1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
|
# frozen_string_literal: true
module Gitlab
module Regex
extend self
extend MergeRequests
extend Packages
def project_name_regex
# The character range \p{Alnum} overlaps with \u{00A9}-\u{1f9ff}
# hence the Ruby warning.
# https://gitlab.com/gitlab-org/gitlab/merge_requests/23165#not-easy-fixable
@project_name_regex ||= /\A[\p{Alnum}\u{00A9}-\u{1f9ff}_][\p{Alnum}\p{Pd}\u{002B}\u{00A9}-\u{1f9ff}_\. ]*\z/
end
def project_name_regex_message
"can contain only letters, digits, emoji, '_', '.', '+', dashes, or spaces. " \
"It must start with a letter, digit, emoji, or '_'."
end
# Project path must conform to this regex. See https://gitlab.com/gitlab-org/gitlab/-/issues/27483
def oci_repository_path_regex
@oci_repository_path_regex ||= %r{\A[a-zA-Z0-9]+([._-][a-zA-Z0-9]+)*\z}
end
def oci_repository_path_regex_message
'must not start or end with a special character and must not contain consecutive special characters.'
end
def group_name_regex
@group_name_regex ||= /\A#{group_name_regex_chars}\z/
end
def group_name_regex_chars
@group_name_regex_chars ||= /[\p{Alnum}\u{00A9}-\u{1f9ff}_][\p{Alnum}\p{Pd}\u{00A9}-\u{1f9ff}_()\. ]*/
end
def group_name_regex_message
"can contain only letters, digits, emoji, '_', '.', dash, space, parenthesis. " \
"It must start with letter, digit, emoji or '_'."
end
##
# Docker Distribution Registry repository / tag name rules
#
# See https://github.com/docker/distribution/blob/master/reference/regexp.go.
#
def container_repository_name_regex
@container_repository_regex ||= %r{\A[a-z0-9]+(([._/]|__|-*)[a-z0-9])*\z}
end
##
# We do not use regexp anchors here because these are not allowed when
# used as a routing constraint.
#
def container_registry_tag_regex
@container_registry_tag_regex ||= /\w[\w.-]{0,127}/
end
def environment_name_regex_chars
'a-zA-Z0-9_/\\$\\{\\}\\. \\-'
end
def environment_name_regex_chars_without_slash
'a-zA-Z0-9_\\$\\{\\}\\. -'
end
def environment_name_regex
@environment_name_regex ||= /\A[#{environment_name_regex_chars_without_slash}]([#{environment_name_regex_chars}]*[#{environment_name_regex_chars_without_slash}])?\z/
end
def environment_name_regex_message
"can contain only letters, digits, '-', '_', '/', '$', '{', '}', '.', and spaces, but it cannot start or end with '/'"
end
def environment_scope_regex_chars
"#{environment_name_regex_chars}\\*"
end
def environment_scope_regex
@environment_scope_regex ||= /\A[#{environment_scope_regex_chars}]+\z/
end
def environment_scope_regex_message
"can contain only letters, digits, '-', '_', '/', '$', '{', '}', '.', '*' and spaces"
end
# https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/identity_and_auth.md#agent-identity-and-name
def cluster_agent_name_regex
/\A[a-z0-9]([-a-z0-9]*[a-z0-9])?\z/
end
def cluster_agent_name_regex_message
%q(can contain only lowercase letters, digits, and '-', but cannot start or end with '-')
end
def kubernetes_namespace_regex
/\A[a-z0-9]([-a-z0-9]*[a-z0-9])?\z/
end
def kubernetes_namespace_regex_message
"can contain only lowercase letters, digits, and '-'. " \
"Must start with a letter, and cannot end with '-'"
end
# Pod name adheres to DNS Subdomain Names(RFC 1123) naming convention
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names
def kubernetes_dns_subdomain_regex
/\A[a-z0-9]([a-z0-9\-\.]*[a-z0-9])?\z/
end
def environment_slug_regex
@environment_slug_regex ||= /\A[a-z]([a-z0-9-]*[a-z0-9])?\z/
end
def environment_slug_regex_message
"can contain only lowercase letters, digits, and '-'. " \
"Must start with a letter, and cannot end with '-'"
end
# The section start, e.g. section_start:12345678:NAME
def logs_section_prefix_regex
/section_((?:start)|(?:end)):(\d+):([a-zA-Z0-9_.-]+)/
end
# The optional section options, e.g. [collapsed=true]
def logs_section_options_regex
/(\[(?:\w+=\w+)(?:, ?(?:\w+=\w+))*\])?/
end
# The region end, always: \r\e\[0K
def logs_section_suffix_regex
/\r\033\[0K/
end
def build_trace_section_regex
@build_trace_section_regexp ||= %r{
#{logs_section_prefix_regex}
#{logs_section_options_regex}
#{logs_section_suffix_regex}
}x
end
MARKDOWN_CODE_BLOCK_REGEX = %r{
(?<code>
# Code blocks:
# ```
# Anything, including `>>>` blocks which are ignored by this filter
# ```
^```
.+?
