From 1dd1da163823c78726522d7cbafd50dc01dd72c1 Mon Sep 17 00:00:00 2001
From: Thijs Louisse <Thijs.Louisse@ing.com>
Date: Thu, 12 May 2022 17:06:37 +0200
Subject: [PATCH] chore: only scan for allowed registries in yarn.lock

---
 scripts/yarn-lock-scan.js | 20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/scripts/yarn-lock-scan.js b/scripts/yarn-lock-scan.js
index f4274850a..a8af0a3c1 100644
--- a/scripts/yarn-lock-scan.js
+++ b/scripts/yarn-lock-scan.js
@@ -1,10 +1,16 @@
 const fs = require('fs');
 const path = require('path');
 
-const yarnLockPath = './yarn.lock';
-const data = fs.readFileSync(path.resolve(yarnLockPath), 'utf8');
-if (data.match(/artifactory/g)) {
-  throw new Error(
-    'Artifactory references in your yarn.lock! Please make sure you are using a public npm registry when downloading your dependencies!',
-  );
-}
+const lockFileContent = fs.readFileSync(path.resolve('./yarn.lock'), 'utf8');
+
+const allowedRegistries = ['registry.yarnpkg.com', 'registry.npmjs.org'];
+const resolvedUrls = lockFileContent.match(/"https:.*"/g);
+resolvedUrls.forEach(url => {
+  const [, registry] = url.match(/^"https:\/\/(.*?)\/.*"$/) || [];
+  if (!allowedRegistries.includes(registry)) {
+    throw new Error(
+      `Disallowed registries ("${registry}") in your yarn.lock!
+      Please make sure you are using a public npm registry when downloading your dependencies!`,
+    );
+  }
+});