Make CI refs matching to to use UntrustedRegexp

This makes ref validation to use always `UntrustedRegexp`. This also splits the existing RubySyntax into separate class.
author: Kamil Trzciński <ayufan@ayufan.eu> 2019-02-25 15:41:52 +0100
committer: Kamil Trzciński <ayufan@ayufan.eu> 2019-03-15 14:38:28 +0100
commit: b22287f00fc10800486510c64139b4fefb38ac4c (patch)
tree: abcc545f4dafe74b9338a351dc3e095b1c82bef8 /spec/support
parent: 80fea82f3ab6afd486884020710eb01c06b048d9 (diff)
download: gitlab-ce-b22287f00fc10800486510c64139b4fefb38ac4c.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/spec/support/shared_examples/malicious_regexp_shared_examples.rb b/spec/support/shared_examples/malicious_regexp_shared_examples.rb
index db69b75c0c8..a86050e2cf2 100644
--- a/spec/support/shared_examples/malicious_regexp_shared_examples.rb
+++ b/spec/support/shared_examples/malicious_regexp_shared_examples.rb
@@ -2,7 +2,8 @@ require 'timeout'
 
 shared_examples 'malicious regexp' do
   let(:malicious_text) { 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa!' }
-  let(:malicious_regexp) { '(?i)^(([a-z])+.)+[A-Z]([a-z])+$' }
+  let(:malicious_regexp_re2) { '(?i)^(([a-z])+.)+[A-Z]([a-z])+$' }
+  let(:malicious_regexp_ruby) { '/^(([a-z])+.)+[A-Z]([a-z])+$/i' }
 
   it 'takes under a second' do
     expect { Timeout.timeout(1) { subject } }.not_to raise_error
author	Kamil Trzciński <ayufan@ayufan.eu>	2019-02-25 15:41:52 +0100
committer	Kamil Trzciński <ayufan@ayufan.eu>	2019-03-15 14:38:28 +0100
commit	b22287f00fc10800486510c64139b4fefb38ac4c (patch)
tree	abcc545f4dafe74b9338a351dc3e095b1c82bef8 /spec/support
parent	80fea82f3ab6afd486884020710eb01c06b048d9 (diff)
download	gitlab-ce-b22287f00fc10800486510c64139b4fefb38ac4c.tar.gz