (patch) | |
tree | 125bab33029390571683f4287c5a5072f89a1f01 /modules | |
parent | Use "input" event instead of "keyup" event for migration form (#26602) (diff) | |
download | forgejo-84d05516dc430a7fbaf0572e976771e6785e208a.tar.xz forgejo-84d05516dc430a7fbaf0572e976771e6785e208a.zip |
Fix NPM packages name validation (#26595)
- Added new tests to cover corner cases
- Replace existing regex with new one
Closes #26551
---
As @silverwind suggested, I started from
[validate-npm-package-name](https://github.com/npm/validate-npm-package-name),
but found this solution too complicated.
Then I tried to fix existing regex myself, but thought, that exclude all
restricted symbols is harder, than set only allowed symbols.
Then I search a bit more and found
[package-name-regex](https://github.com/dword-design/package-name-regex)
and regex from it works for all new test cases.
Let me know, if more information or help with this PR is needed.
Diffstat (limited to 'modules')
-rw-r--r-- | modules/packages/npm/creator.go | 2 | ||||
-rw-r--r-- | modules/packages/npm/creator_test.go | 18 |
2 files changed, 19 insertions, 1 deletions
diff --git a/modules/packages/npm/creator.go b/modules/packages/npm/creator.go index 5e7e0e2983..9e636757af 100644 --- a/modules/packages/npm/creator.go +++ b/modules/packages/npm/creator.go @@ -34,7 +34,7 @@ var ( ErrInvalidIntegrity = util.NewInvalidArgumentErrorf("failed to validate integrity") ) -var nameMatch = regexp.MustCompile(`\A((@[^\s\/~'!\(\)\*]+?)[\/])?([^_.][^\s\/~'!\(\)\*]+)\z`) +var nameMatch = regexp.MustCompile(`^(@[a-z0-9-][a-z0-9-._]*/)?[a-z0-9-][a-z0-9-._]*$`) // Package represents a npm package type Package struct { diff --git a/modules/packages/npm/creator_test.go b/modules/packages/npm/creator_test.go index 168f950038..806377a52b 100644 --- a/modules/packages/npm/creator_test.go +++ b/modules/packages/npm/creator_test.go @@ -67,6 +67,17 @@ func TestParsePackage(t *testing.T) { test(t, " test") test(t, "test ") test(t, "te st") + test(t, "Test") + test(t, "_test") + test(t, ".test") + test(t, "^test") + test(t, "te^st") + test(t, "te|st") + test(t, "te)(st") + test(t, "te'st") + test(t, "te!st") + test(t, "te*st") + test(t, "te~st") test(t, "invalid/scope") test(t, "@invalid/_name") test(t, "@invalid/.name") @@ -93,6 +104,13 @@ func TestParsePackage(t *testing.T) { test(t, "test") test(t, "@scope/name") + test(t, "@scope/q") + test(t, "q") + test(t, "@scope/package-name") + test(t, "@scope/package.name") + test(t, "@scope/package_name") + test(t, "123name") + test(t, "----") test(t, packageFullName) }) |