Don't match email addresses or foo@bar as user referencesdm-emails-are-not-user-references

3 files changed, 10 insertions, 0 deletions

diff --git a/app/models/user.rb b/app/models/user.rb
index 9aad327b592..9e13e91536d 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -369,6 +369,7 @@ class User < ActiveRecord::Base
     # Pattern used to extract `@user` user references from text
     def reference_pattern
       %r{
+        (?<!\w)
         #{Regexp.escape(reference_prefix)}
         (?<user>#{Gitlab::PathRegex::FULL_NAMESPACE_FORMAT_REGEX})
       }x
diff --git a/changelogs/unreleased/dm-emails-are-not-user-references.yml b/changelogs/unreleased/dm-emails-are-not-user-references.yml
new file mode 100644
index 00000000000..fe55a75a88f
--- /dev/null
+++ b/changelogs/unreleased/dm-emails-are-not-user-references.yml
@@ -0,0 +1,4 @@
+---
+title: Don't match email addresses or foo@bar as user references
+merge_request:
+author:
diff --git a/spec/lib/banzai/filter/user_reference_filter_spec.rb b/spec/lib/banzai/filter/user_reference_filter_spec.rb
index 63b23dac7ed..edf3846b742 100644
--- a/spec/lib/banzai/filter/user_reference_filter_spec.rb
+++ b/spec/lib/banzai/filter/user_reference_filter_spec.rb
@@ -16,6 +16,11 @@ describe Banzai::Filter::UserReferenceFilter, lib: true do
     expect(reference_filter(act).to_html).to eq(exp)
   end
 
+  it 'ignores references with text before the @ sign' do
+    exp = act = "Hey foo#{reference}"
+    expect(reference_filter(act).to_html).to eq(exp)
+  end
+
   %w(pre code a style).each do |elem|
     it "ignores valid references contained inside '#{elem}' element" do
       exp = act = "<#{elem}>Hey #{reference}</#{elem}>"