gitlab-username_bot_identifier 1.0.4 → 2.0.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9935b476a0772606b980aeef481ec29270bde310311333b2bdb79fee9a24f73e
4
- data.tar.gz: f0de479d4e5e0ed51514f65dc6b9ca7b48747bf87742211597b55286ef8d83bd
3
+ metadata.gz: 523aa4ed0ddfe881341fcfc16a9fc4c1bae7ebf841ab1b7580f26eef99d83b2f
4
+ data.tar.gz: c760661cf591949101cdd64d04e04b327a5c6b175835961699026a384a03988b
5
5
  SHA512:
6
- metadata.gz: d08e1a0b66ea8e6cbeb69d5ad7d33a109e5d2ab7980921cdc72d6fe79a78e7a1b8981d4a22f176ec77c67b320970b3720f7629c89ec88a39ebff345a2a5ca8f4
7
- data.tar.gz: f7caddf751e71b6356d7a92a952c623711d3e1bbf43db15c7d4199754918df369a89f20e8812fe3e4f9e2152f14fd9c9f38a45d58b796a559caa678e464f6a08
6
+ metadata.gz: 6e3b7437c44c5c1df8672fdab484ce035360d97ca49e121739bba74ab428e1573b6d950602ec8523df823d90cd9e6aba6dcc978386967f575e3327ff04e75e8a
7
+ data.tar.gz: 67dd3daaa65a3c571d6b1668b4b84c6d5f4c4730fd43330325d633c04798d6037331e2f77ed9409aff6bad00115660d77ba1cec8909d2c39a99ceff7d564da1b
@@ -32,9 +32,10 @@ module Gitlab
32
32
  # Can be spoofed (e.g. someone can register project_1_bot, project_2_bot_abc123)
33
33
  PROJECT_ACCESS_TOKEN_REGEX = /^project_\d+_bot_?\w*$/.freeze
34
34
  GROUP_ACCESS_TOKEN_REGEX = /^group_\d+_bot_?\w*$/.freeze
35
+ SERVICE_ACCOUNT_REGEX = /^service_account_group_\d+_?\w*$/.freeze
35
36
 
36
- # Used as best practive by GitLab team members when creating "service accounts"
37
- SERVICE_ACCOUNT_REGEX = /^gl-service-[-\w]+$/.freeze
37
+ # Used as best practice by GitLab team members when creating "service accounts"
38
+ KNOWN_SERVICE_ACCOUNT_REGEX = /^gl-service-[-\w]+$/.freeze
38
39
 
39
40
  def initialize(username)
40
41
  @username = username
@@ -52,8 +53,11 @@ module Gitlab
52
53
  username == GHOST_ACCOUNT
53
54
  end
54
55
 
55
- def service_account?
56
- username.match?(SERVICE_ACCOUNT_REGEX)
56
+ # "known service accounts" are accounts that match the naming convention of service accounts
57
+ # registered by GitLab team members. These accounts are regular user accounts that are used
58
+ # in automations.
59
+ def known_service_account?
60
+ username.match?(KNOWN_SERVICE_ACCOUNT_REGEX)
57
61
  end
58
62
 
59
63
  def project_access_token?
@@ -64,6 +68,12 @@ module Gitlab
64
68
  username.match?(GROUP_ACCESS_TOKEN_REGEX)
65
69
  end
66
70
 
71
+ # "service accounts" are accounts that were created through the service accounts feature.
72
+ # See https://docs.gitlab.com/ee/user/profile/service_accounts.html
73
+ def service_account?
74
+ username.match?(SERVICE_ACCOUNT_REGEX)
75
+ end
76
+
67
77
  def project_or_group_access_token?
68
78
  project_access_token? ||
69
79
  group_access_token?
@@ -71,15 +81,17 @@ module Gitlab
71
81
 
72
82
  def bot?
73
83
  known_bot? ||
74
- service_account? ||
75
- project_or_group_access_token?
84
+ known_service_account? ||
85
+ project_or_group_access_token? ||
86
+ service_account?
76
87
  end
77
88
 
78
89
  def ignorable_account?
79
90
  known_bot? ||
80
91
  ghost? ||
81
- service_account? ||
82
- project_or_group_access_token?
92
+ known_service_account? ||
93
+ project_or_group_access_token? ||
94
+ service_account?
83
95
  end
84
96
  end
85
97
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: gitlab-username_bot_identifier
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.4
4
+ version: 2.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Lee Tickett
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-01-10 00:00:00.000000000 Z
11
+ date: 2024-05-21 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description:
14
14
  email:
@@ -42,7 +42,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
42
42
  - !ruby/object:Gem::Version
43
43
  version: '0'
44
44
  requirements: []
45
- rubygems_version: 3.3.26
45
+ rubygems_version: 3.3.27
46
46
  signing_key:
47
47
  specification_version: 4
48
48
  summary: Parse GitLab usernames to determine whether they appear to be bots.