From 9d235c0c634f8231eb44d77496b02d9b4a2415f0 Mon Sep 17 00:00:00 2001
From: Louis Grasset <louisgrasset@users.noreply.github.com>
Date: Fri, 20 Oct 2023 15:12:38 +0200
Subject: [PATCH] fix(security): address sonar vulnerabilities (#39)

---
 Dockerfile                                       | 7 ++++++-
 src/helpers/tweet/get-tweet-id-from-permalink.ts | 2 +-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index f83e0e3..1cbb9af 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,12 +1,17 @@
 FROM node:lts
 
+RUN groupadd --system bot \
+    &&  useradd --system bot -g bot
+
 WORKDIR /app
 
 COPY src/ /app/src
 COPY package.json package-lock.json tsconfig.json .eslintrc.json /app/
 
-RUN npm ci && npm run build
+RUN npm ci --ignore-scripts && npm run build
 
 RUN echo "" > .env
 
+USER bot
+
 CMD node /app/dist/index.js $ENV_FILE
diff --git a/src/helpers/tweet/get-tweet-id-from-permalink.ts b/src/helpers/tweet/get-tweet-id-from-permalink.ts
index be9bc33..1266e8a 100644
--- a/src/helpers/tweet/get-tweet-id-from-permalink.ts
+++ b/src/helpers/tweet/get-tweet-id-from-permalink.ts
@@ -1 +1 @@
-export const getTweetIdFromPermalink = (url: string): string => url.match(/\d+$/)?.[0] || '';
+export const getTweetIdFromPermalink = (url: string): string => url.match(/\d{19}$/)?.[0] || '';