fix(telegram_bot_token): Regex must match just bot tokens #878
+3
−2
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR fixes a bug with the TelegramBotToken since some AWS ARNs were matched against it due to the regex configured in the
deny_list
.The following AWS ARN
arn:aws:sns:aaa:111122223333:aaaaaaaaaaaaaaaaaaassssssdddddddddddd
matches against the TelegramBotToken when theverify
option is not enabled, but it should not be needed to be verified since it is not.This match because the regex is not enough restrictive from the beginning and the end.
What is the new behaviour (if this is a feature change)?
Add the start-of-line
^
and end-of-line$
character to reduce false positives.Does this PR introduce a breaking change?
No.