Merge pull request dependabot#5444 from jeffwidman/fix-security-alert…

…-unescaped-regex Fix incomplete regular expression for hostnames
jeffwidman · Jul 29, 2022 · 24f9ee3 · 24f9ee3
2 parents 3852316 + aa20be6
commit 24f9ee3
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/docker/lib/dependabot/docker/file_parser.rb b/docker/lib/dependabot/docker/file_parser.rb
@@ -32,7 +32,7 @@ class FileParser < Dependabot::FileParsers::Base
         %r{^#{FROM}\s+(#{PLATFORM}\s+)?(#{REGISTRY}/)?
           #{IMAGE}#{TAG}?#{DIGEST}?#{NAME}?}x.freeze
 
-      AWS_ECR_URL = /dkr\.ecr\.(?<region>[^.]+).amazonaws\.com/.freeze
+      AWS_ECR_URL = /dkr\.ecr\.(?<region>[^.]+)\.amazonaws\.com/.freeze
 
       def parse
         dependency_set = DependencySet.new

diff --git a/docker/lib/dependabot/docker/utils/credentials_finder.rb b/docker/lib/dependabot/docker/utils/credentials_finder.rb
@@ -9,7 +9,7 @@ module Dependabot
   module Docker
     module Utils
       class CredentialsFinder
-        AWS_ECR_URL = /dkr\.ecr\.(?<region>[^.]+).amazonaws\.com/.freeze
+        AWS_ECR_URL = /dkr\.ecr\.(?<region>[^.]+)\.amazonaws\.com/.freeze
 
         def initialize(credentials)
           @credentials = credentials