\n```\ *$
)
}mx
# Code blocks:
# ```
# Anything, including `>>>` blocks which are ignored by this filter
# ```
MARKDOWN_CODE_BLOCK_REGEX_UNTRUSTED =
'(?P<code>' \
'^```.*?\n' \
'(?:\n|.)*?' \
'\n```\ *$' \
')'
MARKDOWN_HTML_BLOCK_REGEX = %r{
(?<html>
# HTML block:
# <tag>
# Anything, including `>>>` blocks which are ignored by this filter
# </tag>
^<[^>]+?>\ *\n
.+?
\n<\/[^>]+?>\ *$
)
}mx
# HTML block:
# <tag>
# Anything, including `>>>` blocks which are ignored by this filter
# </tag>
MARKDOWN_HTML_BLOCK_REGEX_UNTRUSTED =
'(?P<html>' \
'^<[^>]+?>\ *\n' \
'(?:\n|.)*?' \
'\n<\/[^>]+?>\ *$' \
')'
# HTML comment line:
# <!-- some commented text -->
MARKDOWN_HTML_COMMENT_LINE_REGEX_UNTRUSTED =
'(?P<html_comment_line>' \
'^<!--\ .*?\ -->\ *$' \
')'
MARKDOWN_HTML_COMMENT_BLOCK_REGEX_UNTRUSTED =
'(?P<html_comment_block>' \
'^<!--.*?\n' \
'(?:\n|.)*?' \
'\n.*?-->\ *$' \
')'
def markdown_code_or_html_blocks
@markdown_code_or_html_blocks ||= %r{
#{MARKDOWN_CODE_BLOCK_REGEX}
|
#{MARKDOWN_HTML_BLOCK_REGEX}
}mx
end
def markdown_code_or_html_blocks_untrusted
@markdown_code_or_html_blocks_untrusted ||=
"#{MARKDOWN_CODE_BLOCK_REGEX_UNTRUSTED}" \
"|" \
"#{MARKDOWN_HTML_BLOCK_REGEX_UNTRUSTED}"
end
def markdown_code_or_html_comments_untrusted
@markdown_code_or_html_comments_untrusted ||=
"#{MARKDOWN_CODE_BLOCK_REGEX_UNTRUSTED}" \
"|" \
"#{MARKDOWN_HTML_COMMENT_LINE_REGEX_UNTRUSTED}" \
"|" \
"#{MARKDOWN_HTML_COMMENT_BLOCK_REGEX_UNTRUSTED}"
end
def markdown_code_or_html_blocks_or_html_comments_untrusted
@markdown_code_or_html_comments_untrusted ||=
"#{MARKDOWN_CODE_BLOCK_REGEX_UNTRUSTED}" \
"|" \
"#{MARKDOWN_HTML_BLOCK_REGEX_UNTRUSTED}" \
"|" \
"#{MARKDOWN_HTML_COMMENT_LINE_REGEX_UNTRUSTED}" \
"|" \
"#{MARKDOWN_HTML_COMMENT_BLOCK_REGEX_UNTRUSTED}"
end
# Based on Jira's project key format
# https://confluence.atlassian.com/adminjiraserver073/changing-the-project-key-format-861253229.html
# Avoids linking CVE IDs (https://cve.mitre.org/cve/identifiers/syntaxchange.html#new) as Jira issues.
# CVE IDs use the format of CVE-YYYY-NNNNNNN
def jira_issue_key_regex(expression_escape: '\b')
/#{expression_escape}(?!CVE-\d+-\d+)[A-Z][A-Z_0-9]+-\d+/
end
def jira_issue_key_project_key_extraction_regex
@jira_issue_key_project_key_extraction_regex ||= /-\d+/
end
def jira_transition_id_regex
@jira_transition_id_regex ||= /\d+/
end
def breakline_regex
@breakline_regex ||= /\r\n|\r|\n/
end
# https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html
def aws_account_id_regex
/\A\d{12}\z/
end
def aws_account_id_message
'must be a 12-digit number'
end
# https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
def aws_arn_regex
/\Aarn:\S+\z/
end
def aws_arn_regex_message
'must be a valid Amazon Resource Name'
end
def utc_date_regex
@utc_date_regex ||= /\A[0-9]{4}-[0-9]{2}-[0-9]{2}\z/
end
def issue
@issue ||= /(?<issue>\d+)(?<format>\+s{,1})?(?=\W|\z)/
end
def work_item
@work_item ||= /(?<work_item>\d+)(?<format>\+s{,1})?(?=\W|\z)/
end
def base64_regex
@base64_regex ||= %r{(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?}
end
def feature_flag_regex
/\A[a-z]([-_a-z0-9]*[a-z0-9])?\z/
end
# One or more `part`s, separated by separator
def sep_by_1(separator, part)
%r{#{part} (#{separator} #{part})*}x
end
def x509_subject_key_identifier_regex
@x509_subject_key_identifier_regex ||= /\A(?:\h{2}:)*\h{2}\z/
end
def ml_model_name_regex
package_name_regex
end
def ml_model_file_name_regex
maven_file_name_regex
end
end
end
Gitlab::Regex.prepend_mod
|
