Skip to content

Commit

Permalink
Refactor subject pattern validation in validatePrTitle.js
Browse files Browse the repository at this point in the history
  • Loading branch information
EelcoLos committed Jan 31, 2024
1 parent 67cbd7a commit fbc342b
Showing 1 changed file with 29 additions and 1 deletion.
30 changes: 29 additions & 1 deletion src/validatePrTitle.js
Original file line number Diff line number Diff line change
Expand Up @@ -120,7 +120,35 @@ module.exports = async function validatePrTitle(
}

if (subjectPattern) {
const match = result.subject.match(new RegExp(subjectPattern));
// eslint-disable-next-line no-inner-declarations

// Define a whitelist of allowed special characters
const allowedSpecialChars = [
'.',
'*',
'+',
'?',
'^',
'$',
'{',
'}',
'(',
')',
'|',
'[',
']',
'\\'
];

// Escape all special characters that are not in the whitelist
const sanitizedPattern = subjectPattern.replace(
/([.*+?^${}()|[\]\\])/g,
(match) => (allowedSpecialChars.includes(match) ? match : `\\${match}`)
);

const regex = new RegExp(sanitizedPattern);

const match = result.subject.match(regex);

if (!match) {
throwSubjectPatternError(
Expand Down

0 comments on commit fbc342b

Please sign in to comment.