gitlab-username_bot_identifier 1.0.4 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9935b476a0772606b980aeef481ec29270bde310311333b2bdb79fee9a24f73e
-  data.tar.gz: f0de479d4e5e0ed51514f65dc6b9ca7b48747bf87742211597b55286ef8d83bd
+  metadata.gz: 523aa4ed0ddfe881341fcfc16a9fc4c1bae7ebf841ab1b7580f26eef99d83b2f
+  data.tar.gz: c760661cf591949101cdd64d04e04b327a5c6b175835961699026a384a03988b
 SHA512:
-  metadata.gz: d08e1a0b66ea8e6cbeb69d5ad7d33a109e5d2ab7980921cdc72d6fe79a78e7a1b8981d4a22f176ec77c67b320970b3720f7629c89ec88a39ebff345a2a5ca8f4
-  data.tar.gz: f7caddf751e71b6356d7a92a952c623711d3e1bbf43db15c7d4199754918df369a89f20e8812fe3e4f9e2152f14fd9c9f38a45d58b796a559caa678e464f6a08
+  metadata.gz: 6e3b7437c44c5c1df8672fdab484ce035360d97ca49e121739bba74ab428e1573b6d950602ec8523df823d90cd9e6aba6dcc978386967f575e3327ff04e75e8a
+  data.tar.gz: 67dd3daaa65a3c571d6b1668b4b84c6d5f4c4730fd43330325d633c04798d6037331e2f77ed9409aff6bad00115660d77ba1cec8909d2c39a99ceff7d564da1b

data/lib/gitlab/username_bot_identifier.rb

@@ -32,9 +32,10 @@ module Gitlab
     # Can be spoofed (e.g. someone can register project_1_bot, project_2_bot_abc123)
     PROJECT_ACCESS_TOKEN_REGEX = /^project_\d+_bot_?\w*$/.freeze
     GROUP_ACCESS_TOKEN_REGEX = /^group_\d+_bot_?\w*$/.freeze
+    SERVICE_ACCOUNT_REGEX = /^service_account_group_\d+_?\w*$/.freeze
 
-    # Used as best practive by GitLab team members when creating "service accounts"
-    SERVICE_ACCOUNT_REGEX = /^gl-service-[-\w]+$/.freeze
+    # Used as best practice by GitLab team members when creating "service accounts"
+    KNOWN_SERVICE_ACCOUNT_REGEX = /^gl-service-[-\w]+$/.freeze
 
     def initialize(username)
       @username = username
@@ -52,8 +53,11 @@ module Gitlab
       username == GHOST_ACCOUNT
     end
 
-    def service_account?
-      username.match?(SERVICE_ACCOUNT_REGEX)
+    # "known service accounts" are accounts that match the naming convention of service accounts
+    # registered by GitLab team members. These accounts are regular user accounts that are used
+    # in automations.
+    def known_service_account?
+      username.match?(KNOWN_SERVICE_ACCOUNT_REGEX)
     end
 
     def project_access_token?
@@ -64,6 +68,12 @@ module Gitlab
       username.match?(GROUP_ACCESS_TOKEN_REGEX)
     end
 
+    # "service accounts" are accounts that were created through the service accounts feature.
+    # See https://docs.gitlab.com/ee/user/profile/service_accounts.html
+    def service_account?
+      username.match?(SERVICE_ACCOUNT_REGEX)
+    end
+
     def project_or_group_access_token?
       project_access_token? ||
         group_access_token?
@@ -71,15 +81,17 @@ module Gitlab
 
     def bot?
       known_bot? ||
-        service_account? ||
-        project_or_group_access_token?
+        known_service_account? ||
+        project_or_group_access_token? ||
+        service_account?
     end
 
     def ignorable_account?
       known_bot? ||
         ghost? ||
-        service_account? ||
-        project_or_group_access_token?
+        known_service_account? ||
+        project_or_group_access_token? ||
+        service_account?
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: gitlab-username_bot_identifier
 version: !ruby/object:Gem::Version
-  version: 1.0.4
+  version: 2.0.0
 platform: ruby
 authors:
 - Lee Tickett
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-01-10 00:00:00.000000000 Z
+date: 2024-05-21 00:00:00.000000000 Z
 dependencies: []
 description:
 email:
@@ -42,7 +42,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.26
+rubygems_version: 3.3.27
 signing_key:
 specification_version: 4
 summary: Parse GitLab usernames to determine whether they appear to be bots.