Update DV access key regex to be more selective

This should address the code-scanning alert https://github.com/gradle/actions/security/code-scanning/1
gradle · Jun 13, 2024 · 433fceb · 433fceb
1 parent e3bc05f
commit 433fceb
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/sources/src/develocity/short-lived-token.ts b/sources/src/develocity/short-lived-token.ts
@@ -156,7 +156,7 @@ type HostnameAccessKey = {
 }
 
 export class DevelocityAccessCredentials {
-    static readonly accessKeyRegexp = /^(\S+=\w+)(;\S+=\w+)*$/
+    static readonly accessKeyRegexp = /^([^;=\s]+=\w+)(;[^;=\s]+=\w+)*$/
     readonly keys: HostnameAccessKey[]
 
     private constructor(allKeys: HostnameAccessKey[]) {
@@ -201,6 +201,6 @@ export class DevelocityAccessCredentials {
     }
 
     private static isValid(allKeys: string): boolean {
-        return this.accessKeyRegexp.test(allKeys)
+        return this.accessKeyRegexp.test(allKeys) && this.accessKeyRegexp2.test(allKeys)
     }
 }