src/Hydra/lib/Hydra/Controller/Build.pm

@@ -7,11 +7,6 @@ use Hydra::Helper::Nix;
 use Hydra::Helper::CatalystUtils;
 
 
-# Security checking of filenames.
-my $pathCompRE = "(?:[A-Za-z0-9-\+][A-Za-z0-9-\+\._]*)";
-my $relPathRE = "(?:$pathCompRE(?:\/$pathCompRE)*)";
-
-
 sub build : Chained('/') PathPart CaptureArgs(1) {
     my ($self, $c, $id) = @_;
     

src/Hydra/lib/Hydra/Controller/Root.pm

@@ -352,7 +352,7 @@ sub updateProject {
 
         # The Nix expression path must be relative and can't contain ".." elements.
         my $nixExprPath = trim $c->request->params->{"jobset-$baseName-nixexprpath"};
-        die "Invalid Nix expression path: $nixExprPath" if $nixExprPath !~ /^$Build::relPathRE$/;
+        die "Invalid Nix expression path: $nixExprPath" if $nixExprPath !~ /^$relPathRE$/;
 
         my $nixExprInput = trim $c->request->params->{"jobset-$baseName-nixexprinput"};
         die "Invalid Nix expression input name: $nixExprInput" unless $nixExprInput =~ /^\w+$/;

src/Hydra/lib/Hydra/Helper/CatalystUtils.pm

@@ -2,9 +2,13 @@ package Hydra::Helper::CatalystUtils;
 
 use strict;
 use Exporter;
+use Readonly;
 
 our @ISA = qw(Exporter);
-our @EXPORT = qw(getBuild error notFound);
+our @EXPORT = qw(
+    getBuild error notFound
+    $pathCompRE $relPathRE
+);
 
 
 sub getBuild {
@@ -28,4 +32,9 @@ sub notFound {
 }
 
 
+# Security checking of filenames.
+Readonly::Scalar our $pathCompRE => "(?:[A-Za-z0-9-\+][A-Za-z0-9-\+\._]*)";
+Readonly::Scalar our $relPathRE  => "(?:$pathCompRE(?:\/$pathCompRE)*)";
+
+
 1;