Browse Source

Restrict package names a bit more to avoid abuse

Jordi Boggiano 12 years ago
parent
commit
83a3eb026f
1 changed files with 2 additions and 2 deletions
  1. 2 2
      src/Packagist/WebBundle/Entity/Package.php

+ 2 - 2
src/Packagist/WebBundle/Entity/Package.php

@@ -165,8 +165,8 @@ class Package
                 return;
             }
 
-            if (!preg_match('{^[a-z0-9_.-]+/[a-z0-9_.-]+$}i', $information['name'])) {
-                $context->addViolationAtSubPath($property, 'The package name '.$information['name'].' is invalid, it should have a vendor name, a forward slash, and a package name, matching <em>[a-z0-9_.-]+/[a-z0-9_.-]+</em>.', array(), null);
+            if (!preg_match('{^[a-z0-9]([_.-]?[a-z0-9]+)*/[a-z0-9]([_.-]?[a-z0-9]+)*$}i', $information['name'])) {
+                $context->addViolationAtSubPath($property, 'The package name '.$information['name'].' is invalid, it should have a vendor name, a forward slash, and a package name. The vendor and package name can be words separated by -, . or _. The complete name should match "[a-z0-9]([_.-]?[a-z0-9]+)*/[a-z0-9]([_.-]?[a-z0-9]+)*".', array(), null);
                 return;
             